Mercurial > hg > icedtea8-forest > jdk
changeset 12340:16c649b70dc3 jdk8u112-b13
Merge
| author | asaha |
|---|---|
| date | Wed, 14 Sep 2016 13:31:40 -0700 |
| parents | fc179421bb7e (current diff) 3f1a07c3a600 (diff) |
| children | f9dc4a6e93d0 |
| files | .hgtags test/sun/security/tools/jarsigner/warnings/Test.java |
| diffstat | 5 files changed, 47 insertions(+), 20 deletions(-) [+] |
line wrap: on
line diff
--- a/.hgtags Tue Sep 06 11:00:50 2016 -0700 +++ b/.hgtags Wed Sep 14 13:31:40 2016 -0700 @@ -640,6 +640,7 @@ c959cff8f7accc5dc2a334a977a95fe1dcb9e812 jdk8u111-b09 1f15a299d2bf9a8bed33a2bdf36745c8238aafbb jdk8u111-b10 28e488c17b7a276e9ce00a0488bbc53094294e14 jdk8u111-b11 +b1304d71a2ec04ae6fa0a46120a5beba40a6f5ba jdk8u111-b12 47e20a90bdbb2327289e330606b73a9fe4dc857e jdk8u112-b00 96393e490afd4acba5b92c5ede68dc9bbb60a38e jdk8u112-b01 b44d695f738baba091370828b84ae2c4cd715c1b jdk8u112-b02
--- a/src/share/classes/sun/security/pkcs/SignerInfo.java Tue Sep 06 11:00:50 2016 -0700 +++ b/src/share/classes/sun/security/pkcs/SignerInfo.java Wed Sep 14 13:31:40 2016 -0700 @@ -55,6 +55,7 @@ import sun.security.util.DerOutputStream; import sun.security.util.DerValue; import sun.security.util.DisabledAlgorithmConstraints; +import sun.security.util.KeyUtil; import sun.security.util.ObjectIdentifier; import sun.security.x509.AlgorithmId; import sun.security.x509.X500Name; @@ -399,7 +400,9 @@ // check if the public key is restricted if (!JAR_DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) { throw new SignatureException("Public key check failed. " + - "Disabled algorithm used: " + key.getAlgorithm()); + "Disabled key used: " + + KeyUtil.getKeySize(key) + " bit " + + key.getAlgorithm()); } if (cert.hasUnsupportedCriticalExtension()) {
--- a/src/share/classes/sun/security/tools/jarsigner/Main.java Tue Sep 06 11:00:50 2016 -0700 +++ b/src/share/classes/sun/security/tools/jarsigner/Main.java Wed Sep 14 13:31:40 2016 -0700 @@ -603,6 +603,7 @@ } Manifest man = jf.getManifest(); + boolean hasSignature = false; // The map to record display info, only used when -verbose provided // key: signer info string @@ -618,6 +619,10 @@ while (e.hasMoreElements()) { JarEntry je = e.nextElement(); String name = je.getName(); + + hasSignature = hasSignature + || SignatureFileVerifier.isBlockOrSF(name); + CodeSigner[] signers = je.getCodeSigners(); boolean isSigned = (signers != null); anySigned |= isSigned; @@ -757,8 +762,11 @@ System.out.println(rb.getString("no.manifest.")); if (!anySigned) { - System.out.println(rb.getString( - "jar.is.unsigned.signatures.missing.or.not.parsable.")); + if (hasSignature) { + System.out.println(rb.getString("jar.treated.unsigned")); + } else { + System.out.println(rb.getString("jar.is.unsigned")); + } } else { boolean warningAppeared = false; boolean errorAppeared = false;
--- a/src/share/classes/sun/security/tools/jarsigner/Resources.java Tue Sep 06 11:00:50 2016 -0700 +++ b/src/share/classes/sun/security/tools/jarsigner/Resources.java Wed Sep 14 13:31:40 2016 -0700 @@ -135,8 +135,10 @@ {"no.manifest.", "no manifest."}, {".Signature.related.entries.","(Signature related entries)"}, {".Unsigned.entries.", "(Unsigned entries)"}, - {"jar.is.unsigned.signatures.missing.or.not.parsable.", - "jar is unsigned. (signatures missing or not parsable)"}, + {"jar.is.unsigned", + "jar is unsigned."}, + {"jar.treated.unsigned", + "Signature not parsable or verifiable. The jar will be treated as unsigned. The jar may have been signed with a weak algorithm that is now disabled. For more information, rerun jarsigner with debug enabled (-J-Djava.security.debug=jar)."}, {"jar.signed.", "jar signed."}, {"jar.signed.with.signer.errors.", "jar signed, with signer errors."}, {"jar.verified.", "jar verified."},
--- a/test/lib/testlibrary/jdk/testlibrary/OutputAnalyzer.java Tue Sep 06 11:00:50 2016 -0700 +++ b/test/lib/testlibrary/jdk/testlibrary/OutputAnalyzer.java Wed Sep 14 13:31:40 2016 -0700 @@ -90,13 +90,14 @@ * @throws RuntimeException * If the string was not found */ - public void shouldContain(String expectedString) { + public OutputAnalyzer shouldContain(String expectedString) { if (!stdout.contains(expectedString) && !stderr.contains(expectedString)) { reportDiagnosticSummary(); throw new RuntimeException("'" + expectedString + "' missing from stdout/stderr \n"); } + return this; } /** @@ -107,12 +108,13 @@ * @throws RuntimeException * If the string was not found */ - public void stdoutShouldContain(String expectedString) { + public OutputAnalyzer stdoutShouldContain(String expectedString) { if (!stdout.contains(expectedString)) { reportDiagnosticSummary(); throw new RuntimeException("'" + expectedString + "' missing from stdout \n"); } + return this; } /** @@ -123,24 +125,25 @@ * @throws RuntimeException * If the string was not found */ - public void stderrShouldContain(String expectedString) { + public OutputAnalyzer stderrShouldContain(String expectedString) { if (!stderr.contains(expectedString)) { reportDiagnosticSummary(); throw new RuntimeException("'" + expectedString + "' missing from stderr \n"); } + return this; } /** * Verify that the stdout and stderr contents of output buffer does not * contain the string * - * @param expectedString + * @param notExpectedString * String that the buffer should not contain * @throws RuntimeException * If the string was found */ - public void shouldNotContain(String notExpectedString) { + public OutputAnalyzer shouldNotContain(String notExpectedString) { if (stdout.contains(notExpectedString)) { reportDiagnosticSummary(); throw new RuntimeException("'" + notExpectedString @@ -151,23 +154,25 @@ throw new RuntimeException("'" + notExpectedString + "' found in stderr \n"); } + return this; } /** * Verify that the stdout contents of output buffer does not contain the * string * - * @param expectedString + * @param notExpectedString * String that the buffer should not contain * @throws RuntimeException * If the string was found */ - public void stdoutShouldNotContain(String notExpectedString) { + public OutputAnalyzer stdoutShouldNotContain(String notExpectedString) { if (stdout.contains(notExpectedString)) { reportDiagnosticSummary(); throw new RuntimeException("'" + notExpectedString + "' found in stdout \n"); } + return this; } /** @@ -195,7 +200,7 @@ * @throws RuntimeException * If the pattern was not found */ - public void shouldMatch(String pattern) { + public OutputAnalyzer shouldMatch(String pattern) { Matcher stdoutMatcher = Pattern.compile(pattern, Pattern.MULTILINE) .matcher(stdout); Matcher stderrMatcher = Pattern.compile(pattern, Pattern.MULTILINE) @@ -205,6 +210,7 @@ throw new RuntimeException("'" + pattern + "' missing from stdout/stderr \n"); } + return this; } /** @@ -214,7 +220,7 @@ * @throws RuntimeException * If the pattern was not found */ - public void stdoutShouldMatch(String pattern) { + public OutputAnalyzer stdoutShouldMatch(String pattern) { Matcher matcher = Pattern.compile(pattern, Pattern.MULTILINE).matcher( stdout); if (!matcher.find()) { @@ -222,6 +228,7 @@ throw new RuntimeException("'" + pattern + "' missing from stdout \n"); } + return this; } /** @@ -231,7 +238,7 @@ * @throws RuntimeException * If the pattern was not found */ - public void stderrShouldMatch(String pattern) { + public OutputAnalyzer stderrShouldMatch(String pattern) { Matcher matcher = Pattern.compile(pattern, Pattern.MULTILINE).matcher( stderr); if (!matcher.find()) { @@ -239,6 +246,7 @@ throw new RuntimeException("'" + pattern + "' missing from stderr \n"); } + return this; } /** @@ -249,7 +257,7 @@ * @throws RuntimeException * If the pattern was found */ - public void shouldNotMatch(String pattern) { + public OutputAnalyzer shouldNotMatch(String pattern) { Matcher matcher = Pattern.compile(pattern, Pattern.MULTILINE).matcher( stdout); if (matcher.find()) { @@ -263,6 +271,7 @@ throw new RuntimeException("'" + pattern + "' found in stderr: '" + matcher.group() + "' \n"); } + return this; } /** @@ -273,13 +282,14 @@ * @throws RuntimeException * If the pattern was found */ - public void stdoutShouldNotMatch(String pattern) { + public OutputAnalyzer stdoutShouldNotMatch(String pattern) { Matcher matcher = Pattern.compile(pattern, Pattern.MULTILINE).matcher( stdout); if (matcher.find()) { reportDiagnosticSummary(); throw new RuntimeException("'" + pattern + "' found in stdout \n"); } + return this; } /** @@ -290,13 +300,14 @@ * @throws RuntimeException * If the pattern was found */ - public void stderrShouldNotMatch(String pattern) { + public OutputAnalyzer stderrShouldNotMatch(String pattern) { Matcher matcher = Pattern.compile(pattern, Pattern.MULTILINE).matcher( stderr); if (matcher.find()) { reportDiagnosticSummary(); throw new RuntimeException("'" + pattern + "' found in stderr \n"); } + return this; } /** @@ -344,12 +355,13 @@ * If the exit value from the process did not match the expected * value */ - public void shouldHaveExitValue(int expectedExitValue) { + public OutputAnalyzer shouldHaveExitValue(int expectedExitValue) { if (getExitValue() != expectedExitValue) { reportDiagnosticSummary(); throw new RuntimeException("Expected to get exit value of [" + expectedExitValue + "]\n"); } + return this; } /** @@ -357,11 +369,12 @@ * - standard input produced by the process under test - standard output - * exit code Note: the command line is printed by the ProcessTools */ - private void reportDiagnosticSummary() { + private OutputAnalyzer reportDiagnosticSummary() { String msg = " stdout: [" + stdout + "];\n" + " stderr: [" + stderr + "]\n" + " exitValue = " + getExitValue() + "\n"; System.err.println(msg); + return this; } /**