diff --git a/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java b/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java index 89045defe65a7..3eef654b8bdbc 100644 --- a/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java +++ b/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java @@ -338,7 +338,7 @@ public int run(String args[]) { if (hasUnsignedEntry) { exitCode |= 16; } - if (notSignedByAlias || aliasNotInStore) { + if (notSignedByAlias) { exitCode |= 32; } if (tsaChainNotValidated) { diff --git a/test/jdk/sun/security/tools/jarsigner/CheckUsage.java b/test/jdk/sun/security/tools/jarsigner/CheckUsage.java index 1eab6df2b1e30..4d199eeae163e 100644 --- a/test/jdk/sun/security/tools/jarsigner/CheckUsage.java +++ b/test/jdk/sun/security/tools/jarsigner/CheckUsage.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010, 2019, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2010, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -82,23 +82,29 @@ public static void main(String[] args) throws Exception { // Verify with own keystore is perfect. SecurityTools.jarsigner("-keystore js.jks -storepass changeit " + "-strict -verify a.jar") + .shouldNotContain("not signed by alias in this keystore") .shouldHaveExitValue(0); - // Verify with only CA keystore is also mostly OK + // Verify with only CA keystore is mostly OK SecurityTools.jarsigner("-keystore trust.jks -storepass changeit " + "-strict -verify a.jar") - .shouldHaveExitValue(32); //aliasNotInStore(32) + .shouldContain("not signed by alias in this keystore") + .shouldHaveExitValue(0); // Test 3: When no keystore is specified, the error is only // "chain invalid" SecurityTools.jarsigner("-strict -verify a.jar") + .shouldContainOrderedSequence("Error:", "certificate chain is invalid", "Warning:") + .shouldNotContain("not signed by alias in this keystore") .shouldHaveExitValue(4); // Test 4: When unrelated keystore is specified, the error is - // "chain invalid" and "not alias in keystore" + // "chain invalid" and the warning is "not alias in keystore" SecurityTools.jarsigner("-keystore unrelated.jks -storepass changeit " + "-strict -verify a.jar") - .shouldHaveExitValue(36); + .shouldContainOrderedSequence("Error:", "certificate chain is invalid", "Warning:") + .shouldContainOrderedSequence("Warning:", "not signed by alias in this keystore") + .shouldHaveExitValue(4); } } diff --git a/test/jdk/sun/security/tools/jarsigner/EnableRevocation.java b/test/jdk/sun/security/tools/jarsigner/EnableRevocation.java index 406545f135159..2af1ef7c38123 100644 --- a/test/jdk/sun/security/tools/jarsigner/EnableRevocation.java +++ b/test/jdk/sun/security/tools/jarsigner/EnableRevocation.java @@ -88,6 +88,6 @@ public static void main(String[] args) throws Exception { "-strict -verbose -debug -revCheck") .shouldContain("Contacting OCSP server at") .shouldContain("Downloading CRL from") - .shouldHaveExitValue(36); // aliasNotInStore(32), chainNotValidated(4) + .shouldHaveExitValue(4); } } diff --git a/test/jdk/sun/security/tools/jarsigner/warnings/AliasNotInStoreTest.java b/test/jdk/sun/security/tools/jarsigner/warnings/AliasNotInStoreTest.java index 539b77969d9a4..c126d8d187fb7 100644 --- a/test/jdk/sun/security/tools/jarsigner/warnings/AliasNotInStoreTest.java +++ b/test/jdk/sun/security/tools/jarsigner/warnings/AliasNotInStoreTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -117,8 +117,7 @@ private void start() throws Throwable { "-keypass", PASSWORD, UPDATED_SIGNED_JARFILE); - int expectedExitCode = ALIAS_NOT_IN_STORE_EXIT_CODE - + CHAIN_NOT_VALIDATED_EXIT_CODE; + int expectedExitCode = CHAIN_NOT_VALIDATED_EXIT_CODE; checkVerifying(analyzer, expectedExitCode, CHAIN_NOT_VALIDATED_VERIFYING_WARNING, ALIAS_NOT_IN_STORE_VERIFYING_WARNING); diff --git a/test/jdk/sun/security/tools/jarsigner/warnings/Test.java b/test/jdk/sun/security/tools/jarsigner/warnings/Test.java index 71d4ee144b99b..ef9496d710861 100644 --- a/test/jdk/sun/security/tools/jarsigner/warnings/Test.java +++ b/test/jdk/sun/security/tools/jarsigner/warnings/Test.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2021, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -164,7 +164,6 @@ public abstract class Test { static final int BAD_EXTENDED_KEY_USAGE_EXIT_CODE = 8; static final int BAD_NETSCAPE_CERT_TYPE_EXIT_CODE = 8; static final int HAS_UNSIGNED_ENTRY_EXIT_CODE = 16; - static final int ALIAS_NOT_IN_STORE_EXIT_CODE = 32; static final int NOT_SIGNED_BY_ALIAS_EXIT_CODE = 32; protected void createAlias(String alias, String ... options) diff --git a/test/lib-test/jdk/test/lib/process/OutputAnalyzerTest.java b/test/lib-test/jdk/test/lib/process/OutputAnalyzerTest.java index 3426c7daab9fc..121e5fbfca602 100644 --- a/test/lib-test/jdk/test/lib/process/OutputAnalyzerTest.java +++ b/test/lib-test/jdk/test/lib/process/OutputAnalyzerTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013, 2022, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013, 2024, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -242,6 +242,31 @@ public static void main(String args[]) throws Exception { } } } - } + // Multi lines + OutputAnalyzer multi = new OutputAnalyzer(""" + first + second + third + fourth + fifth + """, ""); + multi.shouldContainOrderedSequence(); + multi.shouldContainOrderedSequence("first"); + multi.shouldContainOrderedSequence("first", "third", "fifth"); + multi.shouldContainOrderedSequence("fir", "ird", "fif"); + multi.shouldContainOrderedSequence("second", "fourth"); + try { + multi.shouldContainOrderedSequence("second", "first"); + throw new RuntimeException("Should not succeed"); + } catch (RuntimeException e) { + // good + } + try { + multi.shouldContainOrderedSequence("second", "sixth"); + throw new RuntimeException("Should not succeed"); + } catch (RuntimeException e) { + // good + } + } } diff --git a/test/lib/jdk/test/lib/process/OutputAnalyzer.java b/test/lib/jdk/test/lib/process/OutputAnalyzer.java index 24bb18e3d4b78..19da11192c1d2 100644 --- a/test/lib/jdk/test/lib/process/OutputAnalyzer.java +++ b/test/lib/jdk/test/lib/process/OutputAnalyzer.java @@ -897,4 +897,25 @@ public void shouldNotHaveFatalError() { shouldNotMatch(FATAL_ERROR_PAT); } + /** + * Verify that lines in the stdout and stderr contents of output buffer + * contains each item of strings, in the order they appear. Note that + * two items cannot appear in the same line. + * + * @param strings Strings that buffer should contain + * @throws RuntimeException If not all string are found + */ + public OutputAnalyzer shouldContainOrderedSequence(String... strings) { + String[] lines = asLines().toArray(new String[0]); + int elementIndex = 0; + for (String line : lines) { + if (elementIndex < strings.length && line.contains(strings[elementIndex])) { + elementIndex++; + } + } + if (elementIndex != strings.length) { + throw new RuntimeException("Elements do not appear in the correct order."); + } + return this; + } }