On Sat, 22 Mar 2025 13:03:28 GMT, Alexey Semenyuk <asemen...@openjdk.org> wrote:
>> Automate setting up an environment for mac signing tests: create >> keychain(s), self-signing certificates, and register them in the system. >> >> To set up the environment, run `make test-only >> TEST=test/jdk/tools/jpackage/macosx/base/SigningBase.java >> JTREG=JAVA_OPTIONS=-Djpackage.test.MacSignTests=setup` command. >> >> The above command will create "jpackagerTest.keychain" keychain, one private >> RSA key, and four self-signed certificates using this key: >> | Certificate common name (CN) | Usage | >> |----------------------------------|-----| >> | Developer ID Application: jpackage.openjdk.java.net|Code sign| >> | Developer ID Installer: jpackage.openjdk.java.net|.pkg sign| >> | Developer ID Application: jpackage.openjdk.java.net (ö)|Code sign| >> | Developer ID Installer: jpackage.openjdk.java.net (ö)|.pkg sign| >> >> Certificates will be added to the list of trusted certificates using a >> sequence of `security add-trusted-cert...` commands (one command per >> certificate). This step will require user interaction to enter the user >> account password as many times as the number of created certificates (four). >> A user will be presented with the "Trust certificate" dialog describing >> which certificate is about to be added to the list of trusted certificates >> before the dialog prompting the user password pops up: >> <img width="440" alt="trust-cert-prompt" >> src="https://github.com/user-attachments/assets/a67d0966-2dea-4bc6-93a6-f52dad599898"; >> /> >> >> When the user presses the "OK" button on the "Trust certificate" dialog, the >> dialog prompting the user password will pop up: >> <img width="800" alt="trust-cert-prompt-2" >> src="https://github.com/user-attachments/assets/1d1f022d-54ac-4a7e-8d0a-9bfe65c76b49"; >> /> >> >> Suppose the user presses the "Cancel" button on the "Trust certificate" >> dialog. In that case, the dialog prompting the user password will NOT pop >> up, and the whole sequence of adding certificates to the list of trusted >> certificates will abort. >> >> If the user presses the "Cancel" button on the dialog prompting the user >> password, it will be dismissed, and the user will start over with the same >> "Trust certificate" dialog. >> >> Every "Trust certificate" dialog has a one-minute timeout. If the dialog is >> automatically dismissed because of the timeout expiration, adding >> certificates to the list of trusted certificates will abort. >> >> To tear down the environment, run `make test-only >> TEST=test/jdk/tools/jpackage/macosx/base/SigningBase.java >> JTREG=JAVA_OPTIONS=-Djpackage.test.MacSign... > > Alexey Semenyuk has updated the pull request incrementally with one > additional commit since the last revision: > > Fix recursion error Latest commit looks good. ------------- Marked as reviewed by almatvee (Reviewer). PR Review: https://git.openjdk.org/jdk/pull/24087#pullrequestreview-2710976849
