Old jdk/test/sun/security/tools/jarsigner/warnings/NotSignedByAliasTest.java

   1 /*
   2  * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 import jdk.testlibrary.OutputAnalyzer;
  25 import jdk.testlibrary.JarUtils;
  26 
  27 /**
  28  * @test
  29  * @bug 8024302 8026037
  30  * @summary Test for notSignedByAlias warning
  31  * @library /lib/testlibrary ../
  32  * @run main NotSignedByAliasTest
  33  */
  34 public class NotSignedByAliasTest extends Test {
  35 
  36     /**
  37      * The test signs and verifies a jar that contains signed entries
  38      * which are not signed by the specified alias(es) (notSignedByAlias).
  39      * Warning message is expected.
  40      */
  41     public static void main(String[] args) throws Throwable {
  42         NotSignedByAliasTest test = new NotSignedByAliasTest();
  43         test.start();
  44     }
  45 
  46     protected void start() throws Throwable {
  47         // create a jar file that contains one class file
  48         Utils.createFiles(FIRST_FILE);
  49         JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
  50 
  51         // create first key pair for signing
  52         keytool(
  53                 "-genkey",
  54                 "-alias", FIRST_KEY_ALIAS,
  55                 "-keyalg", KEY_ALG,
  56                 "-keysize", Integer.toString(KEY_SIZE),
  57                 "-keystore", KEYSTORE,
  58                 "-storepass", PASSWORD,
  59                 "-keypass", PASSWORD,
  60                 "-dname", "CN=First",
  61                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
  62 
  63         // create first key pair for signing
  64         keytool(
  65                 "-genkey",
  66                 "-alias", SECOND_KEY_ALIAS,
  67                 "-keyalg", KEY_ALG,
  68                 "-keysize", Integer.toString(KEY_SIZE),
  69                 "-keystore", KEYSTORE,
  70                 "-storepass", PASSWORD,
  71                 "-keypass", PASSWORD,
  72                 "-dname", "CN=Second",
  73                 "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
  74 
  75         // sign jar with first key
  76         OutputAnalyzer analyzer = jarsigner(
  77                 "-keystore", KEYSTORE,
  78                 "-storepass", PASSWORD,
  79                 "-keypass", PASSWORD,
  80                 "-signedjar", SIGNED_JARFILE,
  81                 UNSIGNED_JARFILE,
  82                 FIRST_KEY_ALIAS);
  83 
  84         checkSigning(analyzer);
  85 
  86         // verify jar with second key
  87         analyzer = jarsigner(
  88                 "-verify",
  89                 "-keystore", KEYSTORE,
  90                 "-storepass", PASSWORD,
  91                 "-keypass", PASSWORD,
  92                 SIGNED_JARFILE,
  93                 SECOND_KEY_ALIAS);
  94 
  95         checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
  96 
  97         // verify jar with second key in strict mode
  98         analyzer = jarsigner(
  99                 "-verify",
 100                 "-strict",
 101                 "-keystore", KEYSTORE,
 102                 "-storepass", PASSWORD,
 103                 "-keypass", PASSWORD,
 104                 SIGNED_JARFILE,
 105                 SECOND_KEY_ALIAS);
 106 
 107         checkVerifying(analyzer, NOT_SIGNED_BY_ALIAS_EXIT_CODE,
 108                 NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 109 
 110         // verify jar with non-existing alias
 111         analyzer = jarsigner(
 112                 "-verify",
 113                 "-keystore", KEYSTORE,
 114                 "-storepass", PASSWORD,
 115                 "-keypass", PASSWORD,
 116                 SIGNED_JARFILE,
 117                 "bogus");
 118 
 119         checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 120 
 121         // verify jar with non-existing alias in strict mode
 122         analyzer = jarsigner(
 123                 "-verify",
 124                 "-strict",
 125                 "-keystore", KEYSTORE,
 126                 "-storepass", PASSWORD,
 127                 "-keypass", PASSWORD,
 128                 SIGNED_JARFILE,
 129                 "bogus");
 130 
 131         checkVerifying(analyzer, NOT_SIGNED_BY_ALIAS_EXIT_CODE,
 132                 NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
 133 
 134         System.out.println("Test passed");
 135     }
 136 
 137 }