1 /*
   2  * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /**
  25  * @test
  26  * @bug 6890872 8168882
  27  * @summary keytool -printcert to recognize signed jar files
  28  * @library /test/lib
  29  * @build jdk.test.lib.SecurityTools
  30  *        jdk.test.lib.util.JarUtils
  31  *        jdk.test.lib.Utils
  32  *        jdk.test.lib.Asserts
  33  *        jdk.test.lib.JDKToolFinder
  34  *        jdk.test.lib.JDKToolLauncher
  35  *        jdk.test.lib.Platform
  36  *        jdk.test.lib.process.*
  37  * @run main ReadJar
  38  */
  39 
  40 import java.nio.file.Files;
  41 import java.nio.file.Paths;
  42 import jdk.test.lib.SecurityTools;
  43 import jdk.test.lib.process.OutputAnalyzer;
  44 import jdk.test.lib.util.JarUtils;
  45 
  46 public class ReadJar {
  47 
  48     public static void main(String[] args) throws Throwable {
  49         testWithMD5();
  50     }
  51 
  52     // make sure that -printcert option works
  53     // if a weak algorithm was used for signing a jar
  54     private static void testWithMD5() throws Throwable {
  55         // create jar files
  56         JarUtils.createJar("test_md5.jar", "test");
  57         JarUtils.createJar("test_rsa.jar", "test");
  58 
  59         // create a keystore and generate keys for jar signing
  60         Files.deleteIfExists(Paths.get("keystore"));
  61 
  62         OutputAnalyzer out = SecurityTools.keytool("-genkeypair "
  63                 + "-keystore keystore -storepass password "
  64                 + "-keypass password -keyalg rsa -alias rsa_alias -dname CN=A");
  65         System.out.println(out.getOutput());
  66         out.shouldHaveExitValue(0);
  67 
  68         out = SecurityTools.jarsigner("-keystore keystore -storepass password "
  69                 + "test_rsa.jar rsa_alias");
  70         System.out.println(out.getOutput());
  71         out.shouldHaveExitValue(0);
  72 
  73         printCert("test_rsa.jar");
  74 
  75         out = SecurityTools.jarsigner("-keystore keystore -storepass password "
  76                 + "-sigalg MD5withRSA -digestalg MD5 test_md5.jar rsa_alias");
  77         System.out.println(out.getOutput());
  78         out.shouldHaveExitValue(0);
  79 
  80         printCert("test_md5.jar");
  81     }
  82 
  83     private static void printCert(String jar) throws Throwable {
  84         OutputAnalyzer out = SecurityTools.keytool("-printcert -jarfile " + jar);
  85         System.out.println(out.getOutput());
  86         out.shouldHaveExitValue(0);
  87         out.shouldNotContain("Not a signed jar file");
  88 
  89         out = SecurityTools.keytool("-printcert -rfc -jarfile " + jar);
  90         System.out.println(out.getOutput());
  91         out.shouldHaveExitValue(0);
  92         out.shouldNotContain("Not a signed jar file");
  93     }
  94 }