1 # 2 # Copyright (c) 2009, 2014, Oracle and/or its affiliates. All rights reserved. 3 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 # 5 # This code is free software; you can redistribute it and/or modify it 6 # under the terms of the GNU General Public License version 2 only, as 7 # published by the Free Software Foundation. 8 # 9 # This code is distributed in the hope that it will be useful, but WITHOUT 10 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 # FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 # version 2 for more details (a copy is included in the LICENSE file that 13 # accompanied this code). 14 # 15 # You should have received a copy of the GNU General Public License version 16 # 2 along with this work; if not, write to the Free Software Foundation, 17 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 # 19 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 # or visit www.oracle.com if you need additional information or have any 21 # questions. 22 # 23 24 # @test 25 # @bug 6802846 8172529 26 # @summary jarsigner needs enhanced cert validation(options) 27 # 28 # @run shell/timeout=240 concise_jarsigner.sh 29 # 30 31 if [ "${TESTJAVA}" = "" ] ; then 32 JAVAC_CMD=`which javac` 33 TESTJAVA=`dirname $JAVAC_CMD`/.. 34 fi 35 36 # set platform-dependent variables 37 OS=`uname -s` 38 case "$OS" in 39 Windows_* ) 40 FS="\\" 41 ;; 42 * ) 43 FS="/" 44 ;; 45 esac 46 47 # Choose 1024-bit RSA to make sure it runs fine and fast on all platforms. In 48 # fact, every keyalg/keysize combination is OK for this test. 49 50 TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US" 51 52 KS=js.ks 53 KT="$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -storepass changeit -keypass changeit -keystore $KS -keyalg rsa -keysize 1024" 54 JAR="$TESTJAVA${FS}bin${FS}jar ${TESTTOOLVMOPTS}" 55 JARSIGNER="$TESTJAVA${FS}bin${FS}jarsigner ${TESTTOOLVMOPTS} -debug" 56 JAVAC="$TESTJAVA${FS}bin${FS}javac ${TESTTOOLVMOPTS} ${TESTJAVACOPTS}" 57 58 rm $KS 59 60 echo class A1 {} > A1.java 61 echo class A2 {} > A2.java 62 echo class A3 {} > A3.java 63 echo class A4 {} > A4.java 64 echo class A5 {} > A5.java 65 echo class A6 {} > A6.java 66 67 $JAVAC A1.java A2.java A3.java A4.java A5.java A6.java 68 YEAR=`date +%Y` 69 70 # ========================================================== 71 # First part: output format 72 # ========================================================== 73 74 $KT -genkeypair -alias a1 -dname CN=a1 -validity 366 75 $KT -genkeypair -alias a2 -dname CN=a2 -validity 366 76 77 # a.jar includes 8 unsigned, 2 signed by a1 and a2, 2 signed by a3 78 $JAR cvf a.jar A1.class A2.class 79 $JARSIGNER -keystore $KS -storepass changeit a.jar a1 80 $JAR uvf a.jar A3.class A4.class 81 $JARSIGNER -keystore $KS -storepass changeit a.jar a2 82 $JAR uvf a.jar A5.class A6.class 83 84 # Verify OK 85 $JARSIGNER -verify a.jar 86 [ $? = 0 ] || exit $LINENO 87 88 # 4(chainNotValidated)+16(hasUnsignedEntry) 89 $JARSIGNER -verify a.jar -strict 90 [ $? = 20 ] || exit $LINENO 91 92 # 16(hasUnsignedEntry) 93 $JARSIGNER -verify a.jar -strict -keystore $KS -storepass changeit 94 [ $? = 16 ] || exit $LINENO 95 96 # 16(hasUnsignedEntry)+32(notSignedByAlias) 97 $JARSIGNER -verify a.jar a1 -strict -keystore $KS -storepass changeit 98 [ $? = 48 ] || exit $LINENO 99 100 # 16(hasUnsignedEntry) 101 $JARSIGNER -verify a.jar a1 a2 -strict -keystore $KS -storepass changeit 102 [ $? = 16 ] || exit $LINENO 103 104 # 12 entries all together 105 LINES=`$JARSIGNER -verify a.jar -verbose | grep $YEAR | wc -l` 106 [ $LINES = 12 ] || exit $LINENO 107 108 # 12 entries all listed 109 LINES=`$JARSIGNER -verify a.jar -verbose:grouped | grep $YEAR | wc -l` 110 [ $LINES = 12 ] || exit $LINENO 111 112 # 4 groups: MANIFST, unrelated, signed, unsigned 113 LINES=`$JARSIGNER -verify a.jar -verbose:summary | grep $YEAR | wc -l` 114 [ $LINES = 4 ] || exit $LINENO 115 116 # still 4 groups, but MANIFEST group has no other file 117 LINES=`$JARSIGNER -verify a.jar -verbose:summary | grep "more)" | wc -l` 118 [ $LINES = 3 ] || exit $LINENO 119 120 # 5 groups: MANIFEST, unrelated, signed by a1/a2, signed by a2, unsigned 121 LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep $YEAR | wc -l` 122 [ $LINES = 5 ] || exit $LINENO 123 124 # 2 for MANIFEST, 2*2 for A1/A2, 2 for A3/A4 125 LINES=`$JARSIGNER -verify a.jar -verbose -certs | grep "\[certificate" | wc -l` 126 [ $LINES = 8 ] || exit $LINENO 127 128 # a1,a2 for MANIFEST, a1,a2 for A1/A2, a2 for A3/A4 129 LINES=`$JARSIGNER -verify a.jar -verbose:grouped -certs | grep "\[certificate" | wc -l` 130 [ $LINES = 5 ] || exit $LINENO 131 132 # a1,a2 for MANIFEST, a1,a2 for A1/A2, a2 for A3/A4 133 LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep "\[certificate" | wc -l` 134 [ $LINES = 5 ] || exit $LINENO 135 136 # still 5 groups, but MANIFEST group has no other file 137 LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep "more)" | wc -l` 138 [ $LINES = 4 ] || exit $LINENO 139 140 # ========================================================== 141 # Second part: exit code 2, 4, 8. 142 # 16 and 32 already covered in the first part 143 # ========================================================== 144 145 $KT -genkeypair -alias ca -dname CN=ca -ext bc -validity 365 146 $KT -genkeypair -alias expired -dname CN=expired 147 $KT -certreq -alias expired | $KT -gencert -alias ca -startdate -10m | $KT -import -alias expired 148 $KT -genkeypair -alias notyetvalid -dname CN=notyetvalid 149 $KT -certreq -alias notyetvalid | $KT -gencert -alias ca -startdate +1m | $KT -import -alias notyetvalid 150 $KT -genkeypair -alias badku -dname CN=badku 151 $KT -certreq -alias badku | $KT -gencert -alias ca -ext KU=cRLSign -validity 365 | $KT -import -alias badku 152 $KT -genkeypair -alias badeku -dname CN=badeku 153 $KT -certreq -alias badeku | $KT -gencert -alias ca -ext EKU=sa -validity 365 | $KT -import -alias badeku 154 $KT -genkeypair -alias goodku -dname CN=goodku 155 $KT -certreq -alias goodku | $KT -gencert -alias ca -ext KU=dig -validity 365 | $KT -import -alias goodku 156 $KT -genkeypair -alias goodeku -dname CN=goodeku 157 $KT -certreq -alias goodeku | $KT -gencert -alias ca -ext EKU=codesign -validity 365 | $KT -import -alias goodeku 158 159 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar expired 160 [ $? = 4 ] || exit $LINENO 161 162 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar notyetvalid 163 [ $? = 4 ] || exit $LINENO 164 165 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar badku 166 [ $? = 8 ] || exit $LINENO 167 168 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar badeku 169 [ $? = 8 ] || exit $LINENO 170 171 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar goodku 172 [ $? = 0 ] || exit $LINENO 173 174 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar goodeku 175 [ $? = 0 ] || exit $LINENO 176 177 # badchain signed by ca1, but ca1 is removed later 178 $KT -genkeypair -alias badchain -dname CN=badchain -validity 365 179 $KT -genkeypair -alias ca1 -dname CN=ca1 -ext bc -validity 365 180 $KT -certreq -alias badchain | $KT -gencert -alias ca1 -validity 365 | \ 181 $KT -importcert -alias badchain 182 # save ca1.cert for easy replay 183 $KT -exportcert -file ca1.cert -alias ca1 184 $KT -delete -alias ca1 185 186 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar badchain 187 [ $? = 4 ] || exit $LINENO 188 189 $JARSIGNER -verify a.jar 190 [ $? = 0 ] || exit $LINENO 191 192 # ========================================================== 193 # Third part: -certchain test 194 # ========================================================== 195 196 # altchain signed by ca2 197 $KT -genkeypair -alias altchain -dname CN=altchain -validity 365 198 $KT -genkeypair -alias ca2 -dname CN=ca2 -ext bc -validity 365 199 $KT -certreq -alias altchain | $KT -gencert -alias ca2 -validity 365 -rfc > certchain 200 $KT -exportcert -alias ca2 -rfc >> certchain 201 202 # Self-signed cert does not work 203 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar altchain 204 [ $? = 4 ] || exit $LINENO 205 206 # -certchain works 207 $JARSIGNER -strict -keystore $KS -storepass changeit -certchain certchain a.jar altchain 208 [ $? = 0 ] || exit $LINENO 209 210 # if ca2 is removed, -certchain still work because altchain is a self-signed entry and 211 # it is trusted by jarsigner 212 # save ca2.cert for easy replay 213 $KT -exportcert -file ca2.cert -alias ca2 214 $KT -delete -alias ca2 215 $JARSIGNER -strict -keystore $KS -storepass changeit -certchain certchain a.jar altchain 216 [ $? = 0 ] || exit $LINENO 217 218 # if cert is imported, -certchain won't work because this certificate entry is not trusted 219 $KT -importcert -file certchain -alias altchain -noprompt 220 $JARSIGNER -strict -keystore $KS -storepass changeit -certchain certchain a.jar altchain 221 [ $? = 4 ] || exit $LINENO 222 223 $JARSIGNER -verify a.jar 224 [ $? = 0 ] || exit $LINENO 225 226 # ========================================================== 227 # 8172529 228 # ========================================================== 229 230 $KT -genkeypair -alias ee -dname CN=ee 231 $KT -genkeypair -alias caone -dname CN=caone 232 $KT -genkeypair -alias catwo -dname CN=catwo 233 234 $KT -certreq -alias ee | $KT -gencert -alias catwo -rfc > ee.cert 235 $KT -certreq -alias catwo | $KT -gencert -alias caone -sigalg MD5withRSA -rfc > catwo.cert 236 237 # This certchain contains a cross-signed weak catwo.cert 238 cat ee.cert catwo.cert | $KT -importcert -alias ee -noprompt 239 240 $JAR cvf a.jar A1.class 241 $JARSIGNER -strict -keystore $KS -storepass changeit a.jar ee 242 [ $? = 0 ] || exit $LINENO 243 $JARSIGNER -strict -keystore $KS -storepass changeit -verify a.jar 244 [ $? = 0 ] || exit $LINENO 245 246 echo OK 247 exit 0