mirror of
https://github.com/JetBrains/JetBrainsRuntime.git
synced 2025-12-06 09:29:38 +01:00
8260960: Signs of jarsigner signing
Reviewed-by: weijun, rhalade
This commit is contained in:
Hai-May Chao
Henry Jen
@@ -795,8 +795,12 @@ public class Main {
|
||||
CodeSigner[] signers = je.getCodeSigners();
|
||||
boolean isSigned = (signers != null);
|
||||
anySigned |= isSigned;
|
||||
hasUnsignedEntry |= !je.isDirectory() && !isSigned
|
||||
&& !signatureRelated(name);
|
||||
|
||||
boolean unsignedEntry = !isSigned
|
||||
&& ((!je.isDirectory() && !signatureRelated(name))
|
||||
// a directory entry but with a suspicious size
|
||||
|| (je.isDirectory() && je.getSize() > 0));
|
||||
hasUnsignedEntry |= unsignedEntry;
|
||||
|
||||
int inStoreWithAlias = inKeyStore(signers);
|
||||
|
||||
@@ -818,7 +822,9 @@ public class Main {
|
||||
sb.append(isSigned ? rb.getString("s") : rb.getString("SPACE"))
|
||||
.append(inManifest ? rb.getString("m") : rb.getString("SPACE"))
|
||||
.append(inStore ? rb.getString("k") : rb.getString("SPACE"))
|
||||
.append((inStoreWithAlias & NOT_ALIAS) != 0 ? 'X' : ' ')
|
||||
.append((inStoreWithAlias & NOT_ALIAS) != 0 ?
|
||||
rb.getString("X") : rb.getString("SPACE"))
|
||||
.append(unsignedEntry ? rb.getString("q") : rb.getString("SPACE"))
|
||||
.append(rb.getString("SPACE"));
|
||||
sb.append('|');
|
||||
}
|
||||
@@ -846,10 +852,14 @@ public class Main {
|
||||
.append(rb
|
||||
.getString(".Signature.related.entries."))
|
||||
.append("\n\n");
|
||||
} else {
|
||||
} else if (unsignedEntry) {
|
||||
sb.append('\n').append(tab)
|
||||
.append(rb.getString(".Unsigned.entries."))
|
||||
.append("\n\n");
|
||||
} else {
|
||||
sb.append('\n').append(tab)
|
||||
.append(rb.getString(".Directory.entries."))
|
||||
.append("\n\n");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -924,6 +934,11 @@ public class Main {
|
||||
System.out.println(rb.getString(
|
||||
".X.not.signed.by.specified.alias.es."));
|
||||
}
|
||||
|
||||
if (hasUnsignedEntry) {
|
||||
System.out.println(rb.getString(
|
||||
".q.unsigned.entry"));
|
||||
}
|
||||
}
|
||||
if (man == null) {
|
||||
System.out.println();
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@@ -133,6 +133,8 @@ public class Resources extends java.util.ListResourceBundle {
|
||||
{"s", "s"},
|
||||
{"m", "m"},
|
||||
{"k", "k"},
|
||||
{"X", "X"},
|
||||
{"q", "?"},
|
||||
{".and.d.more.", "(and %d more)"},
|
||||
{".s.signature.was.verified.",
|
||||
" s = signature was verified "},
|
||||
@@ -142,9 +144,12 @@ public class Resources extends java.util.ListResourceBundle {
|
||||
" k = at least one certificate was found in keystore"},
|
||||
{".X.not.signed.by.specified.alias.es.",
|
||||
" X = not signed by specified alias(es)"},
|
||||
{".q.unsigned.entry",
|
||||
" ? = unsigned entry"},
|
||||
{"no.manifest.", "no manifest."},
|
||||
{".Signature.related.entries.","(Signature related entries)"},
|
||||
{".Unsigned.entries.", "(Unsigned entries)"},
|
||||
{".Directory.entries.", "(Directory entries)"},
|
||||
{"jar.is.unsigned",
|
||||
"jar is unsigned."},
|
||||
{"jar.treated.unsigned",
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2009, 2020, Oracle and/or its affiliates. All rights reserved.
|
||||
* Copyright (c) 2009, 2021, Oracle and/or its affiliates. All rights reserved.
|
||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||
*
|
||||
* This code is free software; you can redistribute it and/or modify it
|
||||
@@ -23,7 +23,7 @@
|
||||
|
||||
/*
|
||||
* @test
|
||||
* @bug 6802846 8172529 8227758
|
||||
* @bug 6802846 8172529 8227758 8260960
|
||||
* @summary jarsigner needs enhanced cert validation(options)
|
||||
* @library /test/lib
|
||||
* @run main/timeout=240 ConciseJarsigner
|
||||
@@ -112,23 +112,26 @@ public class ConciseJarsigner {
|
||||
.filter(s -> s.contains(year))
|
||||
.count() == 12);
|
||||
|
||||
// 4 groups: MANIFST, unrelated, signed, unsigned
|
||||
// 5 groups: MANIFEST, signature related entries, directory entries,
|
||||
// signed entries, and unsigned entries.
|
||||
Asserts.assertTrue(js("-verify a.jar -verbose:summary")
|
||||
.asLines().stream()
|
||||
.filter(s -> s.contains(year))
|
||||
.count() == 4);
|
||||
.count() == 5);
|
||||
|
||||
// still 4 groups, but MANIFEST group has no other file
|
||||
// still 5 groups, but MANIFEST group and directiry entry group
|
||||
// have no other file
|
||||
Asserts.assertTrue(js("-verify a.jar -verbose:summary")
|
||||
.asLines().stream()
|
||||
.filter(s -> s.contains("more)"))
|
||||
.count() == 3);
|
||||
|
||||
// 5 groups: MANIFEST, unrelated, signed by a1/a2, signed by a2, unsigned
|
||||
// 6 groups: MANIFEST, signature related entries, directory entries,
|
||||
// signed entries by a1/a2, signed entries by a2, and unsigned entries.
|
||||
Asserts.assertTrue(js("-verify a.jar -verbose:summary -certs")
|
||||
.asLines().stream()
|
||||
.filter(s -> s.contains(year))
|
||||
.count() == 5);
|
||||
.count() == 6);
|
||||
|
||||
// 2 for MANIFEST, 2*2 for A1/A2, 2 for A3/A4
|
||||
Asserts.assertTrue(js("-verify a.jar -verbose -certs")
|
||||
@@ -148,7 +151,8 @@ public class ConciseJarsigner {
|
||||
.filter(s -> s.contains("[certificate"))
|
||||
.count() == 5);
|
||||
|
||||
// still 5 groups, but MANIFEST group has no other file
|
||||
// still 6 groups, but MANIFEST group and directory entry group
|
||||
// have no other file
|
||||
Asserts.assertTrue(js("-verify a.jar -verbose:summary -certs")
|
||||
.asLines().stream()
|
||||
.filter(s -> s.contains("more)"))
|
||||
|
||||
Reference in New Issue
Block a user