1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
/*
* Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug JDK-8298127
* @summary verify JAR files signed with HSS/LMS
* @library /test/lib
* @run main VerifyHSSSignedJar
*/
import jdk.test.lib.SecurityTools;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Base64;
public class VerifyHSSSignedJar {
public static void main(String[] args) throws Exception {
// This is a signed JAR file using the HSS/LMS signature algorithm.
String jarFile = """
UEsDBBQAAAAIAFKWqlbvY1zrjQAAAJAAAAAUABwATUVUQS1JTkYvTUFOSUZFU1Qu
TUZVVAkAA7wfXGS8H1xkdXgLAAEE9QEAAAQAAAAA803My0xLLS7RDUstKs7Mz7NS
MNQz4OVyLkpNLElN0XWqtFIwMtTNzCtJLcpLzFHQ8C9KTM5JVXDOLyrIL0osAerQ
5OXi5fJLzE0FauXlCvZw1DUyNdN1yUwHmmqlEGgYnp1YkRcS7FdeFmbh5K7tb5ll
6ObvX2rql+4YEOBlXhDm7WUQ6WfkHmoLMggAUEsDBBQAAAAIAFKWqlZLYPST8gAA
ADIBAAASABwATUVUQS1JTkYvU0lHTkVSLlNGVVQJAAO8H1xkvB9cZHV4CwABBPUB
AAAEAAAAAHWPTU+DMACG7yT8hx41pA6aCIPEw4ARNHxtC3Vyq66DZtBiKYL8eolH
E2/P5X2evCdWc6JGSSGmcmCCe8B6MHUtkJQoeoH+tweQBRlXVHLSgrtcko+WgkDI
Xkii1sW9rp3iHUSPNgxZTQcFU8LZdQUP3FJ5WdJJRM7Yz1m2ea3O0nTHzdzNoYU/
m9byOzuc8CEQT/9qVmAc7pSS7H1UdPBAhUWPqRLJs2ENcYX8cCze/KSseLXdJ7Gu
gam4Ruf0SA6Re1vNupaRjq7f/kY8gI9fxrjvm3qZm8FuqiJnRll29RLmLyZneOs4
qHYRwjj9Ff0AUEsDBBQAAAAIAFKWqlbb/AXeEAsAABgMAAATABwATUVUQS1JTkYv
U0lHTkVSLkRTQVVUCQADvB9cZLwfXGR1eAsAAQT1AQAABAAAAADFlWk41P0ax80Y
MgYz9j1rSrb/2IlibJN9Xwcj+1ZE2creZF8qS5aMnawl+5KdcIhCE4mJqIg8YxCa
03Ou5zo9T9d5f37Xdb+6v/f39+7zAWIZ2Gih53Fo3D4j6BQYH8tAA8QygMAgEBIO
MNJCsTg0yJ0aAgbRUAGwX0EQPpZmFYilWQZi2vHUYBAYDKVKC9d2CniEM/95Bvsr
B0VQMwPM/2mitoJQs9IGeXtedb8OCHIyysoBCkhAVlYBkFO054LLAgoKABKpBABy
SkhF+/91ZPpbMfUlKogaFRUV6OfQ/ByIF6DK3t5Qu3Rxlup8XcHalIwmxwRA4y+U
bCzo7Kz4nPjA/NrVh8Z1HzX9WjuHePv9fu+LpWGm+tuDkFlHqIt7Ang86pOfkC4A
nPiL/Elek36P5dX4rvcqeztNeV0cJc5lf8o90Ak6eCxsWeN2jB3i/AKzXh/wL1bH
ImzjlaV1ihovORjPVjKTX5NLx5A6UvMT7BAb+hvphUnIGCMvaQzdHpqtBFhI8pNX
pv7xinTE+C8CaPKOWflwy7mxPYHuEVDbejz45SUc2Js3J2Azp+aywq1tqwge2qZ8
SN6UP9izQlKfV5BbJ9Q41SrxlUX8CQ4fdKxAIlhFqjspQjA+eVKmAr5K6pkIWEZE
lpCoW7roaMyiX0Ro36JKexrJBuosLLmEmre45adGcYcwz9BFxbRPY8RcDsH5V+6z
ffB5Jx9CYGtmiYiLNLHn5xE5FuhMdjpctzXcu7jcanK5NS5RYLuE1DOmKX+rxI95
jUo5vPygujjKv73nzCX7UW5h9dF3rhlq7x6PEsKb4A5o8YyvrQyFCt1WdoMRo+lM
ukUITut4i40wlhHNKRfleUelTbmuWd0W2Da9ulHfgdFYIL/nTv0an1LeR+ExHzCR
oFulMmsnezfKkOaleHnZ08g34hkuWzLn8RHFfEendTeZ6mKWLNbHdlk9+cyXcvbo
nQ2TzqJWu89wxx05raZ+M30kns8XKao2kRL2fnfY/hmkSO6TwLG+LuRSqq5hV+UM
ENapT9C5j2d9w1Ikbzx93LCobObUmdX2kdeycugKbYdUEhIf8lUhJydyApQrU+N4
DWPKkQIHyknWZ/wF+tU8bG+l4t6CJ25af7rAmkjqmef6pP9Zu0Kq6VRCm+mc+Ek+
XKx0diJfFxt6/32J5YPHcwodLEHO9/jbLZ+UMxyIEEOt+xUglE8b8opM9Px0jIW4
LQkVRQ0ZINOSztlgV7siYWuduYb+7u75TbXwNOHIH6zfc5qmYSoznpjgaCSZscO/
HkGK1tyYvTc3qQdld2/30Yubfr1U/IR8o6q9VYcYmFAPVovY0iuf4lL1yI1QmKUH
Rdr4To53GfLviQDWCbuQ8h2pjb0Lpc3o0vIqrTjn7myTmkrut0TU59HWY1H6asc4
mvF5sra30x+OKUli9OPDV+rdPtOVv0hQ8PZB8ekY3Fn8FjrdvYluhKwyVb8/Z3b8
5NPtFjS/ZiBhbPAotoyNV+ujjxuDvfk+lp1qDtMX3bHwMMZTijlQy8fQz0Hcc4Gr
XkBbi30st2AlMMHPngBzwRT5LYvZLTY2UJPVGwch/ABMBZcac3npOuKQOH3NCT4l
nTW3Gupo/iJj08tpzMFFzuYly/5WHfwmlHD1zbfKGhk3P/e3M8BVThKW8fGiinar
NG9WVimmErsQhv2ug0/lRAERN6pLSO+fSQysFFg8i5PPBTcUz0PvLMuEibSzOnu2
WkFkJc4b6Y9XT6WkoWVSG4oQVLZ22lIXnUmWnLuuUGjf3Gn3OhT17irmq+GQ3qTv
5o63bhQ4cHHqxzBrbvTuBgnccgex6WzX7V3Iq6Q5zDiMmfnQzx289qCiP4l+X/RP
buV1Rhc7vCe7uYaUaYegYD1wffXkxaiiQ8GTx+xN+WVHRjUafpRzugJnQTnJn90H
UHeLbOm0muv1yKVgI2ObQlHvWqyewdnBnsprzydV9vpQqlxB6cf749eROahOYG0+
YBvNcTwikSySKya9nf+ZWnO25ZqJmJBQPa0Cb1Gwg+wPqQ3Y6ssZVqXGTNySx1x0
fPhzqlTQPehyS2WNElF12QQZS0P6yfmdn0IATv8PKv+T+3/XBT4mF+D6rzGg1Mi/
6wPg+7WhQcJ/0wEg9WsrjxT8+fE/q4t/M4zMrzgEKQwRZMqYq9kIEyPoV38V4Qi3
k7b1wDhyyrn63jojfTth5CT9N/BDYmkQfzH/T5dA1liMxP0diEadWFaED/ej3ohY
+cokjZNU/jclTnQs9yce8lx0lByAMqbvWJIPEk52FvsfpaWKLFAuTIXojNr7nCkq
zrN+LWuKihpilnzDb2ab2VQzaQVaEYVFHH784ueYofYIoVntGN+7Y8pyefDZ7bU3
gdUtHm9he0FaI87NcVl58NpNfr0v995JBIItD4IepPMM7OSny0NjtbgLlqIan5RR
DgVOKflbVm6vXHbwD7zCFzRC8TTeT8HWJhvMb/dTSmklyO7G1rxX+zQc+8zTJJTU
l9QPxViwQ59Ft60WsqfuCDvs3uw6l+ouacEz4TWYqnFD7ayHjUDPhkuia5NT4r0c
UslKDf3OZrCY3K2F2ifaa7pTnecbvrInYZ1907nwNKWFT/t80TGZAqGlFTwMki5k
ExmZgGhcSfLi8ugIKicnDOv7iEvruPyYikL7afGtoZ6AMmgElBdK7qsPPKecc3RJ
aBDt4s2Htx1AtEZ/SNKoOHwJ13oY2w1SY/hQP/yyrrpMSJqn0J6WT5iFE1+8/jpK
+SM9sCzdOMNf9bwmI9Lvsk9yhriDiI9w//Rmo9ZNBl2M491p6iW3tshSWqPx7+1g
3ItjQp39SfNrzD73feilBX8L7Vy3wLfxADEo9EicUuz8x4/5rbDwhLmjMMKrsFuF
s6YUQQr03KBJb5IG80NOELGa2KLDHpyZUZkpWNYIt+VtNHd91lt1rLgtXR0TAJos
ITYfqUSNlHV7CbqzRRdX2rFPmM/D2xlatJ7fZ0jnEkp9HcLirPhKcjOA6fRjSWKK
syle/2T0zviQI2+m0eneB5bfmyMI/bKENVOUlmbw7gz3d2Y6QrrqBOGL5gz+Cmx/
5Qz6LUKPvSBcNRu3tMWQrvRHvXvzPaH9ivEIEwfizJ6ay9oWh6ls7eImJQbH6ObL
hdbTNsTcWDZIOPomZ5eDWT+wO3E9KtgQbEu90VRL5d5vT0ysPEvbWT/69IcRzwvd
Gqf888Kw9LCqjDz5hgV+pq9/eBqtSjIqOgf7mXVwllHPj69o9n9bUF9A7ttH4Mht
+ILiyffyc4phpFN8npZWQfMBkT3D43qLtYzXJas63CqgrpL0p8K8Wn2ajSvpyHFr
TKrohqSil6mOFWGJRQYEtxVVggEq1MWq6xVca8IIjim4p4l+ta+D425QNomZk8bY
lNp27E2gUWZnzhKJ9VUjywjZb+QULurhNY4Q4ae6jtOwOhNVSNZGtpy68JVsb2WJ
6jQxaYrsnAqYzSFuso1kvrcIvnVuXIJyexp2RM+SOGxmwXmVxVMiOsutdcbbwO4o
RTktXSetM8F1QSNkWIcpXM6+rZZtTqvEnY8DYVkQuoy9SaEwYp9MTg65mkNnF2z9
wfRajVybhi6kEafYCe2tRMl1ju4Jot3M7RevqCoDd8xOr6zFS3MP2FCLN331vKrl
r1YR8v7R8Qp+M1sO3iuMmkU5AgN3kpQNauboa4y7olsApSEmTLCniN5FvApDz5/c
jytYX3kgkC36Mfh5bL5Hh8P2c/bOml3lyDddiK7eOGux/zf3/w1QSwMECgAAAAAA
eImqVlP8UWcCAAAAAgAAAAEAHAAxVVQJAAOUCFxklAhcZHV4CwABBPUBAAAEAAAA
ADEKUEsBAh4DFAAAAAgAUpaqVu9jXOuNAAAAkAAAABQAGAAAAAAAAQAAAKSBAAAA
AE1FVEEtSU5GL01BTklGRVNULk1GVVQFAAO8H1xkdXgLAAEE9QEAAAQAAAAAUEsB
Ah4DFAAAAAgAUpaqVktg9JPyAAAAMgEAABIAGAAAAAAAAQAAAKSB2wAAAE1FVEEt
SU5GL1NJR05FUi5TRlVUBQADvB9cZHV4CwABBPUBAAAEAAAAAFBLAQIeAxQAAAAI
AFKWqlbb/AXeEAsAABgMAAATABgAAAAAAAAAAACkgRkCAABNRVRBLUlORi9TSUdO
RVIuRFNBVVQFAAO8H1xkdXgLAAEE9QEAAAQAAAAAUEsBAh4DCgAAAAAAeImqVlP8
UWcCAAAAAgAAAAEAGAAAAAAAAQAAAKSBdg0AADFVVAUAA5QIXGR1eAsAAQT1AQAA
BAAAAABQSwUGAAAAAAQABABSAQAAsw0AAAAA
""";
Files.write(Path.of("x.jar"), Base64.getMimeDecoder().decode(jarFile));
SecurityTools.jarsigner("-verify x.jar -verbose -debug")
.shouldContain("jar verified.")
.shouldContain("Signature algorithm: HSS/LMS,")
.shouldHaveExitValue(0);
Files.writeString(Paths.get("my.security"),
"jdk.jar.disabledAlgorithms=HSS/LMS");
SecurityTools.jarsigner(
"-J-Djava.security.properties=my.security " +
"-verify x.jar -verbose -debug")
.shouldNotContain("jar verified.")
.shouldContain("WARNING: The jar will be treated as unsigned")
.shouldContain("Signature algorithm: HSS/LMS (disabled),")
.shouldHaveExitValue(0);
}
}
|
