forked from openjdk/jdk17u-dev
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Backport fc918a73d0dcc28146e60f15e978209424a32576
- Loading branch information
Showing
4 changed files
with
203 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
190 changes: 190 additions & 0 deletions
190
test/jdk/sun/security/tools/jarsigner/AutoKeyStore.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,190 @@ | ||
| /* | ||
| * Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved. | ||
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | ||
| * | ||
| * This code is free software; you can redistribute it and/or modify it | ||
| * under the terms of the GNU General Public License version 2 only, as | ||
| * published by the Free Software Foundation. | ||
| * | ||
| * This code is distributed in the hope that it will be useful, but WITHOUT | ||
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | ||
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | ||
| * version 2 for more details (a copy is included in the LICENSE file that | ||
| * accompanied this code). | ||
| * | ||
| * You should have received a copy of the GNU General Public License version | ||
| * 2 along with this work; if not, write to the Free Software Foundation, | ||
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | ||
| * | ||
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA | ||
| * or visit www.oracle.com if you need additional information or have any | ||
| * questions. | ||
| */ | ||
|
|
||
| /* | ||
| * @test | ||
| * @bug 8281234 | ||
| * @summary The -protected option is not always checked in keytool and jarsigner | ||
| * @library /test/lib | ||
| * @modules java.base/sun.security.tools.keytool | ||
| * java.base/sun.security.x509 | ||
| */ | ||
|
|
||
| import jdk.test.lib.Asserts; | ||
| import jdk.test.lib.SecurityTools; | ||
| import jdk.test.lib.util.JarUtils; | ||
| import sun.security.tools.keytool.CertAndKeyGen; | ||
| import sun.security.x509.X500Name; | ||
|
|
||
| import java.io.IOException; | ||
| import java.io.InputStream; | ||
| import java.io.OutputStream; | ||
| import java.nio.file.Files; | ||
| import java.nio.file.Path; | ||
| import java.security.*; | ||
| import java.security.cert.Certificate; | ||
| import java.security.cert.X509Certificate; | ||
| import java.util.Collections; | ||
| import java.util.Date; | ||
| import java.util.Enumeration; | ||
| import java.util.List; | ||
| import java.util.jar.JarFile; | ||
|
|
||
| public class AutoKeyStore { | ||
|
|
||
| public static void main(String[] args) throws Exception { | ||
|
|
||
| JarUtils.createJarFile(Path.of("unsigned.jar"), Path.of("."), | ||
| Files.writeString(Path.of("file"), "hello")); | ||
|
|
||
| SecurityTools.keytool(""" | ||
| -J--add-exports -Jjava.base/sun.security.tools.keytool=ALL-UNNAMED | ||
| -J--add-exports -Jjava.base/sun.security.x509=ALL-UNNAMED | ||
| -providerClass AutoKeyStore$AutoProvider | ||
| -providerPath $test.classes | ||
| -storetype AUTO -keystore NONE -protected | ||
| -list | ||
| """).shouldHaveExitValue(0) | ||
| .shouldContain("Keystore type: AUTO") | ||
| .shouldContain("Keystore provider: AUTO") | ||
| .shouldContain("PrivateKeyEntry"); | ||
|
|
||
| SecurityTools.jarsigner(""" | ||
| -J--add-exports -Jjava.base/sun.security.tools.keytool=ALL-UNNAMED | ||
| -J--add-exports -Jjava.base/sun.security.x509=ALL-UNNAMED | ||
| -J-cp -J$test.classes | ||
| -providerClass AutoKeyStore$AutoProvider | ||
| -storetype AUTO -keystore NONE -protected | ||
| -signedJar signed.jar | ||
| unsigned.jar | ||
| one | ||
| """).shouldHaveExitValue(0) | ||
| .shouldContain("jar signed."); | ||
|
|
||
| Asserts.assertTrue(new JarFile("signed.jar") | ||
| .getEntry("META-INF/ONE.EC") != null); | ||
| } | ||
|
|
||
| public static class AutoProvider extends Provider { | ||
| public AutoProvider() { | ||
| super("AUTO", "1.1.1", "auto"); | ||
| put("KeyStore.AUTO", "AutoKeyStore$KeyStoreImpl"); | ||
| } | ||
| } | ||
|
|
||
| // This keystore is not based on file. Whenever it's loaded | ||
| // a self-sign certificate is generated inside | ||
| public static class KeyStoreImpl extends KeyStoreSpi { | ||
|
|
||
| private PrivateKey pri; | ||
| private PublicKey pub; | ||
| private X509Certificate cert; | ||
|
|
||
| @Override | ||
| public Key engineGetKey(String alias, char[] password) { | ||
| return pri; | ||
| } | ||
|
|
||
| @Override | ||
| public Certificate[] engineGetCertificateChain(String alias) { | ||
| return new Certificate[] { cert }; | ||
| } | ||
|
|
||
| @Override | ||
| public Certificate engineGetCertificate(String alias) { | ||
| return cert; | ||
| } | ||
|
|
||
| @Override | ||
| public Date engineGetCreationDate(String alias) { | ||
| return new Date(); | ||
| } | ||
|
|
||
| @Override | ||
| public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain) throws KeyStoreException { | ||
| throw new KeyStoreException("Not supported"); | ||
| } | ||
|
|
||
| @Override | ||
| public void engineSetKeyEntry(String alias, byte[] key, Certificate[] chain) throws KeyStoreException { | ||
| throw new KeyStoreException("Not supported"); | ||
| } | ||
|
|
||
| @Override | ||
| public void engineSetCertificateEntry(String alias, Certificate cert) throws KeyStoreException { | ||
| throw new KeyStoreException("Not supported"); | ||
| } | ||
|
|
||
| @Override | ||
| public void engineDeleteEntry(String alias) throws KeyStoreException { | ||
| throw new KeyStoreException("Not supported"); | ||
| } | ||
|
|
||
| @Override | ||
| public Enumeration<String> engineAliases() { | ||
| return Collections.enumeration(List.of("one")); | ||
| } | ||
|
|
||
| @Override | ||
| public boolean engineContainsAlias(String alias) { | ||
| return alias.equalsIgnoreCase("one"); | ||
| } | ||
|
|
||
| @Override | ||
| public int engineSize() { | ||
| return 1; | ||
| } | ||
|
|
||
| @Override | ||
| public boolean engineIsKeyEntry(String alias) { | ||
| return true; | ||
| } | ||
|
|
||
| @Override | ||
| public boolean engineIsCertificateEntry(String alias) { | ||
| return false; | ||
| } | ||
|
|
||
| @Override | ||
| public String engineGetCertificateAlias(Certificate cert) { | ||
| return "one"; | ||
| } | ||
|
|
||
| @Override | ||
| public void engineStore(OutputStream stream, char[] password) { | ||
| } | ||
|
|
||
| @Override | ||
| public void engineLoad(InputStream stream, char[] password) throws IOException { | ||
| try { | ||
| CertAndKeyGen cag = new CertAndKeyGen("EC", "SHA256withECDSA"); | ||
| cag.generate("secp256r1"); | ||
| pri = cag.getPrivateKey(); | ||
| pub = cag.getPublicKey(); | ||
| cert = cag.getSelfCertificate(new X500Name("CN=one"), 3600); | ||
| } catch (Exception e) { | ||
| throw new IOException("Not loaded"); | ||
| } | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters