1 /* 2 * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 /* 25 * @test 26 * @bug 6284489 27 * @summary Confirm that JarEntry.getCertificates identifies signed entries. 28 */ 29 30 import java.net.URL; 31 import java.security.CodeSigner; 32 import java.security.cert.Certificate; 33 import java.util.jar.*; 34 35 /* 36 * Confirm that the signed entries in a JAR file are identified correctly 37 * when JarEntry.getCertificates is used to extract the signer's certificates. main(String args[])38 * 39 * NOTE: the original problem occurred only when entries were extracted using 40 * the JarInputStream.getNextJarEntry method; it never occurred when 41 * entries were extracted using the JarFile.entries method. 42 */ 43 public class ScanSignedJar { 44 45 private static final String JAR_LOCATION = 46 "file:" + 47 System.getProperty("test.src", ".") + 48 System.getProperty("file.separator") + 49 "signed.jar"; 50 51 public static void main(String[] args) throws Exception { 52 53 System.out.println("Opening " + JAR_LOCATION + "..."); 54 JarInputStream inStream = 55 new JarInputStream(new URL(JAR_LOCATION).openStream(), true); 56 JarEntry entry; 57 byte[] buffer = new byte[1024]; 58 59 while ((entry = inStream.getNextJarEntry()) != null) { 60 61 // need to read the entry's data to see the certs. 62 while(inStream.read(buffer) != -1) 63 ; 64 65 String name = entry.getName(); 66 long size = entry.getSize(); 67 Certificate[] certificates = entry.getCertificates(); 68 CodeSigner[] signers = entry.getCodeSigners(); 69 70 if (signers == null && certificates == null) { 71 System.out.println("[unsigned]\t" + name + "\t(" + size + 72 " bytes)"); 73 if (name.equals("Count.class")) { 74 throw new Exception("Count.class should be signed"); 75 } 76 } else if (signers != null && certificates != null) { 77 System.out.println("[" + signers.length + 78 (signers.length == 1 ? " signer" : " signers") + "]\t" + 79 name + "\t(" + size + " bytes)"); 80 } else { 81 System.out.println("[*ERROR*]\t" + name + "\t(" + size + 82 " bytes)"); 83 throw new Exception("Cannot determine whether the entry is " + 84 "signed or unsigned (signers[] doesn't match certs[])."); 85 } 86 } 87 } 88 } 89