/* * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ /* * @test * @bug 8056174 * @summary New APIs for jar signing */ import jdk.security.jarsigner.JarSigner; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.OutputStream; import java.security.InvalidKeyException; import java.security.InvalidParameterException; import java.security.KeyStore; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.PrivateKey; import java.security.Provider; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.util.Arrays; import java.util.Collections; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; import java.util.zip.ZipOutputStream; public class API { public static void main(String[] args) throws Exception { try (FileOutputStream fout =new FileOutputStream("src.zip"); ZipOutputStream zout = new ZipOutputStream(fout)) { zout.putNextEntry(new ZipEntry("x")); zout.write(new byte[10]); zout.closeEntry(); } KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new FileInputStream( new File(System.getProperty("test.src"), "JarSigning.keystore")), "bbbbbb".toCharArray()); PrivateKey key = (PrivateKey)ks.getKey("c", "bbbbbb".toCharArray()); Certificate cert = ks.getCertificate("c"); JarSigner js = new JarSigner(key, CertificateFactory.getInstance("X.509").generateCertPath( Collections.singletonList(cert))); try { js.digestAlg("FUNNY"); throw new Exception("Should have failed"); } catch (NoSuchAlgorithmException e) { // Good } try { js.sigAlg("SHA1withDSA"); throw new Exception("Should have failed"); } catch (IllegalArgumentException e) { // Good } try { js.sigAlg("FUNwithJOY"); throw new Exception("Should have failed"); } catch (NoSuchAlgorithmException e) { // Good } js.digestAlg("SHA1"); js.sigAlg("SHA1withRSA"); try { js.signerName(""); throw new Exception("Should have failed"); } catch (IllegalArgumentException e) { // I knew that } try { js.signerName("this_is_long"); throw new Exception("Should have failed"); } catch (IllegalArgumentException e) { // I knew that } try { js.signerName("illegal!"); throw new Exception("Should have failed"); } catch (IllegalArgumentException e) { // I knew that } OutputStream blackHole = new OutputStream() { @Override public void write(int b) throws IOException { return; } }; try (ZipFile src = new ZipFile("src.zip")) { js.sign(src, blackHole); } Provider p = new MyProvider(); js.digestAlg("Five", p); js.sigAlg("SHA1WithRSA", p); try (ZipFile src = new ZipFile("src.zip")) { js.sign(src, blackHole); } } public static class MyProvider extends Provider { MyProvider() { super("MY", 1.0d, null); put("MessageDigest.Five", Five.class.getName()); put("Signature.SHA1WithRSA", SHA1WithRSA.class.getName()); } } public static class Five extends MessageDigest { static final byte[] dig = {0x14, 0x02, (byte)0x84}; //base64 -> FAKE public Five() { super("Five"); } protected void engineUpdate(byte input) { } protected void engineUpdate(byte[] input, int offset, int len) { } protected byte[] engineDigest() { return dig; } protected void engineReset() { } } public static class SHA1WithRSA extends Signature { static final byte[] sig = "FAKEFAKE".getBytes(); public SHA1WithRSA() { super("SHA1WithRSA"); } protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException { } protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException { } protected void engineUpdate(byte b) throws SignatureException { } protected void engineUpdate(byte[] b, int off, int len) throws SignatureException { } protected byte[] engineSign() throws SignatureException { return sig; } protected boolean engineVerify(byte[] sigBytes) throws SignatureException { return Arrays.equals(sigBytes, sig); } protected void engineSetParameter(String param, Object value) throws InvalidParameterException { } protected Object engineGetParameter(String param) throws InvalidParameterException { return null; } } }