infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-04-24 22:00:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

8133910: Some sun/security/tools tests failed

Browse Source 
Reviewed-by: xuelei
This commit is contained in:
Weijun Wang 2016-08-11 13:10:54 +08:00
parent e2a0ff3e0d
commit a347e23de0
22 changed files with 110 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
jdk/test/sun/security/tools/jarsigner/TimestampCheck.java
View File

@ -311,6 +311,7 @@ public class TimestampCheck {
cmd += " " + System.getProperty("test.tool.vm.opts")
+ " -J-Djava.security.egd=file:/dev/./urandom"
+ " -J-Duser.language=en -J-Duser.country=US"
+ " -debug -keystore " + TSKS + " -storepass changeit"
+ " -tsa http://localhost:" + port + "/%d"
+ " -signedjar new_%d.jar " + JAR + " old";

40
jdk/test/sun/security/tools/jarsigner/TsacertOptionTest.java
View File

@ -22,14 +22,13 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
* @test
* @bug 8024302 8026037
* @summary The test signs and verifies a jar file with -tsacert option
* @library /lib/testlibrary
* @library /lib/testlibrary warnings
* @modules java.base/sun.security.pkcs
* java.base/sun.security.timestamp
* java.base/sun.security.util
@ -37,29 +36,14 @@ import jdk.testlibrary.JarUtils;
* java.management
* @run main TsacertOptionTest
*/
public class TsacertOptionTest {
public class TsacertOptionTest extends Test {
private static final String FS = System.getProperty("file.separator");
private static final String JAVA_HOME = System.getProperty("java.home");
private static final String KEYTOOL = JAVA_HOME + FS + "bin" + FS
+ "keytool";
private static final String JARSIGNER = JAVA_HOME + FS + "bin" + FS
+ "jarsigner";
private static final String UNSIGNED_JARFILE = "unsigned.jar";
private static final String SIGNED_JARFILE = "signed.jar";
private static final String FILENAME = TsacertOptionTest.class.getName()
+ ".txt";
private static final String PASSWORD = "changeit";
private static final String KEYSTORE = "ks.jks";
private static final String CA_KEY_ALIAS = "ca";
private static final String SIGNING_KEY_ALIAS = "sign_alias";
private static final String TSA_KEY_ALIAS = "ts";
private static final String KEY_ALG = "RSA";
private static final int KEY_SIZE = 2048;
private static final int VALIDITY = 365;
private static final String WARNING = "Warning:";
private static final String JAR_SIGNED = "jar signed.";
private static final String JAR_VERIFIED = "jar verified.";
private static final String PASSWORD = "changeit";
/**
* The test signs and verifies a jar file with -tsacert option,
@ -78,7 +62,7 @@ public class TsacertOptionTest {
JarUtils.createJar(UNSIGNED_JARFILE, FILENAME);
// create key pair for jar signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", CA_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -88,7 +72,7 @@ public class TsacertOptionTest {
"-keypass", PASSWORD,
"-dname", "CN=CA",
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", SIGNING_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -97,14 +81,14 @@ public class TsacertOptionTest {
"-storepass", PASSWORD,
"-keypass", PASSWORD,
"-dname", "CN=Test").shouldHaveExitValue(0);
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-certreq",
"-alias", SIGNING_KEY_ALIAS,
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
"-keypass", PASSWORD,
"-file", "certreq").shouldHaveExitValue(0);
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-gencert",
"-alias", CA_KEY_ALIAS,
"-keystore", KEYSTORE,
@ -113,7 +97,7 @@ public class TsacertOptionTest {
"-validity", Integer.toString(VALIDITY),
"-infile", "certreq",
"-outfile", "cert").shouldHaveExitValue(0);
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-importcert",
"-alias", SIGNING_KEY_ALIAS,
"-keystore", KEYSTORE,
@ -132,7 +116,7 @@ public class TsacertOptionTest {
// create key pair for TSA service
// SubjectInfoAccess extension contains URL to TSA service
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-v",
"-alias", TSA_KEY_ALIAS,
@ -152,7 +136,7 @@ public class TsacertOptionTest {
// sign jar file
// specify -tsadigestalg option because
// TSA server uses SHA-1 digest algorithm
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-J-Dhttp.proxyHost=",
"-J-Dhttp.proxyPort=",
"-J-Djava.net.useSystemProxies=",
@ -171,7 +155,7 @@ public class TsacertOptionTest {
analyzer.shouldContain(JAR_SIGNED);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verbose",
"-verify",
"-keystore", KEYSTORE,

2
jdk/test/sun/security/tools/jarsigner/concise_jarsigner.sh
View File

@ -47,6 +47,8 @@ esac
# Choose 1024-bit RSA to make sure it runs fine and fast on all platforms. In
# fact, every keyalg/keysize combination is OK for this test.
TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
KS=js.ks
KT="$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -storepass changeit -keypass changeit -keystore $KS -keyalg rsa -keysize 1024"
JAR="$TESTJAVA${FS}bin${FS}jar ${TESTTOOLVMOPTS}"

2
jdk/test/sun/security/tools/jarsigner/default_options.sh
View File

@ -34,6 +34,8 @@ fi
PASS=changeit
export PASS
TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
KS=ks
KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -storepass:env PASS -keypass:env PASS -keystore $KS"
JAR="$TESTJAVA/bin/jar ${TESTTOOLVMOPTS}"

15
jdk/test/sun/security/tools/jarsigner/warnings/AliasNotInStoreTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -51,7 +50,7 @@ public class AliasNotInStoreTest extends Test {
JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
// create first key pair for signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", FIRST_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -63,7 +62,7 @@ public class AliasNotInStoreTest extends Test {
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
// create second key pair for signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", SECOND_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -75,7 +74,7 @@ public class AliasNotInStoreTest extends Test {
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
// sign jar with first key
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-keystore", BOTH_KEYS_KEYSTORE,
"-storepass", PASSWORD,
"-keypass", PASSWORD,
@ -92,7 +91,7 @@ public class AliasNotInStoreTest extends Test {
JarUtils.updateJar(SIGNED_JARFILE, UPDATED_SIGNED_JARFILE, SECOND_FILE);
// sign jar with second key
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-keystore", BOTH_KEYS_KEYSTORE,
"-storepass", PASSWORD,
"-keypass", PASSWORD,
@ -102,7 +101,7 @@ public class AliasNotInStoreTest extends Test {
checkSigning(analyzer);
// create keystore that contains only first key
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-importkeystore",
"-srckeystore", BOTH_KEYS_KEYSTORE,
"-srcalias", FIRST_KEY_ALIAS,
@ -116,7 +115,7 @@ public class AliasNotInStoreTest extends Test {
// verify jar with keystore that contains only first key in strict mode,
// so there is signed entry (FirstClass.class) that is not signed
// by any alias in the keystore
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", FIRST_KEY_KEYSTORE,
@ -128,7 +127,7 @@ public class AliasNotInStoreTest extends Test {
ALIAS_NOT_IN_STORE_VERIFYING_WARNING);
// verify jar with keystore that contains only first key in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-strict",

9
jdk/test/sun/security/tools/jarsigner/warnings/BadExtendedKeyUsageTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -52,7 +51,7 @@ public class BadExtendedKeyUsageTest extends Test {
// create a certificate whose signer certificate's
// ExtendedKeyUsage extension doesn't allow code signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -65,7 +64,7 @@ public class BadExtendedKeyUsageTest extends Test {
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
// sign jar
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-verbose",
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
@ -77,7 +76,7 @@ public class BadExtendedKeyUsageTest extends Test {
checkSigning(analyzer, BAD_EXTENDED_KEY_USAGE_SIGNING_WARNING);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", KEYSTORE,
@ -88,7 +87,7 @@ public class BadExtendedKeyUsageTest extends Test {
checkVerifying(analyzer, 0, BAD_EXTENDED_KEY_USAGE_VERIFYING_WARNING);
// verity signed jar in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-strict",

9
jdk/test/sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -53,7 +52,7 @@ public class BadKeyUsageTest extends Test {
// create a certificate whose signer certificate's KeyUsage extension
// doesn't allow code signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -66,7 +65,7 @@ public class BadKeyUsageTest extends Test {
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
// sign jar
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-verbose",
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
@ -78,7 +77,7 @@ public class BadKeyUsageTest extends Test {
checkSigning(analyzer, BAD_KEY_USAGE_SIGNING_WARNING);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", KEYSTORE,
@ -89,7 +88,7 @@ public class BadKeyUsageTest extends Test {
checkVerifying(analyzer, 0, BAD_KEY_USAGE_VERIFYING_WARNING);
// verify signed jar in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-strict",

7
jdk/test/sun/security/tools/jarsigner/warnings/BadNetscapeCertTypeTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
import java.nio.file.Files;
@ -67,7 +66,7 @@ public class BadNetscapeCertTypeTest extends Test {
JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
// sign jar
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-verbose",
"-keystore", NETSCAPE_KEYSTORE,
"-storepass", PASSWORD,
@ -79,7 +78,7 @@ public class BadNetscapeCertTypeTest extends Test {
checkSigning(analyzer, BAD_NETSCAPE_CERT_TYPE_SIGNING_WARNING);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", NETSCAPE_KEYSTORE,
@ -90,7 +89,7 @@ public class BadNetscapeCertTypeTest extends Test {
checkVerifying(analyzer, 0, BAD_NETSCAPE_CERT_TYPE_VERIFYING_WARNING);
// verify signed jar in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-strict",

18
jdk/test/sun/security/tools/jarsigner/warnings/ChainNotValidatedTest.java
View File

@ -55,7 +55,7 @@ public class ChainNotValidatedTest extends Test {
// create self-signed certificate whose BasicConstraints extension
// is set to false, so the certificate may not be used
// as a parent certificate (certpath validation should fail)
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkeypair",
"-alias", CA_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -70,7 +70,7 @@ public class ChainNotValidatedTest extends Test {
// create a certificate that is signed by self-signed certificate
// despite of it may not be used as a parent certificate
// (certpath validation should fail)
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkeypair",
"-alias", KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -82,7 +82,7 @@ public class ChainNotValidatedTest extends Test {
"-ext", "BasicConstraints:critical=ca:false",
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-certreq",
"-alias", KEY_ALIAS,
"-keystore", KEYSTORE,
@ -90,7 +90,7 @@ public class ChainNotValidatedTest extends Test {
"-keypass", PASSWORD,
"-file", CERT_REQUEST_FILENAME).shouldHaveExitValue(0);
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-gencert",
"-alias", CA_KEY_ALIAS,
"-keystore", KEYSTORE,
@ -100,7 +100,7 @@ public class ChainNotValidatedTest extends Test {
"-validity", Integer.toString(VALIDITY),
"-outfile", CERT_FILENAME).shouldHaveExitValue(0);
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-importcert",
"-alias", KEY_ALIAS,
"-keystore", KEYSTORE,
@ -129,7 +129,7 @@ public class ChainNotValidatedTest extends Test {
ProcessTools.executeCommand(pb).shouldHaveExitValue(0);
// remove CA certificate
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-delete",
"-alias", CA_KEY_ALIAS,
"-keystore", KEYSTORE,
@ -137,7 +137,7 @@ public class ChainNotValidatedTest extends Test {
"-keypass", PASSWORD).shouldHaveExitValue(0);
// sign jar
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
"-keypass", PASSWORD,
@ -149,7 +149,7 @@ public class ChainNotValidatedTest extends Test {
checkSigning(analyzer, CHAIN_NOT_VALIDATED_SIGNING_WARNING);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", KEYSTORE,
@ -161,7 +161,7 @@ public class ChainNotValidatedTest extends Test {
checkVerifying(analyzer, 0, CHAIN_NOT_VALIDATED_VERIFYING_WARNING);
// verify signed jar in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-strict",

9
jdk/test/sun/security/tools/jarsigner/warnings/HasExpiredCertTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -52,7 +51,7 @@ public class HasExpiredCertTest extends Test {
JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
// create key pair for jar signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -66,7 +65,7 @@ public class HasExpiredCertTest extends Test {
.shouldHaveExitValue(0);
// sign jar
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
"-keypass", PASSWORD,
@ -77,7 +76,7 @@ public class HasExpiredCertTest extends Test {
checkSigning(analyzer, HAS_EXPIRED_CERT_SIGNING_WARNING);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", KEYSTORE,
@ -87,7 +86,7 @@ public class HasExpiredCertTest extends Test {
checkVerifying(analyzer, 0, HAS_EXPIRED_CERT_VERIFYING_WARNING);
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-strict",
"-keystore", KEYSTORE,

9
jdk/test/sun/security/tools/jarsigner/warnings/HasExpiringCertTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -52,7 +51,7 @@ public class HasExpiringCertTest extends Test {
JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
// create key pair for jar signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -65,7 +64,7 @@ public class HasExpiringCertTest extends Test {
.shouldHaveExitValue(0);
// sign jar
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-keystore", KEYSTORE,
"-verbose",
"-storepass", PASSWORD,
@ -77,7 +76,7 @@ public class HasExpiringCertTest extends Test {
checkSigning(analyzer, HAS_EXPIRING_CERT_SIGNING_WARNING);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", KEYSTORE,
@ -89,7 +88,7 @@ public class HasExpiringCertTest extends Test {
checkVerifying(analyzer, 0, HAS_EXPIRING_CERT_VERIFYING_WARNING);
// verify signed jar in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-strict",

9
jdk/test/sun/security/tools/jarsigner/warnings/HasUnsignedEntryTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -51,7 +50,7 @@ public class HasUnsignedEntryTest extends Test {
JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
// create key pair for signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -63,7 +62,7 @@ public class HasUnsignedEntryTest extends Test {
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
// sign jar
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-verbose",
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
@ -82,7 +81,7 @@ public class HasUnsignedEntryTest extends Test {
JarUtils.updateJar(SIGNED_JARFILE, UPDATED_SIGNED_JARFILE, SECOND_FILE);
// verify jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", KEYSTORE,
@ -93,7 +92,7 @@ public class HasUnsignedEntryTest extends Test {
checkVerifying(analyzer, 0, HAS_UNSIGNED_ENTRY_VERIFYING_WARNING);
// verify jar in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-strict",

15
jdk/test/sun/security/tools/jarsigner/warnings/MultipleWarningsTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -56,7 +55,7 @@ public class MultipleWarningsTest extends Test {
// create first expired certificate
// whose ExtendedKeyUsage extension does not allow code signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", FIRST_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -71,7 +70,7 @@ public class MultipleWarningsTest extends Test {
// create second expired certificate
// whose KeyUsage extension does not allow code signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", SECOND_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -85,7 +84,7 @@ public class MultipleWarningsTest extends Test {
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
// sign jar with first key
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
"-keypass", PASSWORD,
@ -100,7 +99,7 @@ public class MultipleWarningsTest extends Test {
JarUtils.updateJar(SIGNED_JARFILE, UPDATED_SIGNED_JARFILE, SECOND_FILE);
// verify jar with second key
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
@ -114,7 +113,7 @@ public class MultipleWarningsTest extends Test {
NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
// verify jar with second key in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-strict",
"-keystore", KEYSTORE,
@ -134,7 +133,7 @@ public class MultipleWarningsTest extends Test {
NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
// verify jar with non-exisiting alias
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
@ -148,7 +147,7 @@ public class MultipleWarningsTest extends Test {
NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
// verify jar with non-exisiting alias in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-strict",
"-keystore", KEYSTORE,

9
jdk/test/sun/security/tools/jarsigner/warnings/NoTimestampTest.java
View File

@ -23,7 +23,6 @@
import java.util.Date;
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -57,7 +56,7 @@ public class NoTimestampTest extends Test {
* 24 * 60 * 60 * 1000L);
// create key pair
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -69,7 +68,7 @@ public class NoTimestampTest extends Test {
"-validity", Integer.toString(VALIDITY));
// sign jar file
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-J-Duser.timezone=" + timezone,
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
@ -83,7 +82,7 @@ public class NoTimestampTest extends Test {
checkSigning(analyzer, warning);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-J-Duser.timezone=" + timezone,
"-verify",
"-keystore", KEYSTORE,
@ -96,7 +95,7 @@ public class NoTimestampTest extends Test {
checkVerifying(analyzer, 0, warning);
// verify signed jar in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-J-Duser.timezone=" + timezone,
"-verify",
"-strict",

15
jdk/test/sun/security/tools/jarsigner/warnings/NotSignedByAliasTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -50,7 +49,7 @@ public class NotSignedByAliasTest extends Test {
JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
// create first key pair for signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", FIRST_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -62,7 +61,7 @@ public class NotSignedByAliasTest extends Test {
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
// create first key pair for signing
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", SECOND_KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -74,7 +73,7 @@ public class NotSignedByAliasTest extends Test {
"-validity", Integer.toString(VALIDITY)).shouldHaveExitValue(0);
// sign jar with first key
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
"-keypass", PASSWORD,
@ -85,7 +84,7 @@ public class NotSignedByAliasTest extends Test {
checkSigning(analyzer);
// verify jar with second key
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
@ -96,7 +95,7 @@ public class NotSignedByAliasTest extends Test {
checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
// verify jar with second key in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-strict",
"-keystore", KEYSTORE,
@ -109,7 +108,7 @@ public class NotSignedByAliasTest extends Test {
NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
// verify jar with non-existing alias
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
@ -120,7 +119,7 @@ public class NotSignedByAliasTest extends Test {
checkVerifying(analyzer, 0, NOT_SIGNED_BY_ALIAS_VERIFYING_WARNING);
// verify jar with non-existing alias in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-strict",
"-keystore", KEYSTORE,

9
jdk/test/sun/security/tools/jarsigner/warnings/NotYetValidCertTest.java
View File

@ -22,7 +22,6 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import jdk.testlibrary.JarUtils;
/**
@ -50,7 +49,7 @@ public class NotYetValidCertTest extends Test {
JarUtils.createJar(UNSIGNED_JARFILE, FIRST_FILE);
// create certificate that will be valid only tomorrow
ProcessTools.executeCommand(KEYTOOL,
keytool(
"-genkey",
"-alias", KEY_ALIAS,
"-keyalg", KEY_ALG,
@ -63,7 +62,7 @@ public class NotYetValidCertTest extends Test {
"-validity", Integer.toString(VALIDITY));
// sign jar
OutputAnalyzer analyzer = ProcessTools.executeCommand(JARSIGNER,
OutputAnalyzer analyzer = jarsigner(
"-keystore", KEYSTORE,
"-storepass", PASSWORD,
"-keypass", PASSWORD,
@ -74,7 +73,7 @@ public class NotYetValidCertTest extends Test {
checkSigning(analyzer, NOT_YET_VALID_CERT_SIGNING_WARNING);
// verify signed jar
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-keystore", KEYSTORE,
@ -86,7 +85,7 @@ public class NotYetValidCertTest extends Test {
checkVerifying(analyzer, 0, NOT_YET_VALID_CERT_VERIFYING_WARNING);
// verify jar in strict mode
analyzer = ProcessTools.executeCommand(JARSIGNER,
analyzer = jarsigner(
"-verify",
"-verbose",
"-strict",

22
jdk/test/sun/security/tools/jarsigner/warnings/Test.java
View File

@ -22,6 +22,11 @@
*/
import jdk.testlibrary.OutputAnalyzer;
import jdk.testlibrary.ProcessTools;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
/**
* Base class.
@ -175,4 +180,21 @@ public abstract class Test {
}
analyzer.shouldContain(JAR_SIGNED);
}
protected OutputAnalyzer keytool(String... cmd) throws Throwable {
return tool(KEYTOOL, cmd);
}
protected OutputAnalyzer jarsigner(String... cmd) throws Throwable {
return tool(JARSIGNER, cmd);
}
private OutputAnalyzer tool(String tool, String... args) throws Throwable {
List<String> cmd = new ArrayList<>();
cmd.add(tool);
cmd.add("-J-Duser.language=en");
cmd.add("-J-Duser.country=US");
cmd.addAll(Arrays.asList(args));
return ProcessTools.executeCommand(cmd.toArray(new String[cmd.size()]));
}
}

2
jdk/test/sun/security/tools/jarsigner/weaksize.sh
View File

@ -31,6 +31,8 @@ if [ "${TESTJAVA}" = "" ] ; then
TESTJAVA=`dirname $JAVAC_CMD`/..
fi
TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
# The sigalg used is MD2withRSA, which is obsolete.
KT="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks

2
jdk/test/sun/security/tools/keytool/default_options.sh
View File

@ -31,6 +31,8 @@ if [ "${TESTJAVA}" = "" ] ; then
TESTJAVA=`dirname $JAVAC_CMD`/..
fi
TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
KS=ks
KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS}"

3
jdk/test/sun/security/tools/keytool/file-in-help.sh
View File

@ -42,7 +42,8 @@ case "$OS" in
;;
esac
LANG=C
TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -printcertreq -help 2> h1 || exit 1
$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -exportcert -help 2> h2 || exit 2

2
jdk/test/sun/security/tools/keytool/keyalg.sh
View File

@ -31,6 +31,8 @@ if [ "${TESTJAVA}" = "" ] ; then
TESTJAVA=`dirname $JAVAC_CMD`/..
fi
TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
KS=ks
KEYTOOL="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks -storepass changeit -keypass changeit"

3
jdk/test/sun/security/tools/keytool/newhelp.sh
View File

@ -42,7 +42,8 @@ case "$OS" in
;;
esac
LANG=C
TESTTOOLVMOPTS="$TESTTOOLVMOPTS -J-Duser.language=en -J-Duser.country=US"
$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -help 2> h1 || exit 1
$TESTJAVA${FS}bin${FS}keytool ${TESTTOOLVMOPTS} -help -list 2> h2 || exit 2