Path: blob/master/test/jdk/sun/security/tools/jarsigner/PosixPermissionsTest.java
41152 views
/*1* Copyright (c) 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation.7*8* This code is distributed in the hope that it will be useful, but WITHOUT9* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or10* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License11* version 2 for more details (a copy is included in the LICENSE file that12* accompanied this code).13*14* You should have received a copy of the GNU General Public License version15* 2 along with this work; if not, write to the Free Software Foundation,16* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.17*18* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA19* or visit www.oracle.com if you need additional information or have any20* questions.21*/2223/**24* @test25* @bug 821802126* @summary Have jarsigner preserve posix permission attributes27* @modules jdk.jartool/sun.security.tools.jarsigner28* java.base/sun.security.tools.keytool29* @library /test/lib30* @run main/othervm PosixPermissionsTest31*/3233import java.net.URI;34import java.nio.file.FileSystem;35import java.nio.file.FileSystems;36import java.nio.file.Files;37import java.nio.file.Path;38import java.nio.file.StandardCopyOption;39import java.nio.file.attribute.PosixFilePermission;40import java.nio.file.attribute.PosixFilePermissions;41import java.util.HashMap;42import java.util.List;43import java.util.Map;44import java.util.Set;4546import jdk.test.lib.SecurityTools;4748public class PosixPermissionsTest {49private static List<String> perms = List.of(50"---------",51"r--------",52"-w-------",53"--x------",54"rwx------",55"---r-----",56"----w----",57"-----x---",58"---rwx---",59"------r--",60"-------w-",61"--------x",62"------rwx",63"r--r-----",64"r--r--r--",65"rw-rw----",66"rwxrwx---",67"rw-rw-r--",68"r-xr-x---",69"r-xr-xr-x",70"rwxrwxrwx");7172private final static String ZIPFILENAME = "8218021-test.zip";73private final static String JARFILENAME = "8218021-test.jar";74private final static URI JARURI = URI.create("jar:" + Path.of(JARFILENAME).toUri());75private final static URI ZIPURI = URI.create("jar:" + Path.of(ZIPFILENAME).toUri());76private static Path file;77private static int count;78private static Set<PosixFilePermission> permsSet;79private static String expectedJarPerms;80private static final String WARNING_MSG = "POSIX file permission and/or symlink " +81"attributes detected. These attributes are ignored when signing and are not " +82"protected by the signature.";8384public static void main(String[] args) throws Exception {85createFiles();8687// check permissions before signing88verifyFilePermissions(ZIPURI, true);89verifyFilePermissions(JARURI, false);9091// generate key for signing92SecurityTools.keytool(93"-genkey",94"-keyalg", "RSA",95"-dname", "CN=Coffey, OU=JPG, O=Oracle, L=Santa Clara, ST=California, C=US",96"-alias", "examplekey",97"-storepass", "password",98"-keypass", "password",99"-keystore", "examplekeystore",100"-validity", "365")101.shouldHaveExitValue(0);102103// sign zip file - expect warning104SecurityTools.jarsigner(105"-keystore", "examplekeystore",106"-verbose", ZIPFILENAME,107"-storepass", "password",108"-keypass", "password",109"examplekey")110.shouldHaveExitValue(0)111.shouldContain(WARNING_MSG);112113// recheck permissions after signing114verifyFilePermissions(ZIPURI, true);115116// sign jar file - expect no warning117SecurityTools.jarsigner(118"-keystore", "examplekeystore",119"-verbose", JARFILENAME,120"-storepass", "password",121"-keypass", "password",122"examplekey")123.shouldHaveExitValue(0)124.shouldNotContain(WARNING_MSG);125126// recheck permissions after signing127verifyFilePermissions(JARURI, false);128129// verify zip file - expect warning130SecurityTools.jarsigner(131"-keystore", "examplekeystore",132"-storepass", "password",133"-keypass", "password",134"-verbose",135"-verify", ZIPFILENAME)136.shouldHaveExitValue(0)137.shouldContain(WARNING_MSG);138139// verify jar file - expect no warning140SecurityTools.jarsigner(141"-keystore", "examplekeystore",142"-storepass", "password",143"-keypass", "password",144"-verbose",145"-verify", JARFILENAME)146.shouldHaveExitValue(0)147.shouldNotContain(WARNING_MSG);148}149150private static void createFiles() throws Exception {151152String fileList = " ";153Map<String, String> env = new HashMap<>();154env.put("create", "true");155env.put("enablePosixFileAttributes", "true");156157try (FileSystem zipfs = FileSystems.newFileSystem(ZIPURI, env)) {158for (String s : perms) {159file = Path.of("test_" + count++);160fileList += file + " ";161permsSet = PosixFilePermissions.fromString(s);162Files.createFile(file);163164Files.copy(file,165zipfs.getPath(file.toString()),166StandardCopyOption.COPY_ATTRIBUTES);167Files.setPosixFilePermissions(zipfs.getPath(file.toString()), permsSet);168}169}170171// create jar file for testing also172SecurityTools.jar("cf " + JARFILENAME + fileList);173try (FileSystem jarfs = FileSystems.newFileSystem(JARURI, env)) {174expectedJarPerms = PosixFilePermissions.toString(175Files.getPosixFilePermissions(jarfs.getPath("test_1")));176}177}178179private static void verifyFilePermissions(URI u, boolean containAttributes) throws Exception {180count = 0;181for (String s : perms) {182file = Path.of("test_" + count++);183checkEntryAttributes(u, file, s, containAttributes);184}185}186187private static void checkEntryAttributes(URI uri, Path file,188String expectedPerms, boolean containAttributes) throws Exception {189try (FileSystem zipfs = FileSystems.newFileSystem(uri, Map.of("enablePosixFileAttributes", "true"))) {190Path p = zipfs.getPath(file.getFileName().toString());191Set<PosixFilePermission> permsSet = Files.getPosixFilePermissions(p);192String actualPerms = PosixFilePermissions.toString(permsSet);193if (containAttributes) {194if (!expectedPerms.equals(actualPerms)) {195throw new RuntimeException("Unexpected permissions for: " + file + ". Received: " + actualPerms);196}197} else {198if (!actualPerms.equals(expectedJarPerms)) {199throw new RuntimeException("Expected default permissions for " + file);200}201}202}203}204}205206207