|
1 /* |
|
2 * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 */ |
|
23 |
|
24 import jdk.testlibrary.OutputAnalyzer; |
|
25 |
|
26 /** |
|
27 * Base class. |
|
28 */ |
|
29 public abstract class Test { |
|
30 |
|
31 static final String TEST_SOURCES = System.getProperty("test.src", "."); |
|
32 static final String TEST_CLASSES = System.getProperty("test.classes"); |
|
33 static final String FS = System.getProperty("file.separator"); |
|
34 static final String JAVA_HOME = System.getProperty("java.home"); |
|
35 static final String KEYTOOL = JAVA_HOME + FS + "bin" + FS + "keytool"; |
|
36 static final String JARSIGNER = JAVA_HOME + FS + "bin" + FS + "jarsigner"; |
|
37 static final String UNSIGNED_JARFILE = "unsigned.jar"; |
|
38 static final String SIGNED_JARFILE = "signed.jar"; |
|
39 static final String UPDATED_SIGNED_JARFILE = "updated_signed.jar"; |
|
40 static final String FIRST_FILE = "first.txt"; |
|
41 static final String SECOND_FILE = "second.txt"; |
|
42 static final String PASSWORD = "password"; |
|
43 static final String BOTH_KEYS_KEYSTORE = "both_keys.jks"; |
|
44 static final String FIRST_KEY_KEYSTORE = "first_key.jks"; |
|
45 static final String KEYSTORE = "keystore.jks"; |
|
46 static final String FIRST_KEY_ALIAS = "first"; |
|
47 static final String SECOND_KEY_ALIAS = "second"; |
|
48 static final String KEY_ALG = "RSA"; |
|
49 static final String KEY_ALIAS = "alias"; |
|
50 static final String CERT_REQUEST_FILENAME = "test.req"; |
|
51 static final String CERT_FILENAME = "test.crt"; |
|
52 static final String CA_KEY_ALIAS = "ca"; |
|
53 static final int KEY_SIZE = 2048; |
|
54 static final int TIMEOUT = 6 * 60 * 1000; // in millis |
|
55 static final int VALIDITY = 365; |
|
56 |
|
57 static final String WARNING = "Warning:"; |
|
58 |
|
59 static final String CHAIN_NOT_VALIDATED_VERIFYING_WARNING |
|
60 = "This jar contains entries " |
|
61 + "whose certificate chain is not validated."; |
|
62 |
|
63 static final String ALIAS_NOT_IN_STORE_VERIFYING_WARNING |
|
64 = "This jar contains signed entries " |
|
65 + "that are not signed by alias in this keystore."; |
|
66 |
|
67 static final String BAD_EXTENDED_KEY_USAGE_SIGNING_WARNING |
|
68 = "The signer certificate's ExtendedKeyUsage extension " |
|
69 + "doesn't allow code signing."; |
|
70 |
|
71 static final String BAD_EXTENDED_KEY_USAGE_VERIFYING_WARNING |
|
72 = "This jar contains entries whose signer certificate's " |
|
73 + "ExtendedKeyUsage extension doesn't allow code signing."; |
|
74 |
|
75 static final String BAD_KEY_USAGE_SIGNING_WARNING |
|
76 = "The signer certificate's KeyUsage extension " |
|
77 + "doesn't allow code signing."; |
|
78 |
|
79 static final String BAD_KEY_USAGE_VERIFYING_WARNING |
|
80 = "This jar contains entries whose signer certificate's KeyUsage " |
|
81 + "extension doesn't allow code signing."; |
|
82 |
|
83 static final String BAD_NETSCAPE_CERT_TYPE_SIGNING_WARNING |
|
84 = "The signer certificate's NetscapeCertType extension " |
|
85 + "doesn't allow code signing."; |
|
86 |
|
87 static final String BAD_NETSCAPE_CERT_TYPE_VERIFYING_WARNING |
|
88 = "This jar contains entries " |
|
89 + "whose signer certificate's NetscapeCertType extension " |
|
90 + "doesn't allow code signing."; |
|
91 |
|
92 static final String CHAIN_NOT_VALIDATED_SIGNING_WARNING |
|
93 = "The signer's certificate chain is not validated."; |
|
94 |
|
95 static final String HAS_EXPIRING_CERT_SIGNING_WARNING |
|
96 = "The signer certificate will expire within six months."; |
|
97 |
|
98 static final String HAS_EXPIRING_CERT_VERIFYING_WARNING |
|
99 = "This jar contains entries " |
|
100 + "whose signer certificate will expire within six months."; |
|
101 |
|
102 static final String HAS_EXPIRED_CERT_SIGNING_WARNING |
|
103 = "The signer certificate has expired."; |
|
104 |
|
105 static final String HAS_EXPIRED_CERT_VERIFYING_WARNING |
|
106 = "This jar contains entries whose signer certificate has expired."; |
|
107 |
|
108 static final String HAS_UNSIGNED_ENTRY_VERIFYING_WARNING |
|
109 = "This jar contains unsigned entries " |
|
110 + "which have not been integrity-checked."; |
|
111 |
|
112 static final String NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING |
|
113 = "This jar contains signed entries " |
|
114 + "which are not signed by the specified alias(es)."; |
|
115 |
|
116 static final String NO_TIMESTAMP_SIGNING_WARN_TEMPLATE |
|
117 = "No -tsa or -tsacert is provided " |
|
118 + "and this jar is not timestamped. " |
|
119 + "Without a timestamp, users may not be able to validate this jar " |
|
120 + "after the signer certificate's expiration date " |
|
121 + "(%1$tY-%1$tm-%1$td) or after any future revocation date."; |
|
122 |
|
123 static final String NO_TIMESTAMP_VERIFYING_WARN_TEMPLATE |
|
124 = "This jar contains signatures that does not include a timestamp. " |
|
125 + "Without a timestamp, users may not be able to validate this jar " |
|
126 + "after the signer certificate's expiration date " |
|
127 + "(%1$tY-%1$tm-%1$td) or after any future revocation date."; |
|
128 |
|
129 static final String NOT_YET_VALID_CERT_SIGNING_WARNING |
|
130 = "The signer certificate is not yet valid."; |
|
131 |
|
132 static final String NOT_YET_VALID_CERT_VERIFYING_WARNING |
|
133 = "This jar contains entries " |
|
134 + "whose signer certificate is not yet valid."; |
|
135 |
|
136 static final String JAR_SIGNED = "jar signed."; |
|
137 |
|
138 static final String JAR_VERIFIED = "jar verified."; |
|
139 |
|
140 static final String JAR_VERIFIED_WITH_SIGNER_ERRORS |
|
141 = "jar verified, with signer errors."; |
|
142 |
|
143 static final int CHAIN_NOT_VALIDATED_EXIT_CODE = 4; |
|
144 static final int HAS_EXPIRED_CERT_EXIT_CODE = 4; |
|
145 static final int BAD_KEY_USAGE_EXIT_CODE = 8; |
|
146 static final int BAD_EXTENDED_KEY_USAGE_EXIT_CODE = 8; |
|
147 static final int BAD_NETSCAPE_CERT_TYPE_EXIT_CODE = 8; |
|
148 static final int HAS_UNSIGNED_ENTRY_EXIT_CODE = 16; |
|
149 static final int ALIAS_NOT_IN_STORE_EXIT_CODE = 32; |
|
150 static final int NOT_SIGNED_BY_ALIAS_EXIT_CODE = 32; |
|
151 |
|
152 protected void checkVerifying(OutputAnalyzer analyzer, int expectedExitCode, |
|
153 String... warnings) { |
|
154 analyzer.shouldHaveExitValue(expectedExitCode); |
|
155 for (String warning : warnings) { |
|
156 analyzer.shouldContain(warning); |
|
157 } |
|
158 if (warnings.length > 0) { |
|
159 analyzer.shouldContain(WARNING); |
|
160 } |
|
161 if (expectedExitCode == 0) { |
|
162 analyzer.shouldContain(JAR_VERIFIED); |
|
163 } else { |
|
164 analyzer.shouldContain(JAR_VERIFIED_WITH_SIGNER_ERRORS); |
|
165 } |
|
166 } |
|
167 |
|
168 protected void checkSigning(OutputAnalyzer analyzer, String... warnings) { |
|
169 analyzer.shouldHaveExitValue(0); |
|
170 for (String warning : warnings) { |
|
171 analyzer.shouldContain(warning); |
|
172 } |
|
173 if (warnings.length > 0) { |
|
174 analyzer.shouldContain(WARNING); |
|
175 } |
|
176 analyzer.shouldContain(JAR_SIGNED); |
|
177 } |
|
178 } |