Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
test/jdk/sun/security/tools/jarsigner/weaksize.sh
branchJDK-8200758-branch
changeset 57325 e678ef92ef0b
parent 57324 c1d3935fbb79
parent 54527 96d290a7e94f
child 57326 603101a378fe
equal deleted inserted replaced
57324:c1d3935fbb79 57325:e678ef92ef0b 
     1 #
 
       
     2 # Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved.
 
       
     3 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 
       
     4 #
 
       
     5 # This code is free software; you can redistribute it and/or modify it
 
       
     6 # under the terms of the GNU General Public License version 2 only, as
 
       
     7 # published by the Free Software Foundation.
 
       
     8 #
 
       
     9 # This code is distributed in the hope that it will be useful, but WITHOUT
 
       
    10 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 
       
    11 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 
       
    12 # version 2 for more details (a copy is included in the LICENSE file that
 
       
    13 # accompanied this code).
 
       
    14 #
 
       
    15 # You should have received a copy of the GNU General Public License version
 
       
    16 # 2 along with this work; if not, write to the Free Software Foundation,
 
       
    17 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 
       
    18 #
 
       
    19 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 
       
    20 # or visit www.oracle.com if you need additional information or have any
 
       
    21 # questions.
 
       
    22 #
 
       
    23 
       
    24 # @test
 
       
    25 # @bug 8044755
 
       
    26 # @summary Add a test for algorithm constraints check in jarsigner
 
       
    27 #
 
       
    28 
       
    29 if [ "${TESTJAVA}" = "" ] ; then
 
       
    30   JAVAC_CMD=`which javac`
 
       
    31   TESTJAVA=`dirname $JAVAC_CMD`/..
 
       
    32 fi
 
       
    33 
       
    34 TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
 
       
    35 
       
    36 # The sigalg used is MD2withRSA, which is obsolete.
 
       
    37 
       
    38 KT="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks
 
       
    39     -storepass changeit -keypass changeit
 
       
    40     -keyalg rsa -sigalg MD2withRSA -debug"
 
       
    41 JS="$TESTJAVA/bin/jarsigner ${TESTTOOLVMOPTS} -keystore ks
 
       
    42     -storepass changeit -strict -debug"
 
       
    43 JAR="$TESTJAVA/bin/jar ${TESTTOOLVMOPTS}"
 
       
    44 
       
    45 rm ks 2> /dev/null
 
       
    46 
       
    47 $KT -genkeypair -alias ca -dname CN=CA -ext bc
 
       
    48 $KT -genkeypair -alias signer -dname CN=Signer
 
       
    49 
       
    50 $KT -certreq -alias signer | \
 
       
    51         $KT -gencert -alias ca -ext ku=dS -rfc | \
 
       
    52         $KT -importcert -alias signer
 
       
    53 
       
    54 $JAR cvf a.jar ks
 
       
    55 
       
    56 # We always trust a TrustedCertificateEntry
 
       
    57 $JS a.jar ca | grep "chain is invalid" && exit 1
 
       
    58 
       
    59 # An end-entity cert must follow algorithm constraints
 
       
    60 $JS a.jar signer | grep "chain is invalid" || exit 2
 
       
    61 
       
    62 exit 0
jdk-sandbox