1 /* 2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 8056174 27 * @summary New APIs for jar signing 28 */ 29 30 import jdk.security.jarsigner.JarSigner; 31 32 import java.io.File; 33 import java.io.FileInputStream; 34 import java.io.FileOutputStream; 35 import java.io.IOException; 36 import java.io.OutputStream; 37 import java.security.InvalidKeyException; 38 import java.security.InvalidParameterException; 39 import java.security.KeyStore; 40 import java.security.MessageDigest; 41 import java.security.NoSuchAlgorithmException; 42 import java.security.PrivateKey; 43 import java.security.Provider; 44 import java.security.PublicKey; 45 import java.security.Signature; 46 import java.security.SignatureException; 47 import java.security.cert.Certificate; 48 import java.security.cert.CertificateFactory; 49 import java.util.Arrays; 50 import java.util.Collections; 51 import java.util.zip.ZipEntry; 52 import java.util.zip.ZipFile; 53 import java.util.zip.ZipOutputStream; 54 55 public class API { 56 public static void main(String[] args) throws Exception { 57 58 try (FileOutputStream fout =new FileOutputStream("src.zip"); 59 ZipOutputStream zout = new ZipOutputStream(fout)) { 60 zout.putNextEntry(new ZipEntry("x")); 61 zout.write(new byte[10]); 62 zout.closeEntry(); 63 } 64 65 KeyStore ks = KeyStore.getInstance("JKS"); 66 ks.load(new FileInputStream( 67 new File(System.getProperty("test.src"), "JarSigning.keystore")), 68 "bbbbbb".toCharArray()); 69 PrivateKey key = (PrivateKey)ks.getKey("c", "bbbbbb".toCharArray()); 70 Certificate cert = ks.getCertificate("c"); 71 JarSigner js = new JarSigner(key, 72 CertificateFactory.getInstance("X.509").generateCertPath( 73 Collections.singletonList(cert))); 74 75 try { 76 js.digestAlg("FUNNY"); 77 throw new Exception("Should have failed"); 78 } catch (NoSuchAlgorithmException e) { 79 // Good 80 } 81 82 try { 83 js.sigAlg("SHA1withDSA"); 84 throw new Exception("Should have failed"); 85 } catch (IllegalArgumentException e) { 86 // Good 87 } 88 89 try { 90 js.sigAlg("FUNwithJOY"); 91 throw new Exception("Should have failed"); 92 } catch (NoSuchAlgorithmException e) { 93 // Good 94 } 95 96 js.digestAlg("SHA1"); 97 js.sigAlg("SHA1withRSA"); 98 99 try { 100 js.signerName(""); 101 throw new Exception("Should have failed"); 102 } catch (IllegalArgumentException e) { 103 // I knew that 104 } 105 106 try { 107 js.signerName("this_is_long"); 108 throw new Exception("Should have failed"); 109 } catch (IllegalArgumentException e) { 110 // I knew that 111 } 112 113 try { 114 js.signerName("illegal!"); 115 throw new Exception("Should have failed"); 116 } catch (IllegalArgumentException e) { 117 // I knew that 118 } 119 120 OutputStream blackHole = new OutputStream() { 121 @Override 122 public void write(int b) throws IOException { 123 return; 124 } 125 }; 126 127 try (ZipFile src = new ZipFile("src.zip")) { 128 js.sign(src, blackHole); 129 } 130 131 132 Provider p = new MyProvider(); 133 js.digestAlg("Five", p); 134 js.sigAlg("SHA1WithRSA", p); 135 try (ZipFile src = new ZipFile("src.zip")) { 136 js.sign(src, blackHole); 137 } 138 } 139 140 public static class MyProvider extends Provider { 141 MyProvider() { 142 super("MY", 1.0d, null); 143 put("MessageDigest.Five", Five.class.getName()); 144 put("Signature.SHA1WithRSA", SHA1WithRSA.class.getName()); 145 } 146 } 147 148 public static class Five extends MessageDigest { 149 static final byte[] dig = {0x14, 0x02, (byte)0x84}; //base64 -> FAKE 150 public Five() { super("Five"); } 151 protected void engineUpdate(byte input) { } 152 protected void engineUpdate(byte[] input, int offset, int len) { } 153 protected byte[] engineDigest() { return dig; } 154 protected void engineReset() { } 155 } 156 157 public static class SHA1WithRSA extends Signature { 158 static final byte[] sig = "FAKEFAKE".getBytes(); 159 public SHA1WithRSA() { super("SHA1WithRSA"); } 160 protected void engineInitVerify(PublicKey publicKey) 161 throws InvalidKeyException { } 162 protected void engineInitSign(PrivateKey privateKey) 163 throws InvalidKeyException { } 164 protected void engineUpdate(byte b) throws SignatureException { } 165 protected void engineUpdate(byte[] b, int off, int len) 166 throws SignatureException { } 167 protected byte[] engineSign() throws SignatureException { return sig; } 168 protected boolean engineVerify(byte[] sigBytes) 169 throws SignatureException { 170 return Arrays.equals(sigBytes, sig); 171 } 172 protected void engineSetParameter(String param, Object value) 173 throws InvalidParameterException { } 174 protected Object engineGetParameter(String param) 175 throws InvalidParameterException { return null; } 176 } 177 }