> Automate setting up an environment for mac signing tests: create keychain(s), > self-signing certificates, and register them in the system. > > To set up the environment, run `make test-only > TEST=test/jdk/tools/jpackage/macosx/base/SigningBase.java > JTREG=JAVA_OPTIONS=-Djpackage.test.SignEnv=setup` command. > > The above command will create "jpackagerTest.keychain" keychain, one private > RSA key, and four self-signed certificates using this key: > | Certificate common name (CN) | Usage | > |----------------------------------|-----| > | Developer ID Application: jpackage.openjdk.java.net|Code sign| > | Developer ID Installer: jpackage.openjdk.java.net|.pkg sign| > | Developer ID Application: jpackage.openjdk.java.net (ö)|Code sign| > | Developer ID Installer: jpackage.openjdk.java.net (ö)|.pkg sign| > > Certificates will be added to the list of trusted certificates using a > sequence of `security add-trusted-cert...` commands (one command per > certificate). This step will require user interaction to enter the user > account password as many times as the number of created certificates (four). > A user will be presented with the "Trust certificate" dialog describing which > certificate is about to be added to the list of trusted certificates before > the dialog prompting the user password pops up: > <img width="440" alt="trust-cert-prompt" > src="https://github.com/user-attachments/assets/a67d0966-2dea-4bc6-93a6-f52dad599898"; > /> > > When the user presses the "OK" button on the "Trust certificate" dialog, the > dialog prompting the user password will pop up: > <img width="800" alt="trust-cert-prompt-2" > src="https://github.com/user-attachments/assets/1d1f022d-54ac-4a7e-8d0a-9bfe65c76b49"; > /> > > Suppose the user presses the "Cancel" button on the "Trust certificate" > dialog. In that case, the dialog prompting the user password will NOT pop up, > and the whole sequence of adding certificates to the list of trusted > certificates will abort. > > If the user presses the "Cancel" button on the dialog prompting the user > password, it will be dismissed, and the user will start over with the same > "Trust certificate" dialog. > > Every "Trust certificate" dialog has a one-minute timeout. If the dialog is > automatically dismissed because of the timeout expiration, adding > certificates to the list of trusted certificates will abort. > > To tear down the environment, run `make test-only > TEST=test/jdk/tools/jpackage/macosx/base/SigningBase.java > JTREG=JAVA_OPTIONS=-Djpackage.test.SignEnv=teardown` command. This command > will unlink and delete...
Alexey Semenyuk has updated the pull request incrementally with one additional commit since the last revision: Rename jpackage.test.SignEnv in jpackage.test.MacSignTests. Add SigningBase.verifySignTestEnvReady() ------------- Changes: - all: https://git.openjdk.org/jdk/pull/24087/files - new: https://git.openjdk.org/jdk/pull/24087/files/04c465ec..c7c5c975 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=24087&range=05 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=24087&range=04-05 Stats: 41 lines in 4 files changed: 26 ins; 1 del; 14 mod Patch: https://git.openjdk.org/jdk/pull/24087.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/24087/head:pull/24087 PR: https://git.openjdk.org/jdk/pull/24087
