Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/tools/jarsigner/DefaultSigalg.java
38853 views
/*1* Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/**24* @test25* @bug 805781026* @summary New defaults for DSA keys in jarsigner and keytool27*/2829import sun.security.pkcs.PKCS7;30import sun.security.util.KeyUtil;3132import java.io.FileInputStream;33import java.io.InputStream;34import java.nio.file.Files;35import java.nio.file.Paths;36import java.security.KeyStore;37import java.security.cert.X509Certificate;38import java.util.jar.JarFile;3940public class DefaultSigalg {4142public static void main(String[] args) throws Exception {4344// Three test cases45String[] keyalgs = {"DSA", "RSA", "EC"};46// Expected default keytool sigalg47String[] sigalgs = {"SHA256withDSA", "SHA256withRSA", "SHA256withECDSA"};48// Expected keysizes49int[] keysizes = {2048, 2048, 256};50// Expected jarsigner digest alg used in signature51String[] digestalgs = {"SHA-256", "SHA-256", "SHA-256"};5253// Create a jar file54sun.tools.jar.Main m =55new sun.tools.jar.Main(System.out, System.err, "jar");56Files.write(Paths.get("x"), new byte[10]);57if (!m.run("cvf a.jar x".split(" "))) {58throw new Exception("jar creation failed");59}6061// Generate keypairs and sign the jar62Files.deleteIfExists(Paths.get("jks"));63for (String keyalg: keyalgs) {64sun.security.tools.keytool.Main.main(65("-keystore jks -storepass changeit -keypass changeit " +66"-dname CN=A -alias " + keyalg + " -genkeypair " +67"-keyalg " + keyalg).split(" "));68sun.security.tools.jarsigner.Main.main(69("-keystore jks -storepass changeit a.jar " + keyalg).split(" "));70}7172// Check result73KeyStore ks = KeyStore.getInstance("JKS");74try (FileInputStream jks = new FileInputStream("jks");75JarFile jf = new JarFile("a.jar")) {76ks.load(jks, null);77for (int i = 0; i<keyalgs.length; i++) {78String keyalg = keyalgs[i];79// keytool80X509Certificate c = (X509Certificate) ks.getCertificate(keyalg);81String sigalg = c.getSigAlgName();82if (!sigalg.equals(sigalgs[i])) {83throw new Exception(84"keytool sigalg for " + keyalg + " is " + sigalg);85}86int keysize = KeyUtil.getKeySize(c.getPublicKey());87if (keysize != keysizes[i]) {88throw new Exception(89"keytool keysize for " + keyalg + " is " + keysize);90}91// jarsigner92String bk = "META-INF/" + keyalg + "." + keyalg;93try (InputStream is = jf.getInputStream(jf.getEntry(bk))) {94String digestalg = new PKCS7(is).getSignerInfos()[0]95.getDigestAlgorithmId().toString();96if (!digestalg.equals(digestalgs[i])) {97throw new Exception(98"jarsigner digest of sig for " + keyalg99+ " is " + digestalg);100}101}102}103}104}105}106107108