Skip to content
This repository was archived by the owner on Sep 2, 2022. It is now read-only.

Commit a37254c

Browse files
author
Andy Herrick
committed
8271868: Warn user when using mac-sign option with unsigned app-image.
Reviewed-by: asemenyuk
1 parent dfacda4 commit a37254c

File tree

9 files changed

+54
-19
lines changed

9 files changed

+54
-19
lines changed

src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/MacAppBundler.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@
3535
import static jdk.jpackage.internal.StandardBundlerParam.MAIN_CLASS;
3636
import static jdk.jpackage.internal.StandardBundlerParam.VERBOSE;
3737
import static jdk.jpackage.internal.StandardBundlerParam.VERSION;
38+
import static jdk.jpackage.internal.StandardBundlerParam.SIGN_BUNDLE;
3839

3940
public class MacAppBundler extends AppImageBundler {
4041
public MacAppBundler() {
@@ -125,7 +126,7 @@ private static void doValidate(Map<String, ? super Object> params)
125126
}
126127

127128
// reject explicitly set sign to true and no valid signature key
128-
if (Optional.ofNullable(MacAppImageBuilder.
129+
if (Optional.ofNullable(
129130
SIGN_BUNDLE.fetchFrom(params)).orElse(Boolean.FALSE)) {
130131
String signingIdentity =
131132
DEVELOPER_ID_APP_SIGNING_KEY.fetchFrom(params);

src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/MacAppImageBuilder.java

Lines changed: 2 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/*
2-
* Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.
2+
* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
33
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44
*
55
* This code is free software; you can redistribute it and/or modify it
@@ -66,6 +66,7 @@
6666
import static jdk.jpackage.internal.StandardBundlerParam.PREDEFINED_APP_IMAGE;
6767
import static jdk.jpackage.internal.StandardBundlerParam.VERSION;
6868
import static jdk.jpackage.internal.StandardBundlerParam.ADD_LAUNCHERS;
69+
import static jdk.jpackage.internal.StandardBundlerParam.SIGN_BUNDLE;
6970

7071
public class MacAppImageBuilder extends AbstractAppImageBuilder {
7172

@@ -143,16 +144,6 @@ public class MacAppImageBuilder extends AbstractAppImageBuilder {
143144
},
144145
(s, p) -> Path.of(s));
145146

146-
public static final StandardBundlerParam<Boolean> SIGN_BUNDLE =
147-
new StandardBundlerParam<>(
148-
Arguments.CLIOptions.MAC_SIGN.getId(),
149-
Boolean.class,
150-
params -> false,
151-
// valueOf(null) is false, we actually do want null in some cases
152-
(s, p) -> (s == null || "null".equalsIgnoreCase(s)) ?
153-
null : Boolean.valueOf(s)
154-
);
155-
156147
public static final StandardBundlerParam<Boolean> APP_STORE =
157148
new StandardBundlerParam<>(
158149
Arguments.CLIOptions.MAC_APP_STORE.getId(),
@@ -863,5 +854,4 @@ private static String extractBundleIdentifier(Map<String, Object> params) {
863854

864855
return null;
865856
}
866-
867857
}

src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/MacBaseInstallerBundler.java

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,13 +34,15 @@
3434
import java.util.ArrayList;
3535
import java.util.List;
3636
import java.util.Map;
37+
import java.util.Optional;
3738
import java.util.regex.Matcher;
3839
import java.util.regex.Pattern;
3940
import static jdk.jpackage.internal.StandardBundlerParam.APP_NAME;
4041
import static jdk.jpackage.internal.StandardBundlerParam.INSTALLER_NAME;
4142
import static jdk.jpackage.internal.StandardBundlerParam.INSTALL_DIR;
4243
import static jdk.jpackage.internal.StandardBundlerParam.PREDEFINED_APP_IMAGE;
4344
import static jdk.jpackage.internal.StandardBundlerParam.VERSION;
45+
import static jdk.jpackage.internal.StandardBundlerParam.SIGN_BUNDLE;
4446

4547
public abstract class MacBaseInstallerBundler extends AbstractBundler {
4648

@@ -134,6 +136,20 @@ protected void validateAppImageAndBundeler(
134136
I18N.getString(
135137
"message.app-image-requires-app-name.advice"));
136138
}
139+
if (Optional.ofNullable(
140+
SIGN_BUNDLE.fetchFrom(params)).orElse(Boolean.FALSE)) {
141+
// if signing bundle with app-image, warn user if app-image
142+
// is not allready signed.
143+
try {
144+
if (!(AppImageFile.load(applicationImage).isSigned())) {
145+
Log.info(MessageFormat.format(I18N.getString(
146+
"warning.unsigned.app.image"), getID()));
147+
}
148+
} catch (IOException ioe) {
149+
// Ignore - In case of a forign or tampered with app-image,
150+
// user is notified of this when the name is extracted.
151+
}
152+
}
137153
} else {
138154
appImageBundler.validate(params);
139155
}

src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/MacPkgBundler.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@
4646
import static jdk.jpackage.internal.StandardBundlerParam.APP_NAME;
4747
import static jdk.jpackage.internal.StandardBundlerParam.LICENSE_FILE;
4848
import static jdk.jpackage.internal.StandardBundlerParam.VERSION;
49+
import static jdk.jpackage.internal.StandardBundlerParam.SIGN_BUNDLE;
4950
import static jdk.jpackage.internal.MacBaseInstallerBundler.SIGNING_KEYCHAIN;
5051
import static jdk.jpackage.internal.MacBaseInstallerBundler.SIGNING_KEY_USER;
5152
import static jdk.jpackage.internal.MacAppImageBuilder.APP_STORE;
@@ -499,7 +500,7 @@ private Path createPKG(Map<String, ? super Object> params,
499500
commandLine.add(CONFIG_ROOT.fetchFrom(params).toAbsolutePath().toString());
500501

501502
// maybe sign
502-
if (Optional.ofNullable(MacAppImageBuilder.
503+
if (Optional.ofNullable(
503504
SIGN_BUNDLE.fetchFrom(params)).orElse(Boolean.TRUE)) {
504505
if (Platform.getMajorVersion() > 10 ||
505506
(Platform.getMajorVersion() == 10 &&
@@ -603,7 +604,7 @@ public boolean validate(Map<String, ? super Object> params)
603604
}
604605

605606
// reject explicitly set sign to true and no valid signature key
606-
if (Optional.ofNullable(MacAppImageBuilder.
607+
if (Optional.ofNullable(
607608
SIGN_BUNDLE.fetchFrom(params)).orElse(Boolean.FALSE)) {
608609
String signingIdentity =
609610
DEVELOPER_ID_INSTALLER_SIGNING_KEY.fetchFrom(params);

src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/resources/MacResources.properties

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
#
2-
# Copyright (c) 2017, 2020, Oracle and/or its affiliates. All rights reserved.
2+
# Copyright (c) 2017, 2021, Oracle and/or its affiliates. All rights reserved.
33
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44
#
55
# This code is free software; you can redistribute it and/or modify it
@@ -88,3 +88,4 @@ message.preparing-distribution-dist=Preparing distribution.dist: {0}.
8888
message.signing.pkg=Warning: For signing PKG, you might need to set "Always Trust" for your certificate using "Keychain Access" tool.
8989
message.setfile.dmg=Setting custom icon on DMG file skipped because 'SetFile' utility was not found. Installing Xcode with Command Line Tools should resolve this issue.
9090
message.install-dir-ignored=Warning: "--install-dir" is not supported by DMG and will be default to /Applications.
91+
warning.unsigned.app.image=Warning: Using unsigned app-image to build signed {0}.

src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/resources/MacResources_ja.properties

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,3 +87,4 @@ message.preparing-distribution-dist=distribution.dist\u3092\u6E96\u5099\u3057\u3
8787
message.signing.pkg=\u8B66\u544A: PKG\u3078\u306E\u7F72\u540D\u306E\u5834\u5408\u3001\u300C\u30AD\u30FC\u30C1\u30A7\u30FC\u30F3\u30FB\u30A2\u30AF\u30BB\u30B9\u300D\u30C4\u30FC\u30EB\u3092\u4F7F\u7528\u3057\u3066\u8A3C\u660E\u66F8\u306B\u300C\u5E38\u306B\u4FE1\u983C\u3059\u308B\u300D\u3092\u8A2D\u5B9A\u3059\u308B\u5FC5\u8981\u304C\u3042\u308A\u307E\u3059\u3002
8888
message.setfile.dmg='SetFile'\u30E6\u30FC\u30C6\u30A3\u30EA\u30C6\u30A3\u304C\u898B\u3064\u304B\u3089\u306A\u3044\u305F\u3081\u3001DMG\u30D5\u30A1\u30A4\u30EB\u3067\u306E\u30AB\u30B9\u30BF\u30E0\u30FB\u30A2\u30A4\u30B3\u30F3\u306E\u8A2D\u5B9A\u304C\u30B9\u30AD\u30C3\u30D7\u3055\u308C\u307E\u3057\u305F\u3002Xcode\u3068\u30B3\u30DE\u30F3\u30C9\u30FB\u30E9\u30A4\u30F3\u30FB\u30C4\u30FC\u30EB\u3092\u30A4\u30F3\u30B9\u30C8\u30FC\u30EB\u3059\u308B\u3068\u3001\u3053\u306E\u554F\u984C\u306F\u89E3\u6C7A\u3055\u308C\u307E\u3059\u3002
8989
message.install-dir-ignored=Warning: "--install-dir" is not supported by DMG and will be default to /Applications.
90+
warning.unsigned.app.image=Warning: Using unsigned app-image to build signed {0}.

src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/resources/MacResources_zh_CN.properties

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,3 +87,4 @@ message.preparing-distribution-dist=\u6B63\u5728\u51C6\u5907 distribution.dist:
8787
message.signing.pkg=\u8B66\u544A\uFF1A\u8981\u5BF9 PKG \u8FDB\u884C\u7B7E\u540D\uFF0C\u53EF\u80FD\u9700\u8981\u4F7F\u7528\u201C\u5BC6\u94A5\u94FE\u8BBF\u95EE\u201D\u5DE5\u5177\u4E3A\u8BC1\u4E66\u8BBE\u7F6E\u201C\u59CB\u7EC8\u4FE1\u4EFB\u201D\u3002
8888
message.setfile.dmg=\u7531\u4E8E\u672A\u627E\u5230 'SetFile' \u5B9E\u7528\u7A0B\u5E8F\uFF0C\u8DF3\u8FC7\u4E86\u9488\u5BF9 DMG \u6587\u4EF6\u8BBE\u7F6E\u5B9A\u5236\u56FE\u6807\u7684\u64CD\u4F5C\u3002\u5B89\u88C5\u5E26\u547D\u4EE4\u884C\u5DE5\u5177\u7684 Xcode \u5E94\u80FD\u89E3\u51B3\u6B64\u95EE\u9898\u3002
8989
message.install-dir-ignored=Warning: "--install-dir" is not supported by DMG and will be default to /Applications.
90+
warning.unsigned.app.image=Warning: Using unsigned app-image to build signed {0}.

src/jdk.jpackage/share/classes/jdk/jpackage/internal/AppImageFile.java

Lines changed: 17 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@
4646
import static jdk.jpackage.internal.StandardBundlerParam.VERSION;
4747
import static jdk.jpackage.internal.StandardBundlerParam.ADD_LAUNCHERS;
4848
import static jdk.jpackage.internal.StandardBundlerParam.APP_NAME;
49+
import static jdk.jpackage.internal.StandardBundlerParam.SIGN_BUNDLE;
4950

5051
public class AppImageFile {
5152

@@ -54,6 +55,7 @@ public class AppImageFile {
5455
private final String creatorPlatform;
5556
private final String launcherName;
5657
private final List<String> addLauncherNames;
58+
private final boolean signed;
5759

5860
private static final String FILENAME = ".jpackage.xml";
5961

@@ -63,15 +65,16 @@ public class AppImageFile {
6365

6466

6567
private AppImageFile() {
66-
this(null, null, null, null);
68+
this(null, null, null, null, null);
6769
}
6870

6971
private AppImageFile(String launcherName, List<String> addLauncherNames,
70-
String creatorVersion, String creatorPlatform) {
72+
String creatorVersion, String creatorPlatform, String signedStr) {
7173
this.launcherName = launcherName;
7274
this.addLauncherNames = addLauncherNames;
7375
this.creatorVersion = creatorVersion;
7476
this.creatorPlatform = creatorPlatform;
77+
this.signed = "true".equals(signedStr);
7578
}
7679

7780
/**
@@ -90,6 +93,10 @@ String getLauncherName() {
9093
return launcherName;
9194
}
9295

96+
boolean isSigned() {
97+
return signed;
98+
}
99+
93100
void verifyCompatible() throws ConfigException {
94101
// Just do nothing for now.
95102
}
@@ -125,6 +132,10 @@ static void save(Path appImageDir, Map<String, Object> params)
125132
xml.writeCharacters(APP_NAME.fetchFrom(params));
126133
xml.writeEndElement();
127134

135+
xml.writeStartElement("signed");
136+
xml.writeCharacters(SIGN_BUNDLE.fetchFrom(params).toString());
137+
xml.writeEndElement();
138+
128139
List<Map<String, ? super Object>> addLaunchers =
129140
ADD_LAUNCHERS.fetchFrom(params);
130141

@@ -164,6 +175,9 @@ static AppImageFile load(Path appImageDir) throws IOException {
164175
String version = xpathQueryNullable(xPath,
165176
"/jpackage-state/@version", doc);
166177

178+
String signedStr = xpathQueryNullable(xPath,
179+
"/jpackage-state/@signed", doc);
180+
167181
NodeList launcherNameNodes = (NodeList) xPath.evaluate(
168182
"/jpackage-state/add-launcher/text()", doc,
169183
XPathConstants.NODESET);
@@ -173,7 +187,7 @@ static AppImageFile load(Path appImageDir) throws IOException {
173187
}
174188

175189
AppImageFile file = new AppImageFile(
176-
mainLauncher, addLaunchers, version, platform);
190+
mainLauncher, addLaunchers, version, platform, signedStr);
177191
if (!file.isValid()) {
178192
file = new AppImageFile();
179193
}

src/jdk.jpackage/share/classes/jdk/jpackage/internal/StandardBundlerParam.java

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -467,6 +467,16 @@ private static Path findPathOfModule( List<Path> modulePath, String moduleName)
467467
(s, p) -> new LinkedHashSet<>(Arrays.asList(s.split(",")))
468468
);
469469

470+
static final StandardBundlerParam<Boolean> SIGN_BUNDLE =
471+
new StandardBundlerParam<>(
472+
Arguments.CLIOptions.MAC_SIGN.getId(),
473+
Boolean.class,
474+
params -> false,
475+
(s, p) -> (s == null || "null".equalsIgnoreCase(s)) ?
476+
null : Boolean.valueOf(s)
477+
);
478+
479+
470480
static boolean isRuntimeInstaller(Map<String, ? super Object> params) {
471481
if (params.containsKey(MODULE.getID()) ||
472482
params.containsKey(MAIN_JAR.getID()) ||

0 commit comments

Comments
 (0)