jdk-24/test/jdk/sun/security/tools/jarsigner/VerifyHSSSignedJar.java

146 lines
8.7 KiB
Java
Raw Normal View History

/*
* Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug JDK-8298127
* @summary verify JAR files signed with HSS/LMS
* @library /test/lib
* @run main VerifyHSSSignedJar
*/
import jdk.test.lib.SecurityTools;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Base64;
public class VerifyHSSSignedJar {
public static void main(String[] args) throws Exception {
// This is a signed JAR file using the HSS/LMS signature algorithm.
String jarFile = """
UEsDBBQAAAAIAFKWqlbvY1zrjQAAAJAAAAAUABwATUVUQS1JTkYvTUFOSUZFU1Qu
TUZVVAkAA7wfXGS8H1xkdXgLAAEE9QEAAAQAAAAA803My0xLLS7RDUstKs7Mz7NS
MNQz4OVyLkpNLElN0XWqtFIwMtTNzCtJLcpLzFHQ8C9KTM5JVXDOLyrIL0osAerQ
5OXi5fJLzE0FauXlCvZw1DUyNdN1yUwHmmqlEGgYnp1YkRcS7FdeFmbh5K7tb5ll
6ObvX2rql+4YEOBlXhDm7WUQ6WfkHmoLMggAUEsDBBQAAAAIAFKWqlZLYPST8gAA
ADIBAAASABwATUVUQS1JTkYvU0lHTkVSLlNGVVQJAAO8H1xkvB9cZHV4CwABBPUB
AAAEAAAAAHWPTU+DMACG7yT8hx41pA6aCIPEw4ARNHxtC3Vyq66DZtBiKYL8eolH
E2/P5X2evCdWc6JGSSGmcmCCe8B6MHUtkJQoeoH+tweQBRlXVHLSgrtcko+WgkDI
Xkii1sW9rp3iHUSPNgxZTQcFU8LZdQUP3FJ5WdJJRM7Yz1m2ea3O0nTHzdzNoYU/
m9byOzuc8CEQT/9qVmAc7pSS7H1UdPBAhUWPqRLJs2ENcYX8cCze/KSseLXdJ7Gu
gam4Ruf0SA6Re1vNupaRjq7f/kY8gI9fxrjvm3qZm8FuqiJnRll29RLmLyZneOs4
qHYRwjj9Ff0AUEsDBBQAAAAIAFKWqlbb/AXeEAsAABgMAAATABwATUVUQS1JTkYv
U0lHTkVSLkRTQVVUCQADvB9cZLwfXGR1eAsAAQT1AQAABAAAAADFlWk41P0ax80Y
MgYz9j1rSrb/2IlibJN9Xwcj+1ZE2creZF8qS5aMnawl+5KdcIhCE4mJqIg8YxCa
03Ou5zo9T9d5f37Xdb+6v/f39+7zAWIZ2Gih53Fo3D4j6BQYH8tAA8QygMAgEBIO
MNJCsTg0yJ0aAgbRUAGwX0EQPpZmFYilWQZi2vHUYBAYDKVKC9d2CniEM/95Bvsr
B0VQMwPM/2mitoJQs9IGeXtedb8OCHIyysoBCkhAVlYBkFO054LLAgoKABKpBABy
SkhF+/91ZPpbMfUlKogaFRUV6OfQ/ByIF6DK3t5Qu3Rxlup8XcHalIwmxwRA4y+U
bCzo7Kz4nPjA/NrVh8Z1HzX9WjuHePv9fu+LpWGm+tuDkFlHqIt7Ang86pOfkC4A
nPiL/Elek36P5dX4rvcqeztNeV0cJc5lf8o90Ak6eCxsWeN2jB3i/AKzXh/wL1bH
ImzjlaV1ihovORjPVjKTX5NLx5A6UvMT7BAb+hvphUnIGCMvaQzdHpqtBFhI8pNX
pv7xinTE+C8CaPKOWflwy7mxPYHuEVDbejz45SUc2Js3J2Azp+aywq1tqwge2qZ8
SN6UP9izQlKfV5BbJ9Q41SrxlUX8CQ4fdKxAIlhFqjspQjA+eVKmAr5K6pkIWEZE
lpCoW7roaMyiX0Ro36JKexrJBuosLLmEmre45adGcYcwz9BFxbRPY8RcDsH5V+6z
ffB5Jx9CYGtmiYiLNLHn5xE5FuhMdjpctzXcu7jcanK5NS5RYLuE1DOmKX+rxI95
jUo5vPygujjKv73nzCX7UW5h9dF3rhlq7x6PEsKb4A5o8YyvrQyFCt1WdoMRo+lM
ukUITut4i40wlhHNKRfleUelTbmuWd0W2Da9ulHfgdFYIL/nTv0an1LeR+ExHzCR
oFulMmsnezfKkOaleHnZ08g34hkuWzLn8RHFfEendTeZ6mKWLNbHdlk9+cyXcvbo
nQ2TzqJWu89wxx05raZ+M30kns8XKao2kRL2fnfY/hmkSO6TwLG+LuRSqq5hV+UM
ENapT9C5j2d9w1Ikbzx93LCobObUmdX2kdeycugKbYdUEhIf8lUhJydyApQrU+N4
DWPKkQIHyknWZ/wF+tU8bG+l4t6CJ25af7rAmkjqmef6pP9Zu0Kq6VRCm+mc+Ek+
XKx0diJfFxt6/32J5YPHcwodLEHO9/jbLZ+UMxyIEEOt+xUglE8b8opM9Px0jIW4
LQkVRQ0ZINOSztlgV7siYWuduYb+7u75TbXwNOHIH6zfc5qmYSoznpjgaCSZscO/
HkGK1tyYvTc3qQdld2/30Yubfr1U/IR8o6q9VYcYmFAPVovY0iuf4lL1yI1QmKUH
Rdr4To53GfLviQDWCbuQ8h2pjb0Lpc3o0vIqrTjn7myTmkrut0TU59HWY1H6asc4
mvF5sra30x+OKUli9OPDV+rdPtOVv0hQ8PZB8ekY3Fn8FjrdvYluhKwyVb8/Z3b8
5NPtFjS/ZiBhbPAotoyNV+ujjxuDvfk+lp1qDtMX3bHwMMZTijlQy8fQz0Hcc4Gr
XkBbi30st2AlMMHPngBzwRT5LYvZLTY2UJPVGwch/ABMBZcac3npOuKQOH3NCT4l
nTW3Gupo/iJj08tpzMFFzuYly/5WHfwmlHD1zbfKGhk3P/e3M8BVThKW8fGiinar
NG9WVimmErsQhv2ug0/lRAERN6pLSO+fSQysFFg8i5PPBTcUz0PvLMuEibSzOnu2
WkFkJc4b6Y9XT6WkoWVSG4oQVLZ22lIXnUmWnLuuUGjf3Gn3OhT17irmq+GQ3qTv
5o63bhQ4cHHqxzBrbvTuBgnccgex6WzX7V3Iq6Q5zDiMmfnQzx289qCiP4l+X/RP
buV1Rhc7vCe7uYaUaYegYD1wffXkxaiiQ8GTx+xN+WVHRjUafpRzugJnQTnJn90H
UHeLbOm0muv1yKVgI2ObQlHvWqyewdnBnsprzydV9vpQqlxB6cf749eROahOYG0+
YBvNcTwikSySKya9nf+ZWnO25ZqJmJBQPa0Cb1Gwg+wPqQ3Y6ssZVqXGTNySx1x0
fPhzqlTQPehyS2WNElF12QQZS0P6yfmdn0IATv8PKv+T+3/XBT4mF+D6rzGg1Mi/
6wPg+7WhQcJ/0wEg9WsrjxT8+fE/q4t/M4zMrzgEKQwRZMqYq9kIEyPoV38V4Qi3
k7b1wDhyyrn63jojfTth5CT9N/BDYmkQfzH/T5dA1liMxP0diEadWFaED/ej3ohY
+cokjZNU/jclTnQs9yce8lx0lByAMqbvWJIPEk52FvsfpaWKLFAuTIXojNr7nCkq
zrN+LWuKihpilnzDb2ab2VQzaQVaEYVFHH784ueYofYIoVntGN+7Y8pyefDZ7bU3
gdUtHm9he0FaI87NcVl58NpNfr0v995JBIItD4IepPMM7OSny0NjtbgLlqIan5RR
DgVOKflbVm6vXHbwD7zCFzRC8TTeT8HWJhvMb/dTSmklyO7G1rxX+zQc+8zTJJTU
l9QPxViwQ59Ft60WsqfuCDvs3uw6l+ouacEz4TWYqnFD7ayHjUDPhkuia5NT4r0c
UslKDf3OZrCY3K2F2ifaa7pTnecbvrInYZ1907nwNKWFT/t80TGZAqGlFTwMki5k
ExmZgGhcSfLi8ugIKicnDOv7iEvruPyYikL7afGtoZ6AMmgElBdK7qsPPKecc3RJ
aBDt4s2Htx1AtEZ/SNKoOHwJ13oY2w1SY/hQP/yyrrpMSJqn0J6WT5iFE1+8/jpK
+SM9sCzdOMNf9bwmI9Lvsk9yhriDiI9w//Rmo9ZNBl2M491p6iW3tshSWqPx7+1g
3ItjQp39SfNrzD73feilBX8L7Vy3wLfxADEo9EicUuz8x4/5rbDwhLmjMMKrsFuF
s6YUQQr03KBJb5IG80NOELGa2KLDHpyZUZkpWNYIt+VtNHd91lt1rLgtXR0TAJos
ITYfqUSNlHV7CbqzRRdX2rFPmM/D2xlatJ7fZ0jnEkp9HcLirPhKcjOA6fRjSWKK
syle/2T0zviQI2+m0eneB5bfmyMI/bKENVOUlmbw7gz3d2Y6QrrqBOGL5gz+Cmx/
5Qz6LUKPvSBcNRu3tMWQrvRHvXvzPaH9ivEIEwfizJ6ay9oWh6ls7eImJQbH6ObL
hdbTNsTcWDZIOPomZ5eDWT+wO3E9KtgQbEu90VRL5d5vT0ysPEvbWT/69IcRzwvd
Gqf888Kw9LCqjDz5hgV+pq9/eBqtSjIqOgf7mXVwllHPj69o9n9bUF9A7ttH4Mht
+ILiyffyc4phpFN8npZWQfMBkT3D43qLtYzXJas63CqgrpL0p8K8Wn2ajSvpyHFr
TKrohqSil6mOFWGJRQYEtxVVggEq1MWq6xVca8IIjim4p4l+ta+D425QNomZk8bY
lNp27E2gUWZnzhKJ9VUjywjZb+QULurhNY4Q4ae6jtOwOhNVSNZGtpy68JVsb2WJ
6jQxaYrsnAqYzSFuso1kvrcIvnVuXIJyexp2RM+SOGxmwXmVxVMiOsutdcbbwO4o
RTktXSetM8F1QSNkWIcpXM6+rZZtTqvEnY8DYVkQuoy9SaEwYp9MTg65mkNnF2z9
wfRajVybhi6kEafYCe2tRMl1ju4Jot3M7RevqCoDd8xOr6zFS3MP2FCLN331vKrl
r1YR8v7R8Qp+M1sO3iuMmkU5AgN3kpQNauboa4y7olsApSEmTLCniN5FvApDz5/c
jytYX3kgkC36Mfh5bL5Hh8P2c/bOml3lyDddiK7eOGux/zf3/w1QSwMECgAAAAAA
eImqVlP8UWcCAAAAAgAAAAEAHAAxVVQJAAOUCFxklAhcZHV4CwABBPUBAAAEAAAA
ADEKUEsBAh4DFAAAAAgAUpaqVu9jXOuNAAAAkAAAABQAGAAAAAAAAQAAAKSBAAAA
AE1FVEEtSU5GL01BTklGRVNULk1GVVQFAAO8H1xkdXgLAAEE9QEAAAQAAAAAUEsB
Ah4DFAAAAAgAUpaqVktg9JPyAAAAMgEAABIAGAAAAAAAAQAAAKSB2wAAAE1FVEEt
SU5GL1NJR05FUi5TRlVUBQADvB9cZHV4CwABBPUBAAAEAAAAAFBLAQIeAxQAAAAI
AFKWqlbb/AXeEAsAABgMAAATABgAAAAAAAAAAACkgRkCAABNRVRBLUlORi9TSUdO
RVIuRFNBVVQFAAO8H1xkdXgLAAEE9QEAAAQAAAAAUEsBAh4DCgAAAAAAeImqVlP8
UWcCAAAAAgAAAAEAGAAAAAAAAQAAAKSBdg0AADFVVAUAA5QIXGR1eAsAAQT1AQAA
BAAAAABQSwUGAAAAAAQABABSAQAAsw0AAAAA
""";
Files.write(Path.of("x.jar"), Base64.getMimeDecoder().decode(jarFile));
SecurityTools.jarsigner("-verify x.jar -verbose -debug")
.shouldContain("jar verified.")
.shouldContain("Signature algorithm: HSS/LMS,")
.shouldHaveExitValue(0);
Files.writeString(Paths.get("my.security"),
"jdk.jar.disabledAlgorithms=HSS/LMS");
SecurityTools.jarsigner(
"-J-Djava.security.properties=my.security " +
"-verify x.jar -verbose -debug")
.shouldNotContain("jar verified.")
.shouldContain("WARNING: The jar will be treated as unsigned")
.shouldContain("Signature algorithm: HSS/LMS (disabled),")
.shouldHaveExitValue(0);
}
}