|
| 1 | +// Copyright 2023 Google LLC |
| 2 | +// |
| 3 | +// Licensed under the Apache License, Version 2.0 (the "License"); |
| 4 | +// you may not use this file except in compliance with the License. |
| 5 | +// You may obtain a copy of the License at |
| 6 | +// |
| 7 | +// http://www.apache.org/licenses/LICENSE-2.0 |
| 8 | +// |
| 9 | +// Unless required by applicable law or agreed to in writing, software |
| 10 | +// distributed under the License is distributed on an "AS IS" BASIS, |
| 11 | +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 12 | +// See the License for the specific language governing permissions and |
| 13 | +// limitations under the License. |
| 14 | +// |
| 15 | +//////////////////////////////////////////////////////////////////////////////// |
| 16 | + |
| 17 | +import java.io.File; |
| 18 | +import java.io.FileInputStream; |
| 19 | +import java.io.IOException; |
| 20 | +import java.nio.file.Files; |
| 21 | +import java.security.KeyStore; |
| 22 | + |
| 23 | +import net.jsign.AuthenticodeSigner; |
| 24 | +import net.jsign.appx.APPXFile; |
| 25 | + |
| 26 | +public class AuthenticodeAppxSignerFuzzer { |
| 27 | + |
| 28 | + public static void fuzzerTestOneInput(byte[] data) throws Exception { |
| 29 | + File file = File.createTempFile("jsign-fuzzer", "msix"); |
| 30 | + file.deleteOnExit(); |
| 31 | + Files.write(file.toPath(), data); |
| 32 | + |
| 33 | + KeyStore keystore = KeyStore.getInstance("JKS"); |
| 34 | + keystore.load(Thread.currentThread().getContextClassLoader().getResourceAsStream("keystore.jks"), "password".toCharArray()); |
| 35 | + |
| 36 | + try { |
| 37 | + AuthenticodeSigner signer = new AuthenticodeSigner(keystore, "test", "password").withTimestamping(false); |
| 38 | + signer.sign(new APPXFile(file)); |
| 39 | + } catch (IOException e) { |
| 40 | + // expected |
| 41 | + } |
| 42 | + } |
| 43 | +} |
0 commit comments