Fix PR1049: Empty jars are handled correctly during signature validation

9 files changed, 364 insertions, 1 deletions

diff --git a/ChangeLog b/ChangeLog
index 7cf9a49..6e7985a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,29 @@
+2012-08-01  Saad Mohammad  <[email protected]>
+
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java (initializeResources):
+	Removes the display of the security dialog for loaders with only empty jars.
+	* netx/net/sourceforge/jnlp/tools/JarCertVerifier.java:
+	(JarCertVerifier): Tracks whether all jars verified are empty jars.
+	(hasAllEmptyJars): Returns true if all jars verified are empty jars.
+	(verifyJars): Checks whether signable entries and certificates are found and
+	decides if all jars are empty jars.
+	(isFullySignedByASingleCert): If all jars are emptyJars, returns true.
+	* tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarInLaunchingJnlp.jnlp:
+	Launching jnlp with the resource of an empty jar and an extension jnlp
+	containing the main jar.
+	* tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarInExtensionJnlp.jnlp:
+	Launching jnlp with the resource of the main jar and an extension jnlp
+	containing the empty jar.
+	* tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarExtension.jnlp:
+	Extension jnlp containing only an empty jar.
+	* tests/reproducers/signed/EmptySignedJar/srcs/META-INF/empty_file:
+	Empty file within META-INF; required to create EmptySignedJar.jar
+	by the test engine.
+	* tests/reproducers/signed/EmptySignedJar/testcases/EmptySignedJarTest.java:
+	Testcase that tests jnlp files with empty jars.
+	* tests/reproducers/signed/SignedJarResource/resources/SignedJarResource.jnlp:
+	Launches SignedJarResource class directly.
+
 2012-07-31  Danesh Dadachanji  <[email protected]>
 
 	Minor fix to overly restrictive unit test.
diff --git a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
index 86eda20..c0c3762 100644
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
@@ -650,7 +650,7 @@ public class JNLPClassLoader extends URLClassLoader {
                     file.setSignedJNLPAsMissing();
                 
                 //user does not trust this publisher
-                if (!jcv.getAlreadyTrustPublisher()) {
+                if (!jcv.getAlreadyTrustPublisher() && !jcv.isTriviallySigned()) {
                     checkTrustWithUser(jcv);
                 } else {
                     /**
diff --git a/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java b/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java
index 4e9757d..e9ba2fb 100644
--- a/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java
+++ b/netx/net/sourceforge/jnlp/tools/JarCertVerifier.java
@@ -103,6 +103,16 @@ public class JarCertVerifier implements CertVerifier {
 
     private int totalSignableEntries = 0;
 
+    /** Whether a signable entry was found within jars (jars with content more than just META-INF/*) */
+    private boolean triviallySigned = false;
+
+    /**
+     * Return true if there are signable entries in the jars, otherwise false
+     */
+    public boolean isTriviallySigned() {
+        return triviallySigned;
+    }
+
     /* (non-Javadoc)
      * @see net.sourceforge.jnlp.tools.CertVerifier2#getAlreadyTrustPublisher()
      */
@@ -167,6 +177,9 @@ public class JarCertVerifier implements CertVerifier {
      */
     public boolean isFullySignedByASingleCert() {
 
+        if (triviallySigned)
+            return true;
+
         for (CertPath cPath : certs.keySet()) {
             // If this cert has signed everything, return true
             if (certs.get(cPath) == totalSignableEntries)
@@ -197,6 +210,7 @@ public class JarCertVerifier implements CertVerifier {
 
                 String localFile = jarFile.getAbsolutePath();
                 verifyResult result = verifyJar(localFile);
+                triviallySigned = false;
 
                 if (result == verifyResult.UNSIGNED) {
                     unverifiedJars.add(localFile);
@@ -205,6 +219,7 @@ public class JarCertVerifier implements CertVerifier {
                     verifiedJars.add(localFile);
                 } else if (result == verifyResult.SIGNED_OK) {
                     verifiedJars.add(localFile);
+                    triviallySigned = totalSignableEntries <= 0 && certs.size() <= 0;
                 }
             } catch (Exception e) {
                 // We may catch exceptions from using verifyJar()
diff --git a/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarExtension.jnlp b/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarExtension.jnlp
new file mode 100644
index 0000000..184f073
--- /dev/null
+++ b/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarExtension.jnlp
@@ -0,0 +1,58 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+***********************************************************************
+This file is used as an extension jnlp for the launching jnlp's resource - contains
+only an empty jar
+***********************************************************************
+ -->
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="1.0" href="EmptySignedJarExtension.jnlp" codebase=".">
+  <information>
+    <title>EmptySignedJarExtension</title>
+    <vendor>IcedTea</vendor>
+    <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
+    <description>EmptySignedJarExtension</description>
+    <offline/>
+  </information>
+
+  <resources>
+    <j2se version="1.6+"/>
+    <jar href="EmptySignedJar.jar"/>
+  </resources>
+
+  <component-desc />
+</jnlp>
diff --git a/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarInExtensionJnlp.jnlp b/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarInExtensionJnlp.jnlp
new file mode 100644
index 0000000..ac9ce6d
--- /dev/null
+++ b/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarInExtensionJnlp.jnlp
@@ -0,0 +1,64 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+***********************************************************************
+This file contains the main jar and an extension jnlp for its resources - the extension jnlp
+contains a empty jar
+***********************************************************************
+ -->
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="1.0" href="EmptySignedJarInExtensionJnlp.jnlp" codebase=".">
+  <information>
+    <title>EmptySignedJar</title>
+    <vendor>IcedTea</vendor>
+    <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
+    <description>EmptySignedJar</description>
+    <offline/>
+  </information>
+
+  <security>
+      <all-permissions/>
+  </security>
+
+  <resources>
+    <j2se version="1.6+"/>
+    <jar href="SignedJarResource.jar"/>
+    <extension name="EmptySignedJarExtension"   href="./EmptySignedJarExtension.jnlp"/>
+  </resources>
+
+  <application-desc main-class="SignedJarResource">
+  </application-desc>
+</jnlp>
diff --git a/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarInLaunchingJnlp.jnlp b/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarInLaunchingJnlp.jnlp
new file mode 100644
index 0000000..1d72eca
--- /dev/null
+++ b/tests/reproducers/signed/EmptySignedJar/resources/EmptySignedJarInLaunchingJnlp.jnlp
@@ -0,0 +1,64 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+***********************************************************************
+This file contains an empty jar and an extension jnlp for its resources - the extension jnlp
+contains the main jar
+***********************************************************************
+ -->
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="1.0" href="EmptySignedJarInLaunchingJnlp.jnlp" codebase=".">
+  <information>
+    <title>EmptySignedJar</title>
+    <vendor>IcedTea</vendor>
+    <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
+    <description>EmptySignedJar</description>
+    <offline/>
+  </information>
+
+  <security>
+      <all-permissions/>
+  </security>
+
+  <resources>
+    <j2se version="1.6+"/>
+    <jar href="EmptySignedJar.jar"/>
+    <extension name="SignedJarExtension"   href="./SignedJarExtension.jnlp"/>
+  </resources>
+
+  <application-desc main-class="SignedJarResource">
+  </application-desc>
+</jnlp>
diff --git a/tests/reproducers/signed/EmptySignedJar/srcs/META-INF/empty_file b/tests/reproducers/signed/EmptySignedJar/srcs/META-INF/empty_file
new file mode 100644
index 0000000..7c6f2d8
--- /dev/null
+++ b/tests/reproducers/signed/EmptySignedJar/srcs/META-INF/empty_file
@@ -0,0 +1 @@
+This is an empty file.
diff --git a/tests/reproducers/signed/EmptySignedJar/testcases/EmptySignedJarTest.java b/tests/reproducers/signed/EmptySignedJar/testcases/EmptySignedJarTest.java
new file mode 100644
index 0000000..c2fda0a
--- /dev/null
+++ b/tests/reproducers/signed/EmptySignedJar/testcases/EmptySignedJarTest.java
@@ -0,0 +1,73 @@
+/* EmptySignedJar.java
+Copyright (C) 2012 Red Hat, Inc.
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License as published by
+the Free Software Foundation, version 2.
+
+IcedTea is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+ */
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import net.sourceforge.jnlp.ServerAccess;
+import net.sourceforge.jnlp.annotations.Bug;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+public class EmptySignedJarTest {
+
+    private static ServerAccess server = new ServerAccess();
+    private final List<String> l = Collections.unmodifiableList(Arrays.asList(new String[] { "-Xtrustall" }));
+    private final String jarOutput = "Running SignedJarResource..";
+
+    @Test
+    public void checkingForRequiredResources() throws Exception {
+        String s = "Running SignedJarResource..";
+        ServerAccess.ProcessResult pr = server.executeJavawsHeadless(l, "/SignedJarResource.jnlp");
+        Assert.assertTrue("Could not locate SignedJarResource class within SignedJarResource jar", pr.stdout.contains(s));
+    }
+
+    @Bug(id = "PR1049")
+    @Test
+    public void usingExtensionWithEmptyJar() throws Exception {
+        ServerAccess.ProcessResult pr = server.executeJavawsHeadless(l, "/EmptySignedJarInExtensionJnlp.jnlp");
+        Assert.assertTrue("Stdout should contain " + jarOutput + " but did not", pr.stdout.contains(jarOutput));
+    }
+
+    @Bug(id = "PR1049")
+    @Test
+    public void usingLauncherWithEmptyJar() throws Exception {
+        ServerAccess.ProcessResult pr = server.executeJavawsHeadless(l, "/EmptySignedJarInLaunchingJnlp.jnlp");
+        Assert.assertTrue("Stdout should contain " + jarOutput + " but did not", pr.stdout.contains(jarOutput));
+    }
+}
diff --git a/tests/reproducers/signed/SignedJarResource/resources/SignedJarResource.jnlp b/tests/reproducers/signed/SignedJarResource/resources/SignedJarResource.jnlp
new file mode 100644
index 0000000..c7c95be
--- /dev/null
+++ b/tests/reproducers/signed/SignedJarResource/resources/SignedJarResource.jnlp
@@ -0,0 +1,62 @@
+<!--
+
+This file is part of IcedTea.
+
+IcedTea is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+IcedTea is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with IcedTea; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+02110-1301 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version.
+
+***********************************************************************
+Launches SignedJarResource directly
+***********************************************************************
+ -->
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="1.0" href="SignedJarResource.jnlp" codebase=".">
+  <information>
+    <title>SignedJarResource</title>
+    <vendor>IcedTea</vendor>
+    <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/>
+    <description>SignedJarResource</description>
+    <offline/>
+  </information>
+
+  <security>
+      <all-permissions/>
+  </security>
+
+  <resources>
+    <j2se version="1.6+"/>
+    <jar href="SignedJarResource.jar" main="true"/>
+  </resources>
+
+  <application-desc main-class="SignedJarResource">
+  </application-desc>
+</jnlp>