Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/openjdk-multiarch-jdk8u
 Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/test/sun/security/tools/jarsigner/weaksize.sh
38854 views
1
#

2
# Copyright (c) 2014, 2017, Oracle and/or its affiliates. All rights reserved.

3
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
#

5
# This code is free software; you can redistribute it and/or modify it

6
# under the terms of the GNU General Public License version 2 only, as

7
# published by the Free Software Foundation.

8
#

9
# This code is distributed in the hope that it will be useful, but WITHOUT

10
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

11
# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

12
# version 2 for more details (a copy is included in the LICENSE file that

13
# accompanied this code).

14
#

15
# You should have received a copy of the GNU General Public License version

16
# 2 along with this work; if not, write to the Free Software Foundation,

17
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

18
#

19
# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

20
# or visit www.oracle.com if you need additional information or have any

21
# questions.

22
#

23


24
# @test

25
# @bug 8044755

26
# @summary Add a test for algorithm constraints check in jarsigner

27
#

28


29
if [ "${TESTJAVA}" = "" ] ; then

30
  JAVAC_CMD=`which javac`

31
  TESTJAVA=`dirname $JAVAC_CMD`/..

32
fi

33


34
# The sigalg used is MD2withRSA, which is obsolete.

35


36
KT="$TESTJAVA/bin/keytool ${TESTTOOLVMOPTS} -keystore ks

37
    -storepass changeit -keypass changeit

38
    -keyalg rsa -sigalg MD2withRSA -debug"

39
JS="$TESTJAVA/bin/jarsigner ${TESTTOOLVMOPTS} -keystore ks

40
    -storepass changeit -strict -debug"

41
JAR="$TESTJAVA/bin/jar ${TESTTOOLVMOPTS}"

42


43
rm ks 2> /dev/null

44


45
$KT -genkeypair -alias ca -dname CN=CA -ext bc

46
$KT -genkeypair -alias signer -dname CN=Signer

47


48
$KT -certreq -alias signer | \

49
        $KT -gencert -alias ca -ext ku=dS -rfc | \

50
        $KT -importcert -alias signer

51


52
$JAR cvf a.jar ks

53


54
# We always trust a TrustedCertificateEntry

55
$JS a.jar ca | grep "chain is invalid" && exit 1

56


57
# An end-entity cert must follow algorithm constraints

58
$JS a.jar signer | grep "chain is invalid" || exit 2

59


60
exit 0

61


62