1 /*
2 * Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.javafx.tools.packager;
27
28 import java.io.ByteArrayOutputStream;
29 import java.io.IOException;
30 import java.io.InputStream;
31 import java.io.UnsupportedEncodingException;
32 import java.math.BigInteger;
33 import java.security.CodeSigner;
34 import java.security.InvalidKeyException;
35 import java.security.NoSuchAlgorithmException;
36 import java.security.Principal;
37 import java.security.PrivateKey;
38 import java.security.PublicKey;
39 import java.security.Signature;
40 import java.security.SignatureException;
41 import java.security.Timestamp;
42 import java.security.cert.CertPath;
43 import java.security.cert.CertificateException;
44 import java.security.cert.CertificateFactory;
45 import java.security.cert.X509Certificate;
46 import java.util.ArrayList;
47 import java.util.Locale;
48 import java.util.jar.JarFile;
49 import java.util.zip.ZipEntry;
50 import java.util.zip.ZipInputStream;
51 import java.util.zip.ZipOutputStream;
52 import sun.security.pkcs.ContentInfo;
53 import sun.security.pkcs.PKCS7;
54 import sun.security.pkcs.PKCS9Attribute;
55 import sun.security.pkcs.PKCS9Attributes;
56 import sun.security.pkcs.ParsingException;
57 import sun.security.pkcs.SignerInfo;
58 import sun.security.timestamp.TimestampToken;
59 import sun.security.x509.AlgorithmId;
60 import sun.security.x509.X500Name;
61
62 /**
63 * (Source copied from:
64 * com.sun.deploy.security.JarSignature in Deploy workspace)
65 *
66 * This class is an abstraction of signature that is currently used
67 * for implementation of jar signing as BLOBs.
68 *
69 * There are 2 modes of use for this class - signing and validation
70 * and same instance of JarSignature object can not be reused.
71 *
72 * Signing mode:
73 * - create new instance using JarSignature.create()
74 * - add entries you want to include into the signature using
75 * updateWithEntry(). (Note the order is important.)
76 * - use getEncoded() to get bytes for the result signature
77 *
78 * Validation mode:
79 * - create new instance using JarSignature.load()
80 * - add entries using updateWithEntry()
81 * - use isValid() to validate result
82 * - use getCodeSigners() to get list of code signers used
83 *
84 * @Deprecated
85 */
86 @Deprecated
87 public class JarSignature {
88 //name of jar manifest attribute that contains signature
89 public static final String BLOB_SIGNATURE = "META-INF/SIGNATURE.BSF";
90
91 private final Signature sig;
92 private final X509Certificate certChain[]; // for singing scenarios only
93 private final CodeSigner codeSigners[]; // for validation only
94 private final SignerInfo signerInfos[]; // for validation only
95
96 /**
97 * Loads jar signature from given byte array.
98 * If signature could not be reconstructed then exceptions are thrown.
99 */
100 public static JarSignature load(byte[] rawSignature) throws ParsingException,
101 CertificateException, IOException, NoSuchAlgorithmException,
102 InvalidKeyException, SignatureException
103 {
104 PKCS7 pkcs7 = new PKCS7(rawSignature);
105 SignerInfo[] infos = pkcs7.getSignerInfos();
106 if (infos == null || infos.length != 1) {
107 throw new IllegalArgumentException(
108 "BLOB signature currently only support single signer.");
109 }
110 X509Certificate cert = infos[0].getCertificate(pkcs7);
111 PublicKey publicKey = cert.getPublicKey();
112 CodeSigner[] signers = extractCodeSigners(infos, pkcs7);
113 Signature sig = getSignature(infos[0]);
114 sig.initVerify(publicKey);
115
116 return new JarSignature(sig, infos, signers);
117 }
118
119 /**
120 * Creates new signature for signing.
121 *
122 * @param privateKey Key to be used for signing.
123 * @return
124 * @throws NoSuchAlgorithmException
125 * @throws InvalidKeyException
126 */
127 public static JarSignature create(
128 PrivateKey privateKey, X509Certificate chain[])
129 throws NoSuchAlgorithmException, InvalidKeyException
130 {
131 Signature signature = getSignature(privateKey.getAlgorithm());
132 signature.initSign(privateKey);
133 return new JarSignature(signature, chain);
134 }
135
136 private JarSignature(Signature signature, X509Certificate chain[]) {
137 certChain = chain;
138 signerInfos = null;
139 codeSigners = null;
140 sig = signature;
141 }
142
143 private JarSignature(Signature signature, SignerInfo[] infos, CodeSigner[] signers) {
144 certChain = null;
145 signerInfos = infos;
146 codeSigners = signers;
147 sig = signature;
148 }
149
150 public boolean isValidationMode() {
151 return certChain == null;
152 }
153
154 /**
155 * Get default signature object base on default signature algorithm derived
156 * from given key algorithm for use in encoding usage.
157 */
158 private static Signature getSignature(String keyAlgorithm)
159 throws NoSuchAlgorithmException
160 {
161 if (keyAlgorithm.equalsIgnoreCase("DSA")) {
162 return Signature.getInstance("SHA1withDSA");
163 } else if (keyAlgorithm.equalsIgnoreCase("RSA")) {
164 return Signature.getInstance("SHA256withRSA");
165 } else if (keyAlgorithm.equalsIgnoreCase("EC")) {
166 return Signature.getInstance("SHA256withECDSA");
167 }
168 throw new IllegalArgumentException(
169 "Key algorithm should be either DSA, RSA or EC");
170 }
171
172 /**
173 * Derive Signature from signer info for use in validation.
174 */
175 private static Signature getSignature(SignerInfo info)
176 throws NoSuchAlgorithmException
177 {
178 String digestAlgorithm = info.getDigestAlgorithmId().getName();
179 String keyAlgorithm = info.getDigestEncryptionAlgorithmId().getName();
180 String signatureAlgorithm = makeSigAlg(
181 digestAlgorithm, keyAlgorithm);
182 return Signature.getInstance(signatureAlgorithm);
183 }
184
185 String getSignatureAlgorithm() throws NoSuchAlgorithmException {
186 return sig.getAlgorithm();
187 }
188
189 AlgorithmId getDigestAlgorithm() throws NoSuchAlgorithmException {
190 String name = getDigAlgFromSigAlg(sig.getAlgorithm());
191 return AlgorithmId.get(name);
192 }
193
194 AlgorithmId getKeyAlgorithm() throws NoSuchAlgorithmException {
195 String name = getEncAlgFromSigAlg(sig.getAlgorithm());
196 return AlgorithmId.get(name);
197 }
198
199 private static String makeSigAlg(String digAlg, String encAlg) {
200 digAlg = digAlg.replace("-", "").toUpperCase(Locale.ENGLISH);
201 if (digAlg.equalsIgnoreCase("SHA")) digAlg = "SHA1";
202
203 encAlg = encAlg.toUpperCase(Locale.ENGLISH);
204 if (encAlg.equals("EC")) encAlg = "ECDSA";
205
206 return digAlg + "with" + encAlg;
207 }
208
209 private static String getDigAlgFromSigAlg(String signatureAlgorithm) {
210 signatureAlgorithm = signatureAlgorithm.toUpperCase(Locale.ENGLISH);
211 int with = signatureAlgorithm.indexOf("WITH");
212 if (with > 0) {
213 return signatureAlgorithm.substring(0, with);
214 }
215 return null;
216 }
217
218 private static String getEncAlgFromSigAlg(String signatureAlgorithm) {
219 signatureAlgorithm = signatureAlgorithm.toUpperCase(Locale.ENGLISH);
220 int with = signatureAlgorithm.indexOf("WITH");
221 String keyAlgorithm = null;
222 if (with > 0) {
223 int and = signatureAlgorithm.indexOf("AND", with + 4);
224 if (and > 0) {
225 keyAlgorithm = signatureAlgorithm.substring(with + 4, and);
226 } else {
227 keyAlgorithm = signatureAlgorithm.substring(with + 4);
228 }
229 if (keyAlgorithm.equalsIgnoreCase("ECDSA")) {
230 keyAlgorithm = "EC";
231 }
232 }
233 return keyAlgorithm;
234 }
235
236 /**
237 * Returns encoded representation of signature.
238 * @throws UnsupportedOperationException if called in validation mode.
239 */
240 public byte[] getEncoded()
241 throws NoSuchAlgorithmException, SignatureException, IOException {
242 if (isValidationMode()) {
243 throw new UnsupportedOperationException(
244 "Method is not for validation mode.");
245 }
246
247 AlgorithmId digestAlgId = getDigestAlgorithm();
248 AlgorithmId[] digestAlgIds = {digestAlgId};
249 ContentInfo contentInfo = new ContentInfo(ContentInfo.DATA_OID, null);
250 Principal issuerName = certChain[0].getIssuerDN();
251 BigInteger serialNumber = certChain[0].getSerialNumber();
252 byte[] signature = sig.sign();
253 SignerInfo signerInfo =
254 new SignerInfo((X500Name) issuerName, serialNumber, digestAlgId,
255 getKeyAlgorithm(), signature);
256
257 SignerInfo[] signerInfos = {signerInfo};
258 PKCS7 pkcs7 = new PKCS7(digestAlgIds, contentInfo, certChain,
259 signerInfos);
260 ByteArrayOutputStream bos = new ByteArrayOutputStream(8192);
261 pkcs7.encodeSignedData(bos);
262 return bos.toByteArray();
263 }
264
265 private class ValidationStream extends InputStream {
266 InputStream dataStream = null;
267
268 public ValidationStream(
269 InputStream is) {
270 dataStream = is;
271 }
272
273 public int read() throws IOException {
274 int v = dataStream.read();
275 if (v > -1) {
276 try {
277 JarSignature.this.sig.update((byte) v);
278 } catch (SignatureException ex) {
279 throw new RuntimeException(ex);
280 }
281 }
282 return v;
283 }
284
285 public int read(byte[] b, int off, int len) throws IOException {
286 len = dataStream.read(b, off, len);
287 if (len > 0) {
288 try {
289 JarSignature.this.sig.update(b, off, len);
290 } catch (SignatureException ex) {
291 throw new RuntimeException(ex);
292 }
293 }
294 return len;
295 }
296
297 public void close() throws IOException {
298 dataStream.close();
299 }
300
301 }
302
303 /**
304 * Performs partial validation of zip/jar entry with given name and
305 * data stream. Return wrapped version of input stream to complete validation.
306 * Stream need to be read fully for validation to be complete.
307 *
308 * @throws SignatureException
309 */
310 public InputStream updateWithZipEntry(String name, InputStream is)
311 throws SignatureException {
312 try {
313 sig.update(name.getBytes("UTF-8"));
314 } catch(UnsupportedEncodingException e) {
315 throw new SignatureException(e);
316 }
317 return new ValidationStream(is);
318 }
319
320 public void update(byte[] v) throws SignatureException {
321 sig.update(v);
322 }
323
324 public boolean isValid() {
325 try {
326 return sig.verify(signerInfos[0].getEncryptedDigest());
327 } catch(Exception e) {
328 return false;
329 }
330 }
331
332 public CodeSigner[] getCodeSigners() {
333 CodeSigner[] result = new CodeSigner[codeSigners.length];
334 System.arraycopy(codeSigners, 0, result, 0, result.length);
335 return result;
336 }
337
338 /*
339 * Implementation is mostly borrowed from
340 * sun.security.util.SignatureFileVerifier
341 */
342 private static CodeSigner[] extractCodeSigners(SignerInfo infos[], PKCS7 block)
343 throws IOException, NoSuchAlgorithmException, SignatureException,
344 CertificateException {
345 ArrayList s = new ArrayList();
346
347 CertificateFactory certificateFactory =
348 CertificateFactory.getInstance("X509");
349 for (int i = 0; i < infos.length; i++) {
350 SignerInfo info = infos[i];
351 ArrayList chain = info.getCertificateChain(block);
352 CertPath certPath = certificateFactory.generateCertPath(chain);
353 // Append the new code signer
354 CodeSigner signer =
355 new CodeSigner(certPath, getTimestamp(info, certificateFactory));
356 // if (block.getCRLs() != null) {
357 // SharedSecrets.getJavaSecurityCodeSignerAccess().setCRLs(
358 // signer, block.getCRLs());
359 // }
360 s.add(signer);
361 }
362
363 return (CodeSigner[]) s.toArray(new CodeSigner[s.size()]);
364 }
365
366 /*
367 * Examines a signature timestamp token to generate a timestamp object.
368 *
369 * Examines the signer's unsigned attributes for a
370 * <tt>signatureTimestampToken</tt> attribute. If present,
371 * then it is parsed to extract the date and time at which the
372 * timestamp was generated.
373 *
374 * @param info A signer information element of a PKCS 7 block.
375 *
376 * @return A timestamp token or null if none is present.
377 * @throws IOException if an error is encountered while parsing the
378 * PKCS7 data.
379 * @throws NoSuchAlgorithmException if an error is encountered while
380 * verifying the PKCS7 object.
381 * @throws SignatureException if an error is encountered while
382 * verifying the PKCS7 object.
383 * @throws CertificateException if an error is encountered while generating
384 * the TSA's certpath.
385 */
386 private static Timestamp getTimestamp(SignerInfo info,
387 CertificateFactory certificateFactory) throws IOException,
388 NoSuchAlgorithmException, SignatureException, CertificateException
389 {
390 Timestamp timestamp = null;
391
392 // Extract the signer's unsigned attributes
393 PKCS9Attributes unsignedAttrs = info.getUnauthenticatedAttributes();
394 if (unsignedAttrs != null) {
395 PKCS9Attribute timestampTokenAttr =
396 unsignedAttrs.getAttribute("signatureTimestampToken");
397 if (timestampTokenAttr != null) {
398 PKCS7 timestampToken =
399 new PKCS7((byte[]) timestampTokenAttr.getValue());
400 // Extract the content (an encoded timestamp token info)
401 byte[] encodedTimestampTokenInfo =
402 timestampToken.getContentInfo().getData();
403 // Extract the signer (the Timestamping Authority)
404 // while verifying the content
405 SignerInfo[] tsa =
406 timestampToken.verify(encodedTimestampTokenInfo);
407 // Expect only one signer
408 ArrayList chain = tsa[0].getCertificateChain(timestampToken);
409 CertPath tsaChain = certificateFactory.generateCertPath(
410 chain);
411 // Create a timestamp token info object
412 TimestampToken timestampTokenInfo =
413 new TimestampToken(encodedTimestampTokenInfo);
414 // Create a timestamp object
415 timestamp =
416 new Timestamp(timestampTokenInfo.getDate(), tsaChain);
417 }
418 }
419 return timestamp;
420 }
421
422 public interface InputStreamSource {
423 InputStream getInputStream() throws IOException;
424 }
425
426 public void signJarAsBLOB(InputStreamSource input, ZipOutputStream jos)
427 throws IOException, SignatureException, NoSuchAlgorithmException
428 {
429 byte copyBuf[] = new byte[8000];
430 int n;
431 ZipEntry e;
432 ZipInputStream jis = new ZipInputStream(input.getInputStream());
433
434 try {
435 //calculate signature in the first pass
436 //consider all entries except directories and old signature file (if any)
437 boolean hasManifest = false;
438 boolean hasMetaInf = false;
439 while ((e = jis.getNextEntry()) != null) {
440 if (JarFile.MANIFEST_NAME.equals(
441 e.getName().toUpperCase(Locale.ENGLISH))) {
442 hasManifest = true;
443 }
444 if ("META-INF/".equals(
445 e.getName().toUpperCase(Locale.ENGLISH))) {
446 hasMetaInf = true;
447 }
448 if (!BLOB_SIGNATURE.equals(e.getName()) &&
449 !e.getName().endsWith("/")) {
450 readFully(updateWithZipEntry(e.getName(), jis));
451 }
452 }
453
454 byte[] signature = getEncoded();
455
456 //2 pass: save manifest and other entries
457
458 //reopen input file
459 jis.close();
460 jis = new ZipInputStream(input.getInputStream());
461 while ((e = jis.getNextEntry()) != null) {
462 String name = e.getName();
463
464 //special case - jar has no manifest and possibly no META-INF
465 // => add META-INF entry once
466 //Then output manifest
467 if (!hasMetaInf) {
468 ZipEntry ze = new ZipEntry("META-INF/");
469 ze.setTime(System.currentTimeMillis());
470 //NOTE: Do we need CRC32? for this entry?
471 jos.putNextEntry(ze);
472 jos.closeEntry();
473
474 hasMetaInf = true;
475 }
476 if (!hasManifest) {
477 addSignatureEntry(signature, jos);
478 hasManifest = true;
479 }
480
481
482 //copy entry unless it is old signature file
483 if (!BLOB_SIGNATURE.equals(name)) {
484 // do our own compression
485 ZipEntry e2 = new ZipEntry(name);
486 e2.setMethod(e.getMethod());
487 e2.setTime(e.getTime());
488 e2.setComment(e.getComment());
489 e2.setExtra(e.getExtra());
490 if (e.getMethod() == ZipEntry.STORED) {
491 e2.setSize(e.getSize());
492 e2.setCrc(e.getCrc());
493 }
494 jos.putNextEntry(e2);
495
496 while ((n = jis.read(copyBuf)) != -1) {
497 jos.write(copyBuf, 0, n);
498 }
499 jos.closeEntry();
500 }
501
502 String upperName = name.toUpperCase(Locale.ENGLISH);
503 boolean isManifestEntry = JarFile.MANIFEST_NAME.equals(upperName);
504
505 //output signature after manifest
506 if (isManifestEntry) {
507 addSignatureEntry(signature, jos);
508 }
509 }
510 } finally {
511 jis.close();
512 jos.close();
513 }
514 }
515
516 private void addSignatureEntry(byte[] signature, ZipOutputStream jos) throws IOException {
517 ZipEntry ze = new ZipEntry(BLOB_SIGNATURE);
518 ze.setSize(signature.length);
519 ze.setTime(System.currentTimeMillis());
520 //NOTE: Do we need a CRC32?
521 jos.putNextEntry(ze);
522 jos.write(signature);
523 jos.closeEntry();
524
525 }
526
527 private static void readFully(InputStream is) throws IOException {
528 byte buf[] = new byte[10000];
529 while (is.read(buf) != -1) {}
530 }
531
532 }