1 files changed, 76 insertions, 0 deletions

diff --git a/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java b/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java
index 49e7868..d5d8191 100644
--- a/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java
+++ b/harmony-tests/src/test/java/org/apache/harmony/tests/java/util/jar/JarFileTest.java
@@ -23,8 +23,11 @@ import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
+import java.security.CodeSigner;
 import java.security.Permission;
 import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.Vector;
 import java.util.jar.Attributes;
@@ -92,6 +95,12 @@ public class JarFileTest extends TestCase {
 
     private final String emptyEntry3 = "svgunit.js";
 
+    private static final String VALID_CHAIN_JAR = "hyts_signed_validChain.jar";
+
+    private static final String INVALID_CHAIN_JAR = "hyts_signed_invalidChain.jar";
+
+    private static final String AMBIGUOUS_SIGNERS_JAR = "hyts_signed_ambiguousSignerArray.jar";
+
     private File resources;
 
     // custom security manager
@@ -641,6 +650,73 @@ public class JarFileTest extends TestCase {
                         + jarName + "\"", foundCerts);
     }
 
+    private static class Results {
+        public Certificate[] certificates;
+        public CodeSigner[] signers;
+    }
+
+    private Results getSignedJarCerts(String jarName) throws Exception {
+        Support_Resources.copyFile(resources, null, jarName);
+
+        File file = new File(resources, jarName);
+        Results results = new Results();
+
+        JarFile jarFile = new JarFile(file, true, ZipFile.OPEN_READ);
+        try {
+
+            Enumeration<JarEntry> e = jarFile.entries();
+            while (e.hasMoreElements()) {
+                JarEntry entry = e.nextElement();
+                InputStream is = jarFile.getInputStream(entry);
+                // Skip bytes because we have to read the entire file for it to read signatures.
+                is.skip(entry.getSize());
+                is.close();
+                Certificate[] certs = entry.getCertificates();
+                CodeSigner[] signers = entry.getCodeSigners();
+                if (certs != null && certs.length > 0) {
+                    results.certificates = certs;
+                    results.signers = signers;
+                    break;
+                }
+            }
+        } finally {
+            jarFile.close();
+        }
+
+        return results;
+    }
+
+    public void testJarFile_Signed_ValidChain() throws Exception {
+        Results result = getSignedJarCerts(VALID_CHAIN_JAR);
+        assertNotNull(result);
+        assertEquals(Arrays.deepToString(result.certificates), 3, result.certificates.length);
+        assertEquals(Arrays.deepToString(result.signers), 1, result.signers.length);
+        assertEquals(3, result.signers[0].getSignerCertPath().getCertificates().size());
+        assertEquals("CN=fake-chain", ((X509Certificate) result.certificates[0]).getSubjectDN().toString());
+        assertEquals("CN=intermediate1", ((X509Certificate) result.certificates[1]).getSubjectDN().toString());
+        assertEquals("CN=root1", ((X509Certificate) result.certificates[2]).getSubjectDN().toString());
+    }
+
+    public void testJarFile_Signed_InvalidChain() throws Exception {
+        Results result = getSignedJarCerts(INVALID_CHAIN_JAR);
+        assertNotNull(result);
+        assertEquals(Arrays.deepToString(result.certificates), 3, result.certificates.length);
+        assertEquals(Arrays.deepToString(result.signers), 1, result.signers.length);
+        assertEquals(3, result.signers[0].getSignerCertPath().getCertificates().size());
+        assertEquals("CN=fake-chain", ((X509Certificate) result.certificates[0]).getSubjectDN().toString());
+        assertEquals("CN=intermediate1", ((X509Certificate) result.certificates[1]).getSubjectDN().toString());
+        assertEquals("CN=root1", ((X509Certificate) result.certificates[2]).getSubjectDN().toString());
+    }
+
+    public void testJarFile_Signed_AmbiguousSigners() throws Exception {
+        Results result = getSignedJarCerts(AMBIGUOUS_SIGNERS_JAR);
+        assertNotNull(result);
+        assertEquals(Arrays.deepToString(result.certificates), 2, result.certificates.length);
+        assertEquals(Arrays.deepToString(result.signers), 2, result.signers.length);
+        assertEquals(1, result.signers[0].getSignerCertPath().getCertificates().size());
+        assertEquals(1, result.signers[1].getSignerCertPath().getCertificates().size());
+    }
+
     /*
      * The jar created by 1.4 which does not provide a
      * algorithm-Digest-Manifest-Main-Attributes entry in .SF file.