| author | xuelei |
| Mon, 25 Jun 2018 13:41:39 -0700 | |
| changeset 50768 | 68fa3d4026ea |
| parent 47216 | 71c04702a3d5 |
| permissions | -rw-r--r-- |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
1 |
/* |
|
43096
22875dc4eec5
8171423: Relocate /test/lib/security/SecurityTools.java
amjiang
parents:
41960
diff
changeset
|
2 |
* Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved. |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
4 |
* |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
7 |
* published by the Free Software Foundation. |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
8 |
* |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
9 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
10 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
11 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
12 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
13 |
* accompanied this code). |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
14 |
* |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
15 |
* You should have received a copy of the GNU General Public License version |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
16 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
17 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
18 |
* |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
19 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
20 |
* or visit www.oracle.com if you need additional information or have any |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
21 |
* questions. |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
22 |
*/ |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
23 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
24 |
/** |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
25 |
* @test |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
26 |
* @bug 6890872 8168882 |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
27 |
* @summary keytool -printcert to recognize signed jar files |
|
43096
22875dc4eec5
8171423: Relocate /test/lib/security/SecurityTools.java
amjiang
parents:
41960
diff
changeset
|
28 |
* @library /test/lib |
|
45467
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
29 |
* @build jdk.test.lib.SecurityTools |
|
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
30 |
* jdk.test.lib.util.JarUtils |
|
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
31 |
* jdk.test.lib.Utils |
|
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
32 |
* jdk.test.lib.Asserts |
|
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
33 |
* jdk.test.lib.JDKToolFinder |
|
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
34 |
* jdk.test.lib.JDKToolLauncher |
|
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
35 |
* jdk.test.lib.Platform |
|
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
36 |
* jdk.test.lib.process.* |
|
99c87a16a8e4
8181761: add explicit @build actions for jdk.test.lib classes in all :tier2 tests
iignatyev
parents:
45287
diff
changeset
|
37 |
* @run main ReadJar |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
38 |
*/ |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
39 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
40 |
import java.nio.file.Files; |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
41 |
import java.nio.file.Paths; |
|
43096
22875dc4eec5
8171423: Relocate /test/lib/security/SecurityTools.java
amjiang
parents:
41960
diff
changeset
|
42 |
import jdk.test.lib.SecurityTools; |
|
22875dc4eec5
8171423: Relocate /test/lib/security/SecurityTools.java
amjiang
parents:
41960
diff
changeset
|
43 |
import jdk.test.lib.process.OutputAnalyzer; |
|
45287
e0bb5f83e17a
8180888: move jdk.testlibrary.JarUtils to the top level testlibrary
iignatyev
parents:
43238
diff
changeset
|
44 |
import jdk.test.lib.util.JarUtils; |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
45 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
46 |
public class ReadJar {
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
47 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
48 |
public static void main(String[] args) throws Throwable {
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
49 |
testWithMD5(); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
50 |
} |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
51 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
52 |
// make sure that -printcert option works |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
53 |
// if a weak algorithm was used for signing a jar |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
54 |
private static void testWithMD5() throws Throwable {
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
55 |
// create jar files |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
56 |
JarUtils.createJar("test_md5.jar", "test");
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
57 |
JarUtils.createJar("test_rsa.jar", "test");
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
58 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
59 |
// create a keystore and generate keys for jar signing |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
60 |
Files.deleteIfExists(Paths.get("keystore"));
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
61 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
62 |
OutputAnalyzer out = SecurityTools.keytool("-genkeypair "
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
63 |
+ "-keystore keystore -storepass password " |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
64 |
+ "-keypass password -keyalg rsa -alias rsa_alias -dname CN=A"); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
65 |
System.out.println(out.getOutput()); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
66 |
out.shouldHaveExitValue(0); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
67 |
|
|
43238
60b2aa915d98
8172975: SecurityTools.keytool() needs to accept user input
weijun
parents:
43096
diff
changeset
|
68 |
out = SecurityTools.jarsigner("-keystore keystore -storepass password "
|
|
60b2aa915d98
8172975: SecurityTools.keytool() needs to accept user input
weijun
parents:
43096
diff
changeset
|
69 |
+ "test_rsa.jar rsa_alias"); |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
70 |
System.out.println(out.getOutput()); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
71 |
out.shouldHaveExitValue(0); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
72 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
73 |
printCert("test_rsa.jar");
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
74 |
|
|
43238
60b2aa915d98
8172975: SecurityTools.keytool() needs to accept user input
weijun
parents:
43096
diff
changeset
|
75 |
out = SecurityTools.jarsigner("-keystore keystore -storepass password "
|
|
60b2aa915d98
8172975: SecurityTools.keytool() needs to accept user input
weijun
parents:
43096
diff
changeset
|
76 |
+ "-sigalg MD5withRSA -digestalg MD5 test_md5.jar rsa_alias"); |
|
41960
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
77 |
System.out.println(out.getOutput()); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
78 |
out.shouldHaveExitValue(0); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
79 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
80 |
printCert("test_md5.jar");
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
81 |
} |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
82 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
83 |
private static void printCert(String jar) throws Throwable {
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
84 |
OutputAnalyzer out = SecurityTools.keytool("-printcert -jarfile " + jar);
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
85 |
System.out.println(out.getOutput()); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
86 |
out.shouldHaveExitValue(0); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
87 |
out.shouldNotContain("Not a signed jar file");
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
88 |
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
89 |
out = SecurityTools.keytool("-printcert -rfc -jarfile " + jar);
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
90 |
System.out.println(out.getOutput()); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
91 |
out.shouldHaveExitValue(0); |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
92 |
out.shouldNotContain("Not a signed jar file");
|
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
93 |
} |
|
916bb3d29d7b
8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
asmotrak
parents:
diff
changeset
|
94 |
} |