23
24 /*
25 * @test
26 * @bug 6337925
27 * @summary Ensure that callers cannot modify the internal JarEntry cert and
28 * codesigner arrays.
29 * @author Sean Mullan
30 */
31 import java.io.InputStream;
32 import java.security.CodeSigner;
33 import java.security.cert.Certificate;
34 import java.util.*;
35 import java.util.jar.*;
36
37 public class GetMethodsReturnClones {
38
39 private final static String BASE = System.getProperty("test.src", ".") +
40 System.getProperty("file.separator");
41
42 public static void main(String[] args) throws Exception {
43 JarFile jf = new JarFile(BASE + "test.jar", true);
44
45 byte[] buffer = new byte[8192];
46 Enumeration<JarEntry> e = jf.entries();
47 List<JarEntry> entries = new ArrayList<JarEntry>();
48 while (e.hasMoreElements()) {
49 JarEntry je = e.nextElement();
50 entries.add(je);
51 InputStream is = jf.getInputStream(je);
52 while (is.read(buffer, 0, buffer.length) != -1) {
53 // we just read. this will throw a SecurityException
54 // if a signature/digest check fails.
55 }
56 is.close();
57 }
58 jf.close();
59
60 for (JarEntry je : entries) {
61 Certificate[] certs = je.getCertificates();
62 CodeSigner[] signers = je.getCodeSigners();
63 if (certs != null) {
64 certs[0] = null;
65 certs = je.getCertificates();
66 if (certs[0] == null) {
67 throw new Exception("Modified internal certs array");
68 }
69 }
70 if (signers != null) {
71 signers[0] = null;
72 signers = je.getCodeSigners();
73 if (signers[0] == null) {
74 throw new Exception("Modified internal codesigners array");
75 }
76 }
77 }
78 }
|
23
24 /*
25 * @test
26 * @bug 6337925
27 * @summary Ensure that callers cannot modify the internal JarEntry cert and
28 * codesigner arrays.
29 * @author Sean Mullan
30 */
31 import java.io.InputStream;
32 import java.security.CodeSigner;
33 import java.security.cert.Certificate;
34 import java.util.*;
35 import java.util.jar.*;
36
37 public class GetMethodsReturnClones {
38
39 private final static String BASE = System.getProperty("test.src", ".") +
40 System.getProperty("file.separator");
41
42 public static void main(String[] args) throws Exception {
43 List<JarEntry> entries = new ArrayList<>();
44 try (JarFile jf = new JarFile(BASE + "test.jar", true)) {
45 byte[] buffer = new byte[8192];
46 Enumeration<JarEntry> e = jf.entries();
47 while (e.hasMoreElements()) {
48 JarEntry je = e.nextElement();
49 entries.add(je);
50 try (InputStream is = jf.getInputStream(je)) {
51 while (is.read(buffer, 0, buffer.length) != -1) {
52 // we just read. this will throw a SecurityException
53 // if a signature/digest check fails.
54 }
55 }
56 }
57 }
58
59 for (JarEntry je : entries) {
60 Certificate[] certs = je.getCertificates();
61 CodeSigner[] signers = je.getCodeSigners();
62 if (certs != null) {
63 certs[0] = null;
64 certs = je.getCertificates();
65 if (certs[0] == null) {
66 throw new Exception("Modified internal certs array");
67 }
68 }
69 if (signers != null) {
70 signers[0] = null;
71 signers = je.getCodeSigners();
72 if (signers[0] == null) {
73 throw new Exception("Modified internal codesigners array");
74 }
75 }
76 }
77 }
|