jdk-sandbox: jdk/test/sun/security/pkcs/pkcs7/PKCS7VerifyTest.java@cc479488428c (annotated)

33873 32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	1	/*
41580 cc479488428c 8155973: Tighten jar checks ascarpino parents: 33873 diff changeset	2	* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
33873 32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	4	*
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	7	* published by the Free Software Foundation.
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	8	*
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	9	* This code is distributed in the hope that it will be useful, but WITHOUT
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	10	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	11	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	12	* version 2 for more details (a copy is included in the LICENSE file that
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	13	* accompanied this code).
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	14	*
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	15	* You should have received a copy of the GNU General Public License version
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	16	* 2 along with this work; if not, write to the Free Software Foundation,
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	17	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	18	*
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	19	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	20	* or visit www.oracle.com if you need additional information or have any
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	21	* questions.
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	22	*/
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	23
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	24	/*
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	25	* @test
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	26	* @bug 8048357
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	27	* @summary Read signed data in one or more PKCS7 objects from individual files,
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	28	* verify SignerInfos and certificate chain.
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	29	* @modules java.base/sun.security.pkcs
41580 cc479488428c 8155973: Tighten jar checks ascarpino parents: 33873 diff changeset	30	* @run main/othervm PKCS7VerifyTest PKCS7TEST.DSA.base64
cc479488428c 8155973: Tighten jar checks ascarpino parents: 33873 diff changeset	31	* @run main/othervm PKCS7VerifyTest PKCS7TEST.DSA.base64 PKCS7TEST.SF
33873 32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	32	*/
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	33	import java.io.ByteArrayInputStream;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	34	import java.io.File;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	35	import java.io.FileInputStream;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	36	import java.nio.file.Files;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	37	import java.nio.file.Path;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	38	import java.nio.file.Paths;
41580 cc479488428c 8155973: Tighten jar checks ascarpino parents: 33873 diff changeset	39	import java.security.Security;
33873 32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	40	import java.security.cert.X509Certificate;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	41	import java.util.Base64;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	42	import java.util.HashMap;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	43	import java.util.Map;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	44	import sun.security.pkcs.PKCS7;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	45	import sun.security.pkcs.SignerInfo;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	46
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	47	public class PKCS7VerifyTest {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	48
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	49	static final String TESTSRC = System.getProperty("test.src", ".");
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	50	static final String FS = File.separator;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	51	static final String FILEPATH = TESTSRC + FS + "jarsigner" + FS + "META-INF"
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	52	+ FS;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	53
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	54	public static void main(String[] args) throws Exception {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	55	if (args.length == 0) {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	56	throw new RuntimeException("usage: java JarVerify <file1> <file2>");
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	57	}
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	58
41580 cc479488428c 8155973: Tighten jar checks ascarpino parents: 33873 diff changeset	59	Security.setProperty("jdk.jar.disabledAlgorithms", "");
cc479488428c 8155973: Tighten jar checks ascarpino parents: 33873 diff changeset	60
33873 32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	61	// The command " java PKCS7VerifyTest file1 [file2] "
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	62	// treats file1 as containing the DER encoding of a PKCS7 signed data
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	63	// object. If file2 is absent, the program verifies that some signature
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	64	// (SignerInfo) file1 correctly signs the data contained in the
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	65	// ContentInfo component of the PKCS7 object encoded by file1. If file2
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	66	// is present, the program verifies file1 contains a correct signature
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	67	// for the contents of file2.
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	68
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	69	PKCS7 pkcs7;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	70	byte[] data;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	71
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	72	// to avoid attaching binary DSA file, the DSA file was encoded
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	73	// in Base64, decode encoded Base64 DSA file below
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	74	byte[] base64Bytes = Files.readAllBytes(Paths.get(FILEPATH + args[0]));
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	75	pkcs7 = new PKCS7(new ByteArrayInputStream(
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	76	Base64.getMimeDecoder().decode(base64Bytes)));
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	77	if (args.length < 2) {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	78	data = null;
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	79	} else {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	80	data = Files.readAllBytes(Paths.get(FILEPATH + args[1]));
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	81
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	82	}
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	83
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	84	SignerInfo[] signerInfos = pkcs7.verify(data);
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	85
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	86	if (signerInfos == null) {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	87	throw new RuntimeException("no signers verify");
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	88	}
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	89	System.out.println("Verifying SignerInfos:");
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	90	for (SignerInfo signerInfo : signerInfos) {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	91	System.out.println(signerInfo.toString());
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	92	}
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	93
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	94	X509Certificate certs[] = pkcs7.getCertificates();
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	95
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	96	HashMap<String, X509Certificate> certTable = new HashMap(certs.length);
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	97	for (X509Certificate cert : certs) {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	98	certTable.put(cert.getSubjectDN().toString(), cert);
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	99	}
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	100
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	101	// try to verify all the certs
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	102	for (Map.Entry<String, X509Certificate> entry : certTable.entrySet()) {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	103
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	104	X509Certificate cert = entry.getValue();
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	105	X509Certificate issuerCert = certTable
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	106	.get(cert.getIssuerDN().toString());
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	107
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	108	System.out.println("Subject: " + cert.getSubjectDN());
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	109	if (issuerCert == null) {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	110	System.out.println("Issuer certificate not found");
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	111	} else {
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	112	System.out.println("Issuer: " + cert.getIssuerDN());
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	113	cert.verify(issuerCert.getPublicKey());
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	114	System.out.println("Cert verifies.");
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	115	}
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	116	System.out.println();
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	117	}
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	118	}
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	119
32ba74411aba 8048357: PKCS basic tests amjiang parents: diff changeset	120	}

author	ascarpino
	Thu, 21 Jul 2016 10:33:56 -0700
changeset 41580	cc479488428c
parent 33873	32ba74411aba
permissions	-rw-r--r--