diff options
author | Kenny Root <kroot@google.com> | 2014-11-14 16:40:33 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2014-11-14 16:40:34 +0000 |
commit | 657afa6cd8da378f30afe7b491e6d9de6c7c23fd (patch) | |
tree | 42eb0ed481d13ca8bdd4662088c94738c4cbf1df /harmony-tests/src/test | |
parent | 69c194df8d599730a8c5f0f79985cd7b4b2ece96 (diff) | |
parent | ef7f5a16547089a7cdba9e48d780720f606ff54a (diff) | |
download | libcore-657afa6cd8da378f30afe7b491e6d9de6c7c23fd.zip libcore-657afa6cd8da378f30afe7b491e6d9de6c7c23fd.tar.gz libcore-657afa6cd8da378f30afe7b491e6d9de6c7c23fd.tar.bz2 |
Merge "JarUtils: stop trying to build chain past candidates length" into lmp-mr1-dev
Diffstat (limited to 'harmony-tests/src/test')
-rw-r--r-- | harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java | 88 |
1 files changed, 71 insertions, 17 deletions
diff --git a/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java b/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java index f55829d..0bc8920 100644 --- a/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java +++ b/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java @@ -37,7 +37,14 @@ import java.security.cert.Certificate; import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.Enumeration; +import java.util.List; import java.util.Vector; +import java.util.concurrent.Callable; +import java.util.concurrent.ExecutorService; +import java.util.concurrent.Executors; +import java.util.concurrent.Future; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.TimeoutException; import java.util.jar.Attributes; import java.util.jar.JarEntry; import java.util.jar.JarFile; @@ -97,6 +104,27 @@ public class JarFileTest extends TestCase { private final String emptyEntryJar = "EmptyEntries_signed.jar"; + /* + * /usr/bin/openssl genrsa 2048 > root1.pem + * /usr/bin/openssl req -new -key root1.pem -out root1.csr -subj '/CN=root1' + * /usr/bin/openssl x509 -req -days 3650 -in root1.csr -signkey root1.pem -out root1.crt + * /usr/bin/openssl genrsa 2048 > root2.pem + * /usr/bin/openssl req -new -key root2.pem -out root2.csr -subj '/CN=root2' + * echo 4000 > root1.srl + * echo 8000 > root2.srl + * /usr/bin/openssl x509 -req -days 3650 -in root2.csr -CA root1.crt -CAkey root1.pem -out root2.crt + * /usr/bin/openssl x509 -req -days 3650 -in root1.csr -CA root2.crt -CAkey root2.pem -out root1.crt + * /usr/bin/openssl genrsa 2048 > signer.pem + * /usr/bin/openssl req -new -key signer.pem -out signer.csr -subj '/CN=signer' + * /usr/bin/openssl x509 -req -days 3650 -in signer.csr -CA root1.crt -CAkey root1.pem -out signer.crt + * /usr/bin/openssl pkcs12 -inkey signer.pem -in signer.crt -export -out signer.p12 -name signer -passout pass:certloop + * keytool -importkeystore -srckeystore signer.p12 -srcstoretype PKCS12 -destkeystore signer.jks -srcstorepass certloop -deststorepass certloop + * cat signer.crt root1.crt root2.crt > chain.crt + * zip -d hyts_certLoop.jar 'META-INF/*' + * jarsigner -keystore signer.jks -certchain chain.crt -storepass certloop hyts_certLoop.jar signer + */ + private final String certLoopJar = "hyts_certLoop.jar"; + private final String emptyEntry1 = "subfolder/internalSubset01.js"; private final String emptyEntry2 = "svgtest.js"; @@ -616,6 +644,9 @@ public class JarFileTest extends TestCase { // JAR with a signature that has PKCS#7 Authenticated Attributes checkSignedJar(authAttrsJar); + + // JAR with certificates that loop + checkSignedJar(certLoopJar, 3); } /** @@ -628,29 +659,52 @@ public class JarFileTest extends TestCase { checkSignedJar(jarName9); } + /** + * Checks that a JAR is signed correctly with a signature length of 1. + */ private void checkSignedJar(String jarName) throws Exception { - Support_Resources.copyFile(resources, null, jarName); + checkSignedJar(jarName, 1); + } - File file = new File(resources, jarName); - boolean foundCerts = false; + /** + * Checks that a JAR is signed correctly with a signature length of sigLength. + */ + private void checkSignedJar(String jarName, final int sigLength) throws Exception { + Support_Resources.copyFile(resources, null, jarName); - JarFile jarFile = new JarFile(file, true); - try { + final File file = new File(resources, jarName); - Enumeration<JarEntry> e = jarFile.entries(); - while (e.hasMoreElements()) { - JarEntry entry = e.nextElement(); - InputStream is = jarFile.getInputStream(entry); - is.skip(100000); - is.close(); - Certificate[] certs = entry.getCertificates(); - if (certs != null && certs.length > 0) { - foundCerts = true; - break; + ExecutorService executor = Executors.newSingleThreadExecutor(); + Future<Boolean> future = executor.submit(new Callable<Boolean>() { + @Override + public Boolean call() throws Exception { + JarFile jarFile = new JarFile(file, true); + try { + Enumeration<JarEntry> e = jarFile.entries(); + while (e.hasMoreElements()) { + JarEntry entry = e.nextElement(); + InputStream is = jarFile.getInputStream(entry); + is.skip(100000); + is.close(); + Certificate[] certs = entry.getCertificates(); + if (certs != null && certs.length > 0) { + assertEquals(sigLength, certs.length); + return true; + } + } + return false; + } finally { + jarFile.close(); } } - } finally { - jarFile.close(); + }); + executor.shutdown(); + final boolean foundCerts; + try { + foundCerts = future.get(10, TimeUnit.SECONDS); + } catch (TimeoutException e) { + fail("Could not finish building chain; possibly confused by loops"); + return; // Not actually reached. } assertTrue( |