1 /*
2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 8056174
27 * @summary New APIs for jar signing
28 */
29
30 import jdk.security.jarsigner.JarSigner;
31
32 import java.io.File;
33 import java.io.FileInputStream;
34 import java.io.FileOutputStream;
35 import java.io.IOException;
36 import java.io.OutputStream;
37 import java.security.InvalidKeyException;
38 import java.security.InvalidParameterException;
39 import java.security.KeyStore;
40 import java.security.MessageDigest;
41 import java.security.NoSuchAlgorithmException;
42 import java.security.PrivateKey;
43 import java.security.Provider;
44 import java.security.PublicKey;
45 import java.security.Signature;
46 import java.security.SignatureException;
47 import java.security.cert.Certificate;
48 import java.security.cert.CertificateFactory;
49 import java.util.Arrays;
50 import java.util.Collections;
51 import java.util.zip.ZipEntry;
52 import java.util.zip.ZipFile;
53 import java.util.zip.ZipOutputStream;
54
55 public class API {
56 public static void main(String[] args) throws Exception {
57
58 try (FileOutputStream fout =new FileOutputStream("src.zip");
59 ZipOutputStream zout = new ZipOutputStream(fout)) {
60 zout.putNextEntry(new ZipEntry("x"));
61 zout.write(new byte[10]);
62 zout.closeEntry();
63 }
64
65 KeyStore ks = KeyStore.getInstance("JKS");
66 ks.load(new FileInputStream(
67 new File(System.getProperty("test.src"), "JarSigning.keystore")),
68 "bbbbbb".toCharArray());
69 PrivateKey key = (PrivateKey)ks.getKey("c", "bbbbbb".toCharArray());
70 Certificate cert = ks.getCertificate("c");
71 JarSigner js = new JarSigner(key,
72 CertificateFactory.getInstance("X.509").generateCertPath(
73 Collections.singletonList(cert)));
74
75 try {
76 js.digestAlg("FUNNY");
77 throw new Exception("Should have failed");
78 } catch (NoSuchAlgorithmException e) {
79 // Good
80 }
81
82 try {
83 js.sigAlg("SHA1withDSA");
84 throw new Exception("Should have failed");
85 } catch (IllegalArgumentException e) {
86 // Good
87 }
88
89 try {
90 js.sigAlg("FUNwithJOY");
91 throw new Exception("Should have failed");
92 } catch (NoSuchAlgorithmException e) {
93 // Good
94 }
95
96 js.digestAlg("SHA1");
97 js.sigAlg("SHA1withRSA");
98
99 try {
100 js.signerName("");
101 throw new Exception("Should have failed");
102 } catch (IllegalArgumentException e) {
103 // I knew that
104 }
105
106 try {
107 js.signerName("this_is_long");
108 throw new Exception("Should have failed");
109 } catch (IllegalArgumentException e) {
110 // I knew that
111 }
112
113 try {
114 js.signerName("illegal!");
115 throw new Exception("Should have failed");
116 } catch (IllegalArgumentException e) {
117 // I knew that
118 }
119
120 OutputStream blackHole = new OutputStream() {
121 @Override
122 public void write(int b) throws IOException {
123 return;
124 }
125 };
126
127 try (ZipFile src = new ZipFile("src.zip")) {
128 js.sign(src, blackHole);
129 }
130
131
132 Provider p = new MyProvider();
133 js.digestAlg("Five", p);
134 js.sigAlg("SHA1WithRSA", p);
135 try (ZipFile src = new ZipFile("src.zip")) {
136 js.sign(src, blackHole);
137 }
138 }
139
140 public static class MyProvider extends Provider {
141 MyProvider() {
142 super("MY", 1.0d, null);
143 put("MessageDigest.Five", Five.class.getName());
144 put("Signature.SHA1WithRSA", SHA1WithRSA.class.getName());
145 }
146 }
147
148 public static class Five extends MessageDigest {
149 static final byte[] dig = {0x14, 0x02, (byte)0x84}; //base64 -> FAKE
150 public Five() { super("Five"); }
151 protected void engineUpdate(byte input) { }
152 protected void engineUpdate(byte[] input, int offset, int len) { }
153 protected byte[] engineDigest() { return dig; }
154 protected void engineReset() { }
155 }
156
157 public static class SHA1WithRSA extends Signature {
158 static final byte[] sig = "FAKEFAKE".getBytes();
159 public SHA1WithRSA() { super("SHA1WithRSA"); }
160 protected void engineInitVerify(PublicKey publicKey)
161 throws InvalidKeyException { }
162 protected void engineInitSign(PrivateKey privateKey)
163 throws InvalidKeyException { }
164 protected void engineUpdate(byte b) throws SignatureException { }
165 protected void engineUpdate(byte[] b, int off, int len)
166 throws SignatureException { }
167 protected byte[] engineSign() throws SignatureException { return sig; }
168 protected boolean engineVerify(byte[] sigBytes)
169 throws SignatureException {
170 return Arrays.equals(sigBytes, sig);
171 }
172 protected void engineSetParameter(String param, Object value)
173 throws InvalidParameterException { }
174 protected Object engineGetParameter(String param)
175 throws InvalidParameterException { return null; }
176 }
177 }