src/java.base/share/classes/java/util/jar/JarFile.java

Print this page




  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package java.util.jar;
  27 
  28 import java.io.*;
  29 import java.lang.ref.SoftReference;
  30 import java.net.URL;
  31 import java.util.*;
  32 import java.util.stream.Stream;
  33 import java.util.stream.StreamSupport;
  34 import java.util.zip.*;
  35 import java.security.CodeSigner;
  36 import java.security.cert.Certificate;
  37 import java.security.AccessController;
  38 import java.security.CodeSource;
  39 import jdk.internal.misc.SharedSecrets;
  40 import sun.misc.IOUtils;
  41 import sun.security.action.GetPropertyAction;
  42 import sun.security.util.ManifestEntryVerifier;
  43 import sun.security.util.SignatureFileVerifier;
  44 
  45 /**
  46  * The {@code JarFile} class is used to read the contents of a jar file
  47  * from any file that can be opened with {@code java.io.RandomAccessFile}.
  48  * It extends the class {@code java.util.zip.ZipFile} with support
  49  * for reading an optional {@code Manifest} entry. The
  50  * {@code Manifest} can be used to specify meta-information about the
  51  * jar file and its entries.
  52  *
  53  * <p> Unless otherwise noted, passing a {@code null} argument to a constructor
  54  * or method in this class will cause a {@link NullPointerException} to be
  55  * thrown.
  56  *
  57  * If the verify flag is on when opening a signed jar file, the content of the
  58  * file is verified against its signature embedded inside the file. Please note
  59  * that the verification process does not include validating the signer's
  60  * certificate. A caller should inspect the return value of


 421             if (JarVerifier.debug != null) {
 422                 JarVerifier.debug.println("done with meta!");
 423             }
 424 
 425             if (jv.nothingToVerify()) {
 426                 if (JarVerifier.debug != null) {
 427                     JarVerifier.debug.println("nothing to verify!");
 428                 }
 429                 jv = null;
 430                 verify = false;
 431             }
 432         }
 433     }
 434 
 435     /*
 436      * Reads all the bytes for a given entry. Used to process the
 437      * META-INF files.
 438      */
 439     private byte[] getBytes(ZipEntry ze) throws IOException {
 440         try (InputStream is = super.getInputStream(ze)) {
 441             return IOUtils.readFully(is, (int)ze.getSize(), true);





 442         }
 443     }
 444 
 445     /**
 446      * Returns an input stream for reading the contents of the specified
 447      * zip file entry.
 448      * @param ze the zip file entry
 449      * @return an input stream for reading the contents of the specified
 450      *         zip file entry
 451      * @throws ZipException if a zip file format error has occurred
 452      * @throws IOException if an I/O error has occurred
 453      * @throws SecurityException if any of the jar file entries
 454      *         are incorrectly signed.
 455      * @throws IllegalStateException
 456      *         may be thrown if the jar file has been closed
 457      */
 458     public synchronized InputStream getInputStream(ZipEntry ze)
 459         throws IOException
 460     {
 461         maybeInstantiateVerifier();




  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package java.util.jar;
  27 
  28 import java.io.*;
  29 import java.lang.ref.SoftReference;
  30 import java.net.URL;
  31 import java.util.*;
  32 import java.util.stream.Stream;
  33 import java.util.stream.StreamSupport;
  34 import java.util.zip.*;
  35 import java.security.CodeSigner;
  36 import java.security.cert.Certificate;
  37 import java.security.AccessController;
  38 import java.security.CodeSource;
  39 import jdk.internal.misc.SharedSecrets;

  40 import sun.security.action.GetPropertyAction;
  41 import sun.security.util.ManifestEntryVerifier;
  42 import sun.security.util.SignatureFileVerifier;
  43 
  44 /**
  45  * The {@code JarFile} class is used to read the contents of a jar file
  46  * from any file that can be opened with {@code java.io.RandomAccessFile}.
  47  * It extends the class {@code java.util.zip.ZipFile} with support
  48  * for reading an optional {@code Manifest} entry. The
  49  * {@code Manifest} can be used to specify meta-information about the
  50  * jar file and its entries.
  51  *
  52  * <p> Unless otherwise noted, passing a {@code null} argument to a constructor
  53  * or method in this class will cause a {@link NullPointerException} to be
  54  * thrown.
  55  *
  56  * If the verify flag is on when opening a signed jar file, the content of the
  57  * file is verified against its signature embedded inside the file. Please note
  58  * that the verification process does not include validating the signer's
  59  * certificate. A caller should inspect the return value of


 420             if (JarVerifier.debug != null) {
 421                 JarVerifier.debug.println("done with meta!");
 422             }
 423 
 424             if (jv.nothingToVerify()) {
 425                 if (JarVerifier.debug != null) {
 426                     JarVerifier.debug.println("nothing to verify!");
 427                 }
 428                 jv = null;
 429                 verify = false;
 430             }
 431         }
 432     }
 433 
 434     /*
 435      * Reads all the bytes for a given entry. Used to process the
 436      * META-INF files.
 437      */
 438     private byte[] getBytes(ZipEntry ze) throws IOException {
 439         try (InputStream is = super.getInputStream(ze)) {
 440             int len = (int)ze.getSize();
 441             byte[] b = is.readAllBytes();
 442             if (len != -1 && b.length != len)
 443                 throw new EOFException("Expected:" + len + ", read:" + b.length);
 444 
 445             return b;
 446         }
 447     }
 448 
 449     /**
 450      * Returns an input stream for reading the contents of the specified
 451      * zip file entry.
 452      * @param ze the zip file entry
 453      * @return an input stream for reading the contents of the specified
 454      *         zip file entry
 455      * @throws ZipException if a zip file format error has occurred
 456      * @throws IOException if an I/O error has occurred
 457      * @throws SecurityException if any of the jar file entries
 458      *         are incorrectly signed.
 459      * @throws IllegalStateException
 460      *         may be thrown if the jar file has been closed
 461      */
 462     public synchronized InputStream getInputStream(ZipEntry ze)
 463         throws IOException
 464     {
 465         maybeInstantiateVerifier();