55 "-------w-",
56 "--------x",
57 "------rwx",
58 "r--r-----",
59 "r--r--r--",
60 "rw-rw----",
61 "rwxrwx---",
62 "rw-rw-r--",
63 "r-xr-x---",
64 "r-xr-xr-x",
65 "rwxrwxrwx");
66
67 private final static String ZIPFILENAME = "8218021-test.zip";
68 private final static String JARFILENAME = "8218021-test.jar";
69 private final static URI JARURI = URI.create("jar:" + Path.of(JARFILENAME).toUri());
70 private final static URI ZIPURI = URI.create("jar:" + Path.of(ZIPFILENAME).toUri());
71 private static Path file;
72 private static int count;
73 private static Set<PosixFilePermission> permsSet;
74 private static String expectedJarPerms;
75 private static final String POSIXWARNING = "POSIX file permission attributes detected. " +
76 "These attributes are ignored when signing and are not protected by the signature.";
77
78 public static void main(String[] args) throws Exception {
79 if (!FileSystems.getDefault().supportedFileAttributeViews().contains("posix")) {
80 System.out.println("No posix support. Skipping");
81 return;
82 }
83
84 createFiles();
85 // check permissions before signing
86 verifyFilePermissions(ZIPURI, true);
87 verifyFilePermissions(JARURI, false);
88
89 SecurityTools.keytool(
90 "-genkey",
91 "-keyalg", "RSA",
92 "-dname", "CN=Coffey, OU=JPG, O=Oracle, L=Santa Clara, ST=California, C=US",
93 "-alias", "examplekey",
94 "-storepass", "password",
95 "-keypass", "password",
96 "-keystore", "examplekeystore",
97 "-validity", "365")
98 .shouldHaveExitValue(0);
99
100 SecurityTools.jarsigner(
101 "-keystore", "examplekeystore",
102 "-verbose", ZIPFILENAME,
103 "-storepass", "password",
104 "-keypass", "password",
105 "examplekey")
106 .shouldHaveExitValue(0)
107 .shouldContain(POSIXWARNING);
108
109 // zip file now signed. Recheck file permissions
110 verifyFilePermissions(ZIPURI, true);
111
112 // sign jar file - no posix warning message expected
113 SecurityTools.jarsigner("-keystore", "examplekeystore",
114 "-verbose", JARFILENAME,
115 "-storepass", "password",
116 "-keypass", "password",
117 "examplekey")
118 .shouldHaveExitValue(0)
119 .shouldNotContain(POSIXWARNING);
120
121 // default attributes expected
122 verifyFilePermissions(JARURI, false);
123
124 SecurityTools.jarsigner("-keystore", "examplekeystore",
125 "-storepass", "password",
126 "-keypass", "password",
127 "-verbose",
128 "-verify", ZIPFILENAME)
129 .shouldHaveExitValue(0)
130 .shouldContain(POSIXWARNING);
131
132 // no warning expected for regular jar file
133 SecurityTools.jarsigner("-keystore", "examplekeystore",
134 "-storepass", "password",
135 "-keypass", "password",
136 "-verbose",
137 "-verify", JARFILENAME)
138 .shouldHaveExitValue(0)
139 .shouldNotContain(POSIXWARNING);
140 }
141
142 private static void createFiles() throws Exception {
143
144 String fileList = " ";
145 Map<String, String> env = new HashMap<>();
146 env.put("create", "true");
147 env.put("enablePosixFileAttributes", "true");
148
149 try (FileSystem zipfs = FileSystems.newFileSystem(ZIPURI, env)) {
150 for (String s : perms) {
151 file = Path.of("test_" + count++);
152 fileList += file + " ";
153 permsSet = PosixFilePermissions.fromString(s);
154 Files.createFile(file);
155
156 Files.copy(file,
157 zipfs.getPath(file.toString()),
158 StandardCopyOption.COPY_ATTRIBUTES);
159 Files.setPosixFilePermissions(zipfs.getPath(file.toString()), permsSet);
|
55 "-------w-",
56 "--------x",
57 "------rwx",
58 "r--r-----",
59 "r--r--r--",
60 "rw-rw----",
61 "rwxrwx---",
62 "rw-rw-r--",
63 "r-xr-x---",
64 "r-xr-xr-x",
65 "rwxrwxrwx");
66
67 private final static String ZIPFILENAME = "8218021-test.zip";
68 private final static String JARFILENAME = "8218021-test.jar";
69 private final static URI JARURI = URI.create("jar:" + Path.of(JARFILENAME).toUri());
70 private final static URI ZIPURI = URI.create("jar:" + Path.of(ZIPFILENAME).toUri());
71 private static Path file;
72 private static int count;
73 private static Set<PosixFilePermission> permsSet;
74 private static String expectedJarPerms;
75 private static final String WARNING_MSG = "POSIX file permission and/or symlink " +
76 "attributes detected. These attributes are ignored when signing and are not " +
77 "protected by the signature.";
78
79 public static void main(String[] args) throws Exception {
80 if (!FileSystems.getDefault().supportedFileAttributeViews().contains("posix")) {
81 System.out.println("No posix support. Skipping");
82 return;
83 }
84
85 createFiles();
86 // check permissions before signing
87 verifyFilePermissions(ZIPURI, true);
88 verifyFilePermissions(JARURI, false);
89
90 SecurityTools.keytool(
91 "-genkey",
92 "-keyalg", "RSA",
93 "-dname", "CN=Coffey, OU=JPG, O=Oracle, L=Santa Clara, ST=California, C=US",
94 "-alias", "examplekey",
95 "-storepass", "password",
96 "-keypass", "password",
97 "-keystore", "examplekeystore",
98 "-validity", "365")
99 .shouldHaveExitValue(0);
100
101 SecurityTools.jarsigner(
102 "-keystore", "examplekeystore",
103 "-verbose", ZIPFILENAME,
104 "-storepass", "password",
105 "-keypass", "password",
106 "examplekey")
107 .shouldHaveExitValue(0)
108 .shouldContain(WARNING_MSG);
109
110 // zip file now signed. Recheck file permissions
111 verifyFilePermissions(ZIPURI, true);
112
113 // sign jar file - no posix warning message expected
114 SecurityTools.jarsigner("-keystore", "examplekeystore",
115 "-verbose", JARFILENAME,
116 "-storepass", "password",
117 "-keypass", "password",
118 "examplekey")
119 .shouldHaveExitValue(0)
120 .shouldNotContain(WARNING_MSG);
121
122 // default attributes expected
123 verifyFilePermissions(JARURI, false);
124
125 SecurityTools.jarsigner("-keystore", "examplekeystore",
126 "-storepass", "password",
127 "-keypass", "password",
128 "-verbose",
129 "-verify", ZIPFILENAME)
130 .shouldHaveExitValue(0)
131 .shouldContain(WARNING_MSG);
132
133 // no warning expected for regular jar file
134 SecurityTools.jarsigner("-keystore", "examplekeystore",
135 "-storepass", "password",
136 "-keypass", "password",
137 "-verbose",
138 "-verify", JARFILENAME)
139 .shouldHaveExitValue(0)
140 .shouldNotContain(WARNING_MSG);
141 }
142
143 private static void createFiles() throws Exception {
144
145 String fileList = " ";
146 Map<String, String> env = new HashMap<>();
147 env.put("create", "true");
148 env.put("enablePosixFileAttributes", "true");
149
150 try (FileSystem zipfs = FileSystems.newFileSystem(ZIPURI, env)) {
151 for (String s : perms) {
152 file = Path.of("test_" + count++);
153 fileList += file + " ";
154 permsSet = PosixFilePermissions.fromString(s);
155 Files.createFile(file);
156
157 Files.copy(file,
158 zipfs.getPath(file.toString()),
159 StandardCopyOption.COPY_ATTRIBUTES);
160 Files.setPosixFilePermissions(zipfs.getPath(file.toString()), permsSet);
|