test/jdk/sun/security/pkcs/pkcs7/PKCS7VerifyTest.java - platform/libcore - Git at Google

 /*
  * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.
  *
  * This code is distributed in the hope that it will be useful, but WITHOUT
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * version 2 for more details (a copy is included in the LICENSE file that
  * accompanied this code).
  *
  * You should have received a copy of the GNU General Public License version
  * 2 along with this work; if not, write to the Free Software Foundation,
  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  * or visit www.oracle.com if you need additional information or have any
  * questions.
  */

 /*
  * @test
  * @bug 8048357
  * @summary Read signed data in one or more PKCS7 objects from individual files,
  * verify SignerInfos and certificate chain.
  * @modules java.base/sun.security.pkcs
  * @run main/othervm PKCS7VerifyTest PKCS7TEST.DSA.base64
  * @run main/othervm PKCS7VerifyTest PKCS7TEST.DSA.base64 PKCS7TEST.SF
  */
 import java.io.ByteArrayInputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.security.Security;
 import java.security.cert.X509Certificate;
 import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
 import sun.security.pkcs.PKCS7;
 import sun.security.pkcs.SignerInfo;

 public class PKCS7VerifyTest {

     static final String TESTSRC = System.getProperty("test.src", ".");
     static final String FS = File.separator;
     static final String FILEPATH = TESTSRC + FS + "jarsigner" + FS + "META-INF"
             + FS;

     public static void main(String[] args) throws Exception {
         if (args.length == 0) {
             throw new RuntimeException("usage: java JarVerify <file1> <file2>");
         }

         Security.setProperty("jdk.jar.disabledAlgorithms", "");

         // The command " java PKCS7VerifyTest file1 [file2] "
         // treats file1 as containing the DER encoding of a PKCS7 signed data
         // object. If file2 is absent, the program verifies that some signature
         // (SignerInfo) file1 correctly signs the data contained in the
         // ContentInfo component of the PKCS7 object encoded by file1. If file2
         // is present, the program verifies file1 contains a correct signature
         // for the contents of file2.

         PKCS7 pkcs7;
         byte[] data;

         // to avoid attaching binary DSA file, the DSA file was encoded
         // in Base64, decode encoded Base64 DSA file below
         byte[] base64Bytes = Files.readAllBytes(Paths.get(FILEPATH + args[0]));
         pkcs7 = new PKCS7(new ByteArrayInputStream(
                 Base64.getMimeDecoder().decode(base64Bytes)));
         if (args.length < 2) {
             data = null;
         } else {
             data = Files.readAllBytes(Paths.get(FILEPATH + args[1]));

         }

         SignerInfo[] signerInfos = pkcs7.verify(data);

         if (signerInfos == null) {
             throw new RuntimeException("no signers verify");
         }
         System.out.println("Verifying SignerInfos:");
         for (SignerInfo signerInfo : signerInfos) {
             System.out.println(signerInfo.toString());
         }

         X509Certificate certs[] = pkcs7.getCertificates();

         HashMap<String, X509Certificate> certTable = new HashMap(certs.length);
         for (X509Certificate cert : certs) {
             certTable.put(cert.getSubjectDN().toString(), cert);
         }

         // try to verify all the certs
         for (Map.Entry<String, X509Certificate> entry : certTable.entrySet()) {

             X509Certificate cert = entry.getValue();
             X509Certificate issuerCert = certTable
                     .get(cert.getIssuerDN().toString());

             System.out.println("Subject: " + cert.getSubjectDN());
             if (issuerCert == null) {
                 System.out.println("Issuer certificate not found");
             } else {
                 System.out.println("Issuer:  " + cert.getIssuerDN());
                 cert.verify(issuerCert.getPublicKey());
                 System.out.println("Cert verifies.");
             }
             System.out.println();
         }
     }

 }
	/*
	* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	/*
	* @test
	* @bug 8048357
	* @summary Read signed data in one or more PKCS7 objects from individual files,
	* verify SignerInfos and certificate chain.
	* @modules java.base/sun.security.pkcs
	* @run main/othervm PKCS7VerifyTest PKCS7TEST.DSA.base64
	* @run main/othervm PKCS7VerifyTest PKCS7TEST.DSA.base64 PKCS7TEST.SF
	*/
	import java.io.ByteArrayInputStream;
	import java.io.File;
	import java.io.FileInputStream;
	import java.nio.file.Files;
	import java.nio.file.Path;
	import java.nio.file.Paths;
	import java.security.Security;
	import java.security.cert.X509Certificate;
	import java.util.Base64;
	import java.util.HashMap;
	import java.util.Map;
	import sun.security.pkcs.PKCS7;
	import sun.security.pkcs.SignerInfo;

	public class PKCS7VerifyTest {

	static final String TESTSRC = System.getProperty("test.src", ".");
	static final String FS = File.separator;
	static final String FILEPATH = TESTSRC + FS + "jarsigner" + FS + "META-INF"
	+ FS;

	public static void main(String[] args) throws Exception {
	if (args.length == 0) {
	throw new RuntimeException("usage: java JarVerify <file1> <file2>");
	}

	Security.setProperty("jdk.jar.disabledAlgorithms", "");

	// The command " java PKCS7VerifyTest file1 [file2] "
	// treats file1 as containing the DER encoding of a PKCS7 signed data
	// object. If file2 is absent, the program verifies that some signature
	// (SignerInfo) file1 correctly signs the data contained in the
	// ContentInfo component of the PKCS7 object encoded by file1. If file2
	// is present, the program verifies file1 contains a correct signature
	// for the contents of file2.

	PKCS7 pkcs7;
	byte[] data;

	// to avoid attaching binary DSA file, the DSA file was encoded
	// in Base64, decode encoded Base64 DSA file below
	byte[] base64Bytes = Files.readAllBytes(Paths.get(FILEPATH + args[0]));
	pkcs7 = new PKCS7(new ByteArrayInputStream(
	Base64.getMimeDecoder().decode(base64Bytes)));
	if (args.length < 2) {
	data = null;
	} else {
	data = Files.readAllBytes(Paths.get(FILEPATH + args[1]));

	}

	SignerInfo[] signerInfos = pkcs7.verify(data);

	if (signerInfos == null) {
	throw new RuntimeException("no signers verify");
	}
	System.out.println("Verifying SignerInfos:");
	for (SignerInfo signerInfo : signerInfos) {
	System.out.println(signerInfo.toString());
	}

	X509Certificate certs[] = pkcs7.getCertificates();

	HashMap<String, X509Certificate> certTable = new HashMap(certs.length);
	for (X509Certificate cert : certs) {
	certTable.put(cert.getSubjectDN().toString(), cert);
	}

	// try to verify all the certs
	for (Map.Entry<String, X509Certificate> entry : certTable.entrySet()) {

	X509Certificate cert = entry.getValue();
	X509Certificate issuerCert = certTable
	.get(cert.getIssuerDN().toString());

	System.out.println("Subject: " + cert.getSubjectDN());
	if (issuerCert == null) {
	System.out.println("Issuer certificate not found");
	} else {
	System.out.println("Issuer: " + cert.getIssuerDN());
	cert.verify(issuerCert.getPublicKey());
	System.out.println("Cert verifies.");
	}
	System.out.println();
	}
	}

	}