1 /*
2 * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 import jdk.testlibrary.OutputAnalyzer;
25 import jdk.testlibrary.JarUtils;
26
27 /**
28 * @test
29 * @bug 8024302 8026037
30 * @summary Test for notYetValidCert warning
31 * @library /lib/testlibrary ../
32 * @run main NotYetValidCertTest
33 */
34 public class NotYetValidCertTest extends Test {
35
36 /**
37 * The test signs and verifies a jar that contains entries
38 * whose signer certificate is not yet valid (notYetValidCert).
39 * Warning message is expected.
40 */
41 public static void main(String[] args) throws Throwable {
42 NotYetValidCertTest test = new NotYetValidCertTest();
43 test.start();
44 }
45
46 protected void start() throws Throwable {
47 // create a jar file that contains one class file
48 Utils.createFiles(FIRST_FILE);
49 JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
50
51 // create certificate that will be valid only tomorrow
52 keytool(
53 "-genkey",
54 "-alias", KEY_ALIAS,
55 "-keyalg", KEY_ALG,
56 "-keysize", Integer.toString(KEY_SIZE),
57 "-keystore", KEYSTORE,
58 "-storepass", PASSWORD,
59 "-keypass", PASSWORD,
60 "-dname", "CN=Test",
61 "-startdate", "+1d",
62 "-validity", Integer.toString(VALIDITY));
63
64 // sign jar
65 OutputAnalyzer analyzer = jarsigner(
66 "-keystore", KEYSTORE,
67 "-storepass", PASSWORD,
68 "-keypass", PASSWORD,
69 "-signedjar", SIGNED_JARFILE,
70 UNSIGNED_JARFILE,
71 KEY_ALIAS);
72
73 checkSigning(analyzer, NOT_YET_VALID_CERT_SIGNING_WARNING);
74
75 // verify signed jar
76 analyzer = jarsigner(
77 "-verify",
78 "-verbose",
79 "-keystore", KEYSTORE,
80 "-storepass", PASSWORD,
81 "-keypass", PASSWORD,
82 SIGNED_JARFILE,
83 KEY_ALIAS);
84
85 checkVerifying(analyzer, 0, NOT_YET_VALID_CERT_VERIFYING_WARNING);
86
87 // verify jar in strict mode
88 analyzer = jarsigner(
89 "-verify",
90 "-verbose",
91 "-strict",
92 "-keystore", KEYSTORE,
93 "-storepass", PASSWORD,
94 "-keypass", PASSWORD,
95 SIGNED_JARFILE,
96 KEY_ALIAS);
97
98 checkVerifying(analyzer, HAS_EXPIRED_CERT_EXIT_CODE,
99 NOT_YET_VALID_CERT_VERIFYING_WARNING);
100
101 System.out.println("Test passed");
102 }
103
104 }