7004035: signed jar with only META-INF/* inside is not verifiable
Reviewed-by: mullan
--- a/jdk/src/share/classes/sun/security/tools/JarSigner.java Sun Dec 05 16:08:01 2010 -0800
+++ b/jdk/src/share/classes/sun/security/tools/JarSigner.java Mon Dec 06 10:46:18 2010 +0800
@@ -723,7 +723,7 @@
if (signatureRelated(name)) {
// Entries inside META-INF and other unsigned
// entries are grouped separately.
- label = "-" + label.substring(1);
+ label = "-" + label;
}
// The label finally contains 2 parts separated by '|':
@@ -752,7 +752,7 @@
List<String> files = s.getValue();
String key = s.getKey();
if (key.charAt(0) == '-') { // the signature-related group
- key = ' ' + key.substring(1);
+ key = key.substring(1);
}
int pipe = key.indexOf('|');
if (verbose.equals("all")) {
--- a/jdk/src/share/classes/sun/security/util/ManifestEntryVerifier.java Sun Dec 05 16:08:01 2010 -0800
+++ b/jdk/src/share/classes/sun/security/util/ManifestEntryVerifier.java Mon Dec 06 10:46:18 2010 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -185,7 +185,10 @@
Hashtable<String, CodeSigner[]> sigFileSigners)
throws JarException
{
- if (skip) return null;
+ // MANIFEST.MF should not be skipped. It has signers.
+ if (skip && !entry.getName().equals(JarFile.MANIFEST_NAME)) {
+ return null;
+ }
if (signers != null)
return signers;
--- a/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java Sun Dec 05 16:08:01 2010 -0800
+++ b/jdk/src/share/classes/sun/security/util/SignatureFileVerifier.java Mon Dec 06 10:46:18 2010 +0800
@@ -265,6 +265,9 @@
debug.println("processSignature unsigned name = "+name);
}
}
+
+ // MANIFEST.MF is always regarded as signed
+ updateSigners(newSigners, signers, JarFile.MANIFEST_NAME);
}
/**
--- a/jdk/test/sun/security/tools/jarsigner/JarSigningNonAscii.java Sun Dec 05 16:08:01 2010 -0800
+++ b/jdk/test/sun/security/tools/jarsigner/JarSigningNonAscii.java Mon Dec 06 10:46:18 2010 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -113,7 +113,7 @@
}
}
- if (isSignedCount != 3) {
+ if (isSignedCount != 4) {
throw new SecurityException("error signing JAR file");
}
--- a/jdk/test/sun/security/tools/jarsigner/concise_jarsigner.sh Sun Dec 05 16:08:01 2010 -0800
+++ b/jdk/test/sun/security/tools/jarsigner/concise_jarsigner.sh Mon Dec 06 10:46:18 2010 +0800
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
@@ -103,27 +103,31 @@
LINES=`$JARSIGNER -verify a.jar -verbose:grouped | grep $YEAR | wc -l`
[ $LINES = 12 ] || exit $LINENO
-# 3 groups: unrelated, signed, unsigned
+# 4 groups: MANIFST, unrelated, signed, unsigned
LINES=`$JARSIGNER -verify a.jar -verbose:summary | grep $YEAR | wc -l`
-[ $LINES = 3 ] || exit $LINENO
-
-# 4 groups: unrelated, signed by a1/a2, signed by a2, unsigned
-LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep $YEAR | wc -l`
[ $LINES = 4 ] || exit $LINENO
-# 2*2 for A1/A2, 2 for A3/A4
-LINES=`$JARSIGNER -verify a.jar -verbose -certs | grep "\[certificate" | wc -l`
-[ $LINES = 6 ] || exit $LINENO
-
-# a1,a2 for A1/A2, a2 for A3/A4
-LINES=`$JARSIGNER -verify a.jar -verbose:grouped -certs | grep "\[certificate" | wc -l`
+# still 4 groups, but MANIFEST group has no other file
+LINES=`$JARSIGNER -verify a.jar -verbose:summary | grep "more)" | wc -l`
[ $LINES = 3 ] || exit $LINENO
-# a1,a2 for A1/A2, a2 for A3/A4
+# 5 groups: MANIFEST, unrelated, signed by a1/a2, signed by a2, unsigned
+LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep $YEAR | wc -l`
+[ $LINES = 5 ] || exit $LINENO
+
+# 2 for MANIFEST, 2*2 for A1/A2, 2 for A3/A4
+LINES=`$JARSIGNER -verify a.jar -verbose -certs | grep "\[certificate" | wc -l`
+[ $LINES = 8 ] || exit $LINENO
+
+# a1,a2 for MANIFEST, a1,a2 for A1/A2, a2 for A3/A4
+LINES=`$JARSIGNER -verify a.jar -verbose:grouped -certs | grep "\[certificate" | wc -l`
+[ $LINES = 5 ] || exit $LINENO
+
+# a1,a2 for MANIFEST, a1,a2 for A1/A2, a2 for A3/A4
LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep "\[certificate" | wc -l`
-[ $LINES = 3 ] || exit $LINENO
+[ $LINES = 5 ] || exit $LINENO
-# 4 groups
+# still 5 groups, but MANIFEST group has no other file
LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep "more)" | wc -l`
[ $LINES = 4 ] || exit $LINENO
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/tools/jarsigner/onlymanifest.sh Mon Dec 06 10:46:18 2010 +0800
@@ -0,0 +1,68 @@
+#
+# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 7004035
+# @summary signed jar with only META-INF/* inside is not verifiable
+#
+
+if [ "${TESTJAVA}" = "" ] ; then
+ JAVAC_CMD=`which javac`
+ TESTJAVA=`dirname $JAVAC_CMD`/..
+fi
+
+# set platform-dependent variables
+OS=`uname -s`
+case "$OS" in
+ Windows_* )
+ FS="\\"
+ ;;
+ * )
+ FS="/"
+ ;;
+esac
+
+KS=onlymanifest.jks
+JFILE=onlymanifest.jar
+
+KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit \
+ -keystore $KS"
+JAR=$TESTJAVA${FS}bin${FS}jar
+JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner
+
+rm $KS $JFILE 2> /dev/null
+
+# Create an empty jar file with only MANIFEST.MF
+
+echo "Key: Value" > manifest
+$JAR cvfm $JFILE manifest
+
+$KT -alias a -dname CN=a -genkey -validity 300 || exit 1
+$JARSIGNER -keystore $KS -storepass changeit $JFILE a -debug -strict || exit 2
+$JARSIGNER -keystore $KS -storepass changeit -verify $JFILE a -debug -strict \
+ > onlymanifest.out || exit 3
+
+grep unsigned onlymanifest.out && exit 4
+
+exit 0
+