1 /*
2 * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 import jdk.testlibrary.OutputAnalyzer;
25
26 /**
27 * Base class.
28 */
29 public abstract class Test {
30
31 static final String TEST_SOURCES = System.getProperty("test.src", ".");
32 static final String TEST_CLASSES = System.getProperty("test.classes");
33 static final String FS = System.getProperty("file.separator");
34 static final String JAVA_HOME = System.getProperty("java.home");
35 static final String KEYTOOL = JAVA_HOME + FS + "bin" + FS + "keytool";
36 static final String JARSIGNER = JAVA_HOME + FS + "bin" + FS + "jarsigner";
37 static final String UNSIGNED_JARFILE = "unsigned.jar";
38 static final String SIGNED_JARFILE = "signed.jar";
39 static final String UPDATED_SIGNED_JARFILE = "updated_signed.jar";
40 static final String FIRST_FILE = "first.txt";
41 static final String SECOND_FILE = "second.txt";
42 static final String PASSWORD = "password";
43 static final String BOTH_KEYS_KEYSTORE = "both_keys.jks";
44 static final String FIRST_KEY_KEYSTORE = "first_key.jks";
45 static final String KEYSTORE = "keystore.jks";
46 static final String FIRST_KEY_ALIAS = "first";
47 static final String SECOND_KEY_ALIAS = "second";
48 static final String KEY_ALG = "RSA";
49 static final String KEY_ALIAS = "alias";
50 static final String CERT_REQUEST_FILENAME = "test.req";
51 static final String CERT_FILENAME = "test.crt";
52 static final String CA_KEY_ALIAS = "ca";
53 static final int KEY_SIZE = 2048;
54 static final int TIMEOUT = 6 * 60 * 1000; // in millis
55 static final int VALIDITY = 365;
56
57 static final String WARNING = "Warning:";
58
59 static final String CHAIN_NOT_VALIDATED_VERIFYING_WARNING
60 = "This jar contains entries "
61 + "whose certificate chain is not validated.";
62
63 static final String ALIAS_NOT_IN_STORE_VERIFYING_WARNING
64 = "This jar contains signed entries "
65 + "that are not signed by alias in this keystore.";
66
67 static final String BAD_EXTENDED_KEY_USAGE_SIGNING_WARNING
68 = "The signer certificate's ExtendedKeyUsage extension "
69 + "doesn't allow code signing.";
70
71 static final String BAD_EXTENDED_KEY_USAGE_VERIFYING_WARNING
72 = "This jar contains entries whose signer certificate's "
73 + "ExtendedKeyUsage extension doesn't allow code signing.";
74
75 static final String BAD_KEY_USAGE_SIGNING_WARNING
76 = "The signer certificate's KeyUsage extension "
77 + "doesn't allow code signing.";
78
79 static final String BAD_KEY_USAGE_VERIFYING_WARNING
80 = "This jar contains entries whose signer certificate's KeyUsage "
81 + "extension doesn't allow code signing.";
82
83 static final String BAD_NETSCAPE_CERT_TYPE_SIGNING_WARNING
84 = "The signer certificate's NetscapeCertType extension "
85 + "doesn't allow code signing.";
86
87 static final String BAD_NETSCAPE_CERT_TYPE_VERIFYING_WARNING
88 = "This jar contains entries "
89 + "whose signer certificate's NetscapeCertType extension "
90 + "doesn't allow code signing.";
91
92 static final String CHAIN_NOT_VALIDATED_SIGNING_WARNING
93 = "The signer's certificate chain is not validated.";
94
95 static final String HAS_EXPIRING_CERT_SIGNING_WARNING
96 = "The signer certificate will expire within six months.";
97
98 static final String HAS_EXPIRING_CERT_VERIFYING_WARNING
99 = "This jar contains entries "
100 + "whose signer certificate will expire within six months.";
101
102 static final String HAS_EXPIRED_CERT_SIGNING_WARNING
103 = "The signer certificate has expired.";
104
105 static final String HAS_EXPIRED_CERT_VERIFYING_WARNING
106 = "This jar contains entries whose signer certificate has expired.";
107
108 static final String HAS_UNSIGNED_ENTRY_VERIFYING_WARNING
109 = "This jar contains unsigned entries "
110 + "which have not been integrity-checked.";
111
112 static final String NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING
113 = "This jar contains signed entries "
114 + "which are not signed by the specified alias(es).";
115
116 static final String NO_TIMESTAMP_SIGNING_WARN_TEMPLATE
117 = "No -tsa or -tsacert is provided "
118 + "and this jar is not timestamped. "
119 + "Without a timestamp, users may not be able to validate this jar "
120 + "after the signer certificate's expiration date "
121 + "(%1$tY-%1$tm-%1$td) or after any future revocation date.";
122
123 static final String NO_TIMESTAMP_VERIFYING_WARN_TEMPLATE
124 = "This jar contains signatures that does not include a timestamp. "
125 + "Without a timestamp, users may not be able to validate this jar "
126 + "after the signer certificate's expiration date "
127 + "(%1$tY-%1$tm-%1$td) or after any future revocation date.";
128
129 static final String NOT_YET_VALID_CERT_SIGNING_WARNING
130 = "The signer certificate is not yet valid.";
131
132 static final String NOT_YET_VALID_CERT_VERIFYING_WARNING
133 = "This jar contains entries "
134 + "whose signer certificate is not yet valid.";
135
136 static final String JAR_SIGNED = "jar signed.";
137
138 static final String JAR_VERIFIED = "jar verified.";
139
140 static final String JAR_VERIFIED_WITH_SIGNER_ERRORS
141 = "jar verified, with signer errors.";
142
143 static final int CHAIN_NOT_VALIDATED_EXIT_CODE = 4;
144 static final int HAS_EXPIRED_CERT_EXIT_CODE = 4;
145 static final int BAD_KEY_USAGE_EXIT_CODE = 8;
146 static final int BAD_EXTENDED_KEY_USAGE_EXIT_CODE = 8;
147 static final int BAD_NETSCAPE_CERT_TYPE_EXIT_CODE = 8;
148 static final int HAS_UNSIGNED_ENTRY_EXIT_CODE = 16;
149 static final int ALIAS_NOT_IN_STORE_EXIT_CODE = 32;
150 static final int NOT_SIGNED_BY_ALIAS_EXIT_CODE = 32;
151
152 public final void start() throws Throwable {
153 try {
154 doTest();
155 } finally {
156 cleanup();
157 }
158 }
159
160 protected abstract void doTest() throws Throwable;
161 protected abstract void cleanup();
162
163 protected void checkVerifying(OutputAnalyzer analyzer, int expectedExitCode,
164 String... warnings) {
165 analyzer.shouldHaveExitValue(expectedExitCode);
166 for (String warning : warnings) {
167 analyzer.shouldContain(warning);
168 }
169 if (warnings.length > 0) {
170 analyzer.shouldContain(WARNING);
171 }
172 if (expectedExitCode == 0) {
173 analyzer.shouldContain(JAR_VERIFIED);
174 } else {
175 analyzer.shouldContain(JAR_VERIFIED_WITH_SIGNER_ERRORS);
176 }
177 }
178
179 protected void checkSigning(OutputAnalyzer analyzer, String... warnings) {
180 analyzer.shouldHaveExitValue(0);
181 for (String warning : warnings) {
182 analyzer.shouldContain(warning);
183 }
184 if (warnings.length > 0) {
185 analyzer.shouldContain(WARNING);
186 }
187 analyzer.shouldContain(JAR_SIGNED);
188 }
189 }