src/share/classes/sun/security/util/SignatureFileVerifier.java
Print this page
@@ -33,11 +33,11 @@
import java.io.*;
import java.util.*;
import java.util.jar.*;
import sun.security.pkcs.*;
-import sun.misc.BASE64Decoder;
+import java.util.Base64;
import sun.security.jca.Providers;
public class SignatureFileVerifier {
@@ -218,11 +218,10 @@
if (infos == null) {
throw new SecurityException("cannot verify signature block file " +
name);
}
- BASE64Decoder decoder = new BASE64Decoder();
CodeSigner[] newSigners = getSigners(infos, block);
// make sure we have something to do all this work for...
if (newSigners == null)
@@ -230,14 +229,14 @@
Iterator<Map.Entry<String,Attributes>> entries =
sf.getEntries().entrySet().iterator();
// see if we can verify the whole manifest first
- boolean manifestSigned = verifyManifestHash(sf, md, decoder, manifestDigests);
+ boolean manifestSigned = verifyManifestHash(sf, md, manifestDigests);
// verify manifest main attributes
- if (!manifestSigned && !verifyManifestMainAttrs(sf, md, decoder)) {
+ if (!manifestSigned && !verifyManifestMainAttrs(sf, md)) {
throw new SecurityException
("Invalid signature file digest for Manifest main attributes");
}
// go through each section in the signature file
@@ -245,11 +244,11 @@
Map.Entry<String,Attributes> e = entries.next();
String name = e.getKey();
if (manifestSigned ||
- (verifySection(e.getValue(), name, md, decoder))) {
+ (verifySection(e.getValue(), name, md))) {
if (name.startsWith("./"))
name = name.substring(2);
if (name.startsWith("/"))
@@ -273,11 +272,10 @@
/**
* See if the whole manifest was signed.
*/
private boolean verifyManifestHash(Manifest sf,
ManifestDigester md,
- BASE64Decoder decoder,
List<Object> manifestDigests)
throws IOException
{
Attributes mattr = sf.getMainAttributes();
boolean manifestSigned = false;
@@ -295,11 +293,11 @@
manifestDigests.add(se.getValue());
MessageDigest digest = getDigest(algorithm);
if (digest != null) {
byte[] computedHash = md.manifestDigest(digest);
byte[] expectedHash =
- decoder.decodeBuffer((String)se.getValue());
+ Base64.getMimeDecoder().decode((String)se.getValue());
if (debug != null) {
debug.println("Signature File: Manifest digest " +
digest.getAlgorithm());
debug.println( " sigfile " + toHex(expectedHash));
@@ -318,12 +316,11 @@
}
return manifestSigned;
}
private boolean verifyManifestMainAttrs(Manifest sf,
- ManifestDigester md,
- BASE64Decoder decoder)
+ ManifestDigester md)
throws IOException
{
Attributes mattr = sf.getMainAttributes();
boolean attrsVerified = true;
@@ -340,11 +337,11 @@
if (digest != null) {
ManifestDigester.Entry mde =
md.get(ManifestDigester.MF_MAIN_ATTRS, false);
byte[] computedHash = mde.digest(digest);
byte[] expectedHash =
- decoder.decodeBuffer((String)se.getValue());
+ Base64.getMimeDecoder().decode((String)se.getValue());
if (debug != null) {
debug.println("Signature File: " +
"Manifest Main Attributes digest " +
digest.getAlgorithm());
@@ -385,12 +382,11 @@
* @exception SecurityException if the hash was not equal
*/
private boolean verifySection(Attributes sfAttr,
String name,
- ManifestDigester md,
- BASE64Decoder decoder)
+ ManifestDigester md)
throws IOException
{
boolean oneDigestVerified = false;
ManifestDigester.Entry mde = md.get(name,block.isOldStyle());
@@ -416,11 +412,11 @@
if (digest != null) {
boolean ok = false;
byte[] expected =
- decoder.decodeBuffer((String)se.getValue());
+ Base64.getMimeDecoder().decode((String)se.getValue());
byte[] computed;
if (workaround) {
computed = mde.digestWorkaround(digest);
} else {
computed = mde.digest(digest);