CoCalc -- checkusage.sh

GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/tools/jarsigner/checkusage.sh
³⁸⁸⁵³ views
1
#
2
# Copyright (c) 2010, 2017, Oracle and/or its affiliates. All rights reserved.
3
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
#
5
# This code is free software; you can redistribute it and/or modify it
6
# under the terms of the GNU General Public License version 2 only, as
7
# published by the Free Software Foundation.
8
#
9
# This code is distributed in the hope that it will be useful, but WITHOUT
10
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
# version 2 for more details (a copy is included in the LICENSE file that
13
# accompanied this code).
14
#
15
# You should have received a copy of the GNU General Public License version
16
# 2 along with this work; if not, write to the Free Software Foundation,
17
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
#
19
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
# or visit www.oracle.com if you need additional information or have any
21
# questions.
22
#
23

24
# @test
25
# @bug 7004168
26
# @summary jarsigner -verify checks for KeyUsage codesigning ext on all certs
27
#  instead of just signing cert
28
#
29
# @run shell checkusage.sh
30
#
31

32
if [ "${TESTJAVA}" = "" ] ; then
33
  JAVAC_CMD=`which javac`
34
  TESTJAVA=`dirname $JAVAC_CMD`/..
35
fi
36

37
# set platform-dependent variables
38
OS=`uname -s`
39
case "$OS" in
40
  Windows_* )
41
    FS="\\"
42
    ;;
43
  * )
44
    FS="/"
45
    ;;
46
esac
47

48
KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit -keyalg rsa"
49
JAR=$TESTJAVA${FS}bin${FS}jar
50
JARSIGNER="$TESTJAVA${FS}bin${FS}jarsigner"
51

52
rm js.jks trust.jks unrelated.jks 2> /dev/null
53

54
echo x > x
55
$JAR cvf a.jar x
56

57
################### 3 Keystores #######################
58

59
# Keystore js.jks: including CA and Publisher
60
# CA contains a non-empty KeyUsage
61
$KT -keystore js.jks -genkeypair -alias ca -dname CN=CA -ext KU=kCS -ext bc -validity 365
62
$KT -keystore js.jks -genkeypair -alias pub -dname CN=Publisher
63

64
# Publisher contains the correct KeyUsage
65
$KT -keystore js.jks -certreq -alias pub | \
66
        $KT -keystore js.jks -gencert -alias ca -ext KU=dig -validity 365 | \
67
        $KT -keystore js.jks -importcert -alias pub
68

69
# Keystore trust.jks: including CA only
70
$KT -keystore js.jks -exportcert -alias ca | \
71
        $KT -keystore trust.jks -importcert -alias ca -noprompt
72

73
# Keystore unrelated.jks: unrelated
74
$KT -keystore unrelated.jks -genkeypair -alias nothing -dname CN=Nothing -validity 365
75

76

77
################### 4 Tests #######################
78

79
# Test 1: Sign should be OK
80

81
$JARSIGNER -keystore js.jks -storepass changeit a.jar pub
82
RESULT=$?
83
echo $RESULT
84
#[ $RESULT = 0 ] || exit 1
85

86
# Test 2: Verify should be OK
87

88
$JARSIGNER -keystore trust.jks -strict -verify a.jar
89
RESULT=$?
90
echo $RESULT
91
#[ $RESULT = 0 ] || exit 2
92

93
# Test 3: When no keystore is specified, the error is only
94
# "chain invalid"
95

96
$JARSIGNER -strict -verify a.jar
97
RESULT=$?
98
echo $RESULT
99
#[ $RESULT = 4 ] || exit 3
100

101
# Test 4: When unrelated keystore is specified, the error is
102
# "chain invalid" and "not alias in keystore"
103

104
$JARSIGNER -keystore unrelated.jks -strict -verify a.jar
105
RESULT=$?
106
echo $RESULT
107
#[ $RESULT = 36 ] || exit 4
108

109
exit 0
110

111
Product

Resources

Company
