NotSignedByAliasTest.java revision 11312:5c61ccd9c162 
1/*
2 * Copyright (c) 2013, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24import jdk.testlibrary.OutputAnalyzer;
25import jdk.testlibrary.ProcessTools;
26import jdk.testlibrary.JarUtils;
27
28/**
29 * @test
30 * @bug 8024302 8026037
31 * @summary Test for notSignedByAlias warning
32 * @library /lib/testlibrary ../
33 * @run main NotSignedByAliasTest
34 */
35public class NotSignedByAliasTest extends Test {
36
37    /**
38     * The test signs and verifies a jar that contains signed entries
39     * which are not signed by the specified alias(es) (notSignedByAlias).
40     * Warning message is expected.
41     */
42    public static void main(String[] args) throws Throwable {
43        NotSignedByAliasTest test = new NotSignedByAliasTest();
44        test.start();
45    }
46
47    protected void start() throws Throwable {
48        // create a jar file that contains one class file
49        Utils.createFiles(FIRST_FILE);
50        JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
51
52        // create first key pair for signing
53        ProcessTools.executeCommand(KEYTOOL,
54                "-genkey",
55                "-alias", FIRST_KEY_ALIAS,
56                "-keyalg", KEY_ALG,
57                "-keysize", Integer.toString(KEY_SIZE),
58                "-keystore", KEYSTORE,
59                "-storepass", PASSWORD,
60                "-keypass", PASSWORD,
61                "-dname", "CN=First",
62                "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
63
64        // create first key pair for signing
65        ProcessTools.executeCommand(KEYTOOL,
66                "-genkey",
67                "-alias", SECOND_KEY_ALIAS,
68                "-keyalg", KEY_ALG,
69                "-keysize", Integer.toString(KEY_SIZE),
70                "-keystore", KEYSTORE,
71                "-storepass", PASSWORD,
72                "-keypass", PASSWORD,
73                "-dname", "CN=Second",
74                "-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
75
76        // sign jar with first key
77        OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
78                "-keystore", KEYSTORE,
79                "-storepass", PASSWORD,
80                "-keypass", PASSWORD,
81                "-signedjar", SIGNED_JARFILE,
82                UNSIGNED_JARFILE,
83                FIRST_KEY_ALIAS);
84
85        checkSigning(analyzer);
86
87        // verify jar with second key
88        analyzer = ProcessTools.executeCommand(JARSIGNER,
89                "-verify",
90                "-keystore", KEYSTORE,
91                "-storepass", PASSWORD,
92                "-keypass", PASSWORD,
93                SIGNED_JARFILE,
94                SECOND_KEY_ALIAS);
95
96        checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
97
98        // verify jar with second key in strict mode
99        analyzer = ProcessTools.executeCommand(JARSIGNER,
100                "-verify",
101                "-strict",
102                "-keystore", KEYSTORE,
103                "-storepass", PASSWORD,
104                "-keypass", PASSWORD,
105                SIGNED_JARFILE,
106                SECOND_KEY_ALIAS);
107
108        checkVerifying(analyzer, NOT_SIGNED_BY_ALIAS_EXIT_CODE,
109                NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
110
111        // verify jar with non-existing alias
112        analyzer = ProcessTools.executeCommand(JARSIGNER,
113                "-verify",
114                "-keystore", KEYSTORE,
115                "-storepass", PASSWORD,
116                "-keypass", PASSWORD,
117                SIGNED_JARFILE,
118                "bogus");
119
120        checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
121
122        // verify jar with non-existing alias in strict mode
123        analyzer = ProcessTools.executeCommand(JARSIGNER,
124                "-verify",
125                "-strict",
126                "-keystore", KEYSTORE,
127                "-storepass", PASSWORD,
128                "-keypass", PASSWORD,
129                SIGNED_JARFILE,
130                "bogus");
131
132        checkVerifying(analyzer, NOT_SIGNED_BY_ALIAS_EXIT_CODE,
133                NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
134
135        System.out.println("Test passed");
136    }
137
138}
139