changeset 3209:b8713c88c060

7004035: signed jar with only META-INF/* inside is not verifiable Reviewed-by: mullan
author weijun
date Mon, 06 Dec 2010 10:46:18 +0800
parents 51dd8df77406
children 6fc2e1efcb9a
files src/share/classes/sun/security/tools/JarSigner.java src/share/classes/sun/security/util/ManifestEntryVerifier.java src/share/classes/sun/security/util/SignatureFileVerifier.java test/sun/security/tools/jarsigner/JarSigningNonAscii.java test/sun/security/tools/jarsigner/concise_jarsigner.sh test/sun/security/tools/jarsigner/onlymanifest.sh
diffstat 6 files changed, 95 insertions(+), 17 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/JarSigner.java	Sun Dec 05 16:08:01 2010 -0800
+++ b/src/share/classes/sun/security/tools/JarSigner.java	Mon Dec 06 10:46:18 2010 +0800
@@ -723,7 +723,7 @@
                         if (signatureRelated(name)) {
                             // Entries inside META-INF and other unsigned
                             // entries are grouped separately.
-                            label = "-" + label.substring(1);
+                            label = "-" + label;
                         }
 
                         // The label finally contains 2 parts separated by '|':
@@ -752,7 +752,7 @@
                     List<String> files = s.getValue();
                     String key = s.getKey();
                     if (key.charAt(0) == '-') { // the signature-related group
-                        key = ' ' + key.substring(1);
+                        key = key.substring(1);
                     }
                     int pipe = key.indexOf('|');
                     if (verbose.equals("all")) {
--- a/src/share/classes/sun/security/util/ManifestEntryVerifier.java	Sun Dec 05 16:08:01 2010 -0800
+++ b/src/share/classes/sun/security/util/ManifestEntryVerifier.java	Mon Dec 06 10:46:18 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -185,7 +185,10 @@
                 Hashtable<String, CodeSigner[]> sigFileSigners)
         throws JarException
     {
-        if (skip) return null;
+        // MANIFEST.MF should not be skipped. It has signers.
+        if (skip && !entry.getName().equals(JarFile.MANIFEST_NAME)) {
+            return null;
+        }
 
         if (signers != null)
             return signers;
--- a/src/share/classes/sun/security/util/SignatureFileVerifier.java	Sun Dec 05 16:08:01 2010 -0800
+++ b/src/share/classes/sun/security/util/SignatureFileVerifier.java	Mon Dec 06 10:46:18 2010 +0800
@@ -265,6 +265,9 @@
                 debug.println("processSignature unsigned name = "+name);
             }
         }
+
+        // MANIFEST.MF is always regarded as signed
+        updateSigners(newSigners, signers, JarFile.MANIFEST_NAME);
     }
 
     /**
--- a/test/sun/security/tools/jarsigner/JarSigningNonAscii.java	Sun Dec 05 16:08:01 2010 -0800
+++ b/test/sun/security/tools/jarsigner/JarSigningNonAscii.java	Mon Dec 06 10:46:18 2010 +0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -113,7 +113,7 @@
             }
         }
 
-        if (isSignedCount != 3) {
+        if (isSignedCount != 4) {
             throw new SecurityException("error signing JAR file");
         }
 
--- a/test/sun/security/tools/jarsigner/concise_jarsigner.sh	Sun Dec 05 16:08:01 2010 -0800
+++ b/test/sun/security/tools/jarsigner/concise_jarsigner.sh	Mon Dec 06 10:46:18 2010 +0800
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -103,27 +103,31 @@
 LINES=`$JARSIGNER -verify a.jar -verbose:grouped | grep $YEAR | wc -l`
 [ $LINES = 12 ] || exit $LINENO
 
-# 3 groups: unrelated, signed, unsigned
+# 4 groups: MANIFST, unrelated, signed, unsigned
 LINES=`$JARSIGNER -verify a.jar -verbose:summary | grep $YEAR | wc -l`
+[ $LINES = 4 ] || exit $LINENO
+
+# still 4 groups, but MANIFEST group has no other file
+LINES=`$JARSIGNER -verify a.jar -verbose:summary | grep "more)" | wc -l`
 [ $LINES = 3 ] || exit $LINENO
 
-# 4 groups: unrelated, signed by a1/a2, signed by a2, unsigned
+# 5 groups: MANIFEST, unrelated, signed by a1/a2, signed by a2, unsigned
 LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep $YEAR | wc -l`
-[ $LINES = 4 ] || exit $LINENO
+[ $LINES = 5 ] || exit $LINENO
 
-# 2*2 for A1/A2, 2 for A3/A4
+# 2 for MANIFEST, 2*2 for A1/A2, 2 for A3/A4
 LINES=`$JARSIGNER -verify a.jar -verbose -certs | grep "\[certificate" | wc -l`
-[ $LINES = 6 ] || exit $LINENO
+[ $LINES = 8 ] || exit $LINENO
 
-# a1,a2 for A1/A2, a2 for A3/A4
+# a1,a2 for MANIFEST, a1,a2 for A1/A2, a2 for A3/A4
 LINES=`$JARSIGNER -verify a.jar -verbose:grouped -certs | grep "\[certificate" | wc -l`
-[ $LINES = 3 ] || exit $LINENO
+[ $LINES = 5 ] || exit $LINENO
 
-# a1,a2 for A1/A2, a2 for A3/A4
+# a1,a2 for MANIFEST, a1,a2 for A1/A2, a2 for A3/A4
 LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep "\[certificate" | wc -l`
-[ $LINES = 3 ] || exit $LINENO
+[ $LINES = 5 ] || exit $LINENO
 
-# 4 groups
+# still 5 groups, but MANIFEST group has no other file
 LINES=`$JARSIGNER -verify a.jar -verbose:summary -certs | grep "more)" | wc -l`
 [ $LINES = 4 ] || exit $LINENO
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/sun/security/tools/jarsigner/onlymanifest.sh	Mon Dec 06 10:46:18 2010 +0800
@@ -0,0 +1,68 @@
+#
+# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+#
+# This code is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License version 2 only, as
+# published by the Free Software Foundation.
+#
+# This code is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+# version 2 for more details (a copy is included in the LICENSE file that
+# accompanied this code).
+#
+# You should have received a copy of the GNU General Public License version
+# 2 along with this work; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+# or visit www.oracle.com if you need additional information or have any
+# questions.
+#
+
+# @test
+# @bug 7004035
+# @summary signed jar with only META-INF/* inside is not verifiable
+#
+
+if [ "${TESTJAVA}" = "" ] ; then
+  JAVAC_CMD=`which javac`
+  TESTJAVA=`dirname $JAVAC_CMD`/..
+fi
+
+# set platform-dependent variables
+OS=`uname -s`
+case "$OS" in
+  Windows_* )
+    FS="\\"
+    ;;
+  * )
+    FS="/"
+    ;;
+esac
+
+KS=onlymanifest.jks
+JFILE=onlymanifest.jar
+
+KT="$TESTJAVA${FS}bin${FS}keytool -storepass changeit -keypass changeit \
+        -keystore $KS"
+JAR=$TESTJAVA${FS}bin${FS}jar
+JARSIGNER=$TESTJAVA${FS}bin${FS}jarsigner
+
+rm $KS $JFILE 2> /dev/null
+
+# Create an empty jar file with only MANIFEST.MF
+
+echo "Key: Value" > manifest
+$JAR cvfm $JFILE manifest
+
+$KT -alias a -dname CN=a -genkey -validity 300 || exit 1
+$JARSIGNER -keystore $KS -storepass changeit $JFILE a -debug -strict || exit 2
+$JARSIGNER -keystore $KS -storepass changeit -verify $JFILE a -debug -strict \
+        > onlymanifest.out || exit 3
+
+grep unsigned onlymanifest.out && exit 4
+
+exit 0
+