48 // create a jar file that contains one class file |
47 // create a jar file that contains one class file |
49 Utils.createFiles(FIRST_FILE); |
48 Utils.createFiles(FIRST_FILE); |
50 JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE); |
49 JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE); |
51 |
50 |
52 // create first key pair for signing |
51 // create first key pair for signing |
53 ProcessTools.executeCommand(KEYTOOL, |
52 keytool( |
54 "-genkey", |
53 "-genkey", |
55 "-alias", FIRST_KEY_ALIAS, |
54 "-alias", FIRST_KEY_ALIAS, |
56 "-keyalg", KEY_ALG, |
55 "-keyalg", KEY_ALG, |
57 "-keysize", Integer.toString(KEY_SIZE), |
56 "-keysize", Integer.toString(KEY_SIZE), |
58 "-keystore", KEYSTORE, |
57 "-keystore", KEYSTORE, |
60 "-keypass", PASSWORD, |
59 "-keypass", PASSWORD, |
61 "-dname", "CN=First", |
60 "-dname", "CN=First", |
62 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0); |
61 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0); |
63 |
62 |
64 // create first key pair for signing |
63 // create first key pair for signing |
65 ProcessTools.executeCommand(KEYTOOL, |
64 keytool( |
66 "-genkey", |
65 "-genkey", |
67 "-alias", SECOND_KEY_ALIAS, |
66 "-alias", SECOND_KEY_ALIAS, |
68 "-keyalg", KEY_ALG, |
67 "-keyalg", KEY_ALG, |
69 "-keysize", Integer.toString(KEY_SIZE), |
68 "-keysize", Integer.toString(KEY_SIZE), |
70 "-keystore", KEYSTORE, |
69 "-keystore", KEYSTORE, |
72 "-keypass", PASSWORD, |
71 "-keypass", PASSWORD, |
73 "-dname", "CN=Second", |
72 "-dname", "CN=Second", |
74 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0); |
73 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0); |
75 |
74 |
76 // sign jar with first key |
75 // sign jar with first key |
77 OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER, |
76 OutputAnalyzer analyzer = jarsigner( |
78 "-keystore", KEYSTORE, |
77 "-keystore", KEYSTORE, |
79 "-storepass", PASSWORD, |
78 "-storepass", PASSWORD, |
80 "-keypass", PASSWORD, |
79 "-keypass", PASSWORD, |
81 "-signedjar", SIGNED_JARFILE, |
80 "-signedjar", SIGNED_JARFILE, |
82 UNSIGNED_JARFILE, |
81 UNSIGNED_JARFILE, |
83 FIRST_KEY_ALIAS); |
82 FIRST_KEY_ALIAS); |
84 |
83 |
85 checkSigning(analyzer); |
84 checkSigning(analyzer); |
86 |
85 |
87 // verify jar with second key |
86 // verify jar with second key |
88 analyzer = ProcessTools.executeCommand(JARSIGNER, |
87 analyzer = jarsigner( |
89 "-verify", |
88 "-verify", |
90 "-keystore", KEYSTORE, |
89 "-keystore", KEYSTORE, |
91 "-storepass", PASSWORD, |
90 "-storepass", PASSWORD, |
92 "-keypass", PASSWORD, |
91 "-keypass", PASSWORD, |
93 SIGNED_JARFILE, |
92 SIGNED_JARFILE, |
94 SECOND_KEY_ALIAS); |
93 SECOND_KEY_ALIAS); |
95 |
94 |
96 checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING); |
95 checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING); |
97 |
96 |
98 // verify jar with second key in strict mode |
97 // verify jar with second key in strict mode |
99 analyzer = ProcessTools.executeCommand(JARSIGNER, |
98 analyzer = jarsigner( |
100 "-verify", |
99 "-verify", |
101 "-strict", |
100 "-strict", |
102 "-keystore", KEYSTORE, |
101 "-keystore", KEYSTORE, |
103 "-storepass", PASSWORD, |
102 "-storepass", PASSWORD, |
104 "-keypass", PASSWORD, |
103 "-keypass", PASSWORD, |
107 |
106 |
108 checkVerifying(analyzer, NOT_SIGNED_BY_ALIAS_EXIT_CODE, |
107 checkVerifying(analyzer, NOT_SIGNED_BY_ALIAS_EXIT_CODE, |
109 NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING); |
108 NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING); |
110 |
109 |
111 // verify jar with non-existing alias |
110 // verify jar with non-existing alias |
112 analyzer = ProcessTools.executeCommand(JARSIGNER, |
111 analyzer = jarsigner( |
113 "-verify", |
112 "-verify", |
114 "-keystore", KEYSTORE, |
113 "-keystore", KEYSTORE, |
115 "-storepass", PASSWORD, |
114 "-storepass", PASSWORD, |
116 "-keypass", PASSWORD, |
115 "-keypass", PASSWORD, |
117 SIGNED_JARFILE, |
116 SIGNED_JARFILE, |
118 "bogus"); |
117 "bogus"); |
119 |
118 |
120 checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING); |
119 checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING); |
121 |
120 |
122 // verify jar with non-existing alias in strict mode |
121 // verify jar with non-existing alias in strict mode |
123 analyzer = ProcessTools.executeCommand(JARSIGNER, |
122 analyzer = jarsigner( |
124 "-verify", |
123 "-verify", |
125 "-strict", |
124 "-strict", |
126 "-keystore", KEYSTORE, |
125 "-keystore", KEYSTORE, |
127 "-storepass", PASSWORD, |
126 "-storepass", PASSWORD, |
128 "-keypass", PASSWORD, |
127 "-keypass", PASSWORD, |