|
1 /* |
|
2 * Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 */ |
|
23 |
|
24 import jdk.testlibrary.OutputAnalyzer; |
|
25 import jdk.test.lib.util.JarUtils; |
|
26 |
|
27 /** |
|
28 * @test |
|
29 * @bug 8024302 8026037 |
|
30 * @summary Test for notYetValidCert warning |
|
31 * @library /lib/testlibrary /test/lib ../ |
|
32 * @build jdk.test.lib.util.JarUtils |
|
33 * @run main NotYetValidCertTest |
|
34 */ |
|
35 public class NotYetValidCertTest extends Test { |
|
36 |
|
37 /** |
|
38 * The test signs and verifies a jar that contains entries |
|
39 * whose signer certificate is not yet valid (notYetValidCert). |
|
40 * Warning message is expected. |
|
41 */ |
|
42 public static void main(String[] args) throws Throwable { |
|
43 NotYetValidCertTest test = new NotYetValidCertTest(); |
|
44 test.start(); |
|
45 } |
|
46 |
|
47 protected void start() throws Throwable { |
|
48 // create a jar file that contains one class file |
|
49 Utils.createFiles(FIRST_FILE); |
|
50 JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE); |
|
51 |
|
52 // create certificate that will be valid only tomorrow |
|
53 keytool( |
|
54 "-genkey", |
|
55 "-alias", KEY_ALIAS, |
|
56 "-keyalg", KEY_ALG, |
|
57 "-keysize", Integer.toString(KEY_SIZE), |
|
58 "-keystore", KEYSTORE, |
|
59 "-storepass", PASSWORD, |
|
60 "-keypass", PASSWORD, |
|
61 "-dname", "CN=Test", |
|
62 "-startdate", "+1d", |
|
63 "-validity", Integer.toString(VALIDITY)); |
|
64 |
|
65 // sign jar |
|
66 OutputAnalyzer analyzer = jarsigner( |
|
67 "-keystore", KEYSTORE, |
|
68 "-storepass", PASSWORD, |
|
69 "-keypass", PASSWORD, |
|
70 "-signedjar", SIGNED_JARFILE, |
|
71 UNSIGNED_JARFILE, |
|
72 KEY_ALIAS); |
|
73 |
|
74 checkSigning(analyzer, NOT_YET_VALID_CERT_SIGNING_WARNING); |
|
75 |
|
76 // verify signed jar |
|
77 analyzer = jarsigner( |
|
78 "-verify", |
|
79 "-verbose", |
|
80 "-keystore", KEYSTORE, |
|
81 "-storepass", PASSWORD, |
|
82 "-keypass", PASSWORD, |
|
83 SIGNED_JARFILE, |
|
84 KEY_ALIAS); |
|
85 |
|
86 checkVerifying(analyzer, 0, NOT_YET_VALID_CERT_VERIFYING_WARNING); |
|
87 |
|
88 // verify jar in strict mode |
|
89 analyzer = jarsigner( |
|
90 "-verify", |
|
91 "-verbose", |
|
92 "-strict", |
|
93 "-keystore", KEYSTORE, |
|
94 "-storepass", PASSWORD, |
|
95 "-keypass", PASSWORD, |
|
96 SIGNED_JARFILE, |
|
97 KEY_ALIAS); |
|
98 |
|
99 checkVerifying(analyzer, HAS_EXPIRED_CERT_EXIT_CODE, |
|
100 NOT_YET_VALID_CERT_VERIFYING_WARNING); |
|
101 |
|
102 System.out.println("Test passed"); |
|
103 } |
|
104 |
|
105 } |