src/share/classes/org/openjdk/jigsaw/cli/Signer.java

Print this page




  23  * questions.
  24  */
  25 
  26 package org.openjdk.jigsaw.cli;
  27 
  28 import java.io.*;
  29 import java.net.URI;
  30 import java.nio.channels.FileChannel;
  31 import java.nio.file.Files;
  32 import java.nio.file.StandardCopyOption;
  33 import java.security.*;
  34 import java.security.cert.X509Certificate;
  35 import java.util.ArrayList;
  36 import java.util.Arrays;
  37 import java.util.List;
  38 import javax.security.auth.DestroyFailedException;
  39 
  40 import static java.lang.System.err;
  41 import static java.lang.System.in;
  42 import static java.lang.System.out;

  43 import static java.security.KeyStore.PasswordProtection;
  44 import static java.security.KeyStore.PrivateKeyEntry;
  45 import java.util.Map;
  46 
  47 import org.openjdk.jigsaw.*;
  48 import org.openjdk.jigsaw.ModuleFileParserException;
  49 import org.openjdk.jigsaw.ModuleFileParser.Event;
  50 import org.openjdk.internal.joptsimple.OptionException;
  51 import org.openjdk.internal.joptsimple.OptionParser;
  52 import org.openjdk.internal.joptsimple.OptionSet;
  53 import org.openjdk.internal.joptsimple.OptionSpec;
  54 
  55 import static org.openjdk.jigsaw.ModuleFile.*;
  56 import static org.openjdk.jigsaw.FileConstants.ModuleFile.*;
  57 
  58 import sun.security.pkcs.PKCS7;
  59 import sun.security.util.Password;
  60 
  61 /* Interface:
  62 


 230                         if (header.getType() == SectionType.SIGNATURE)
 231                             throw new Command.Exception("module file is already signed");
 232                         if (header.getType() == SectionType.MODULE_INFO)
 233                             moduleInfoLength = header.getCSize();
 234                     }
 235                 }
 236                 hashes.add(parser.getHeaderHash());
 237                 for (byte[] hash: parser.getHashes().values())
 238                     hashes.add(hash);  // section hashes
 239                 hashes.add(parser.getFileHash());
 240             } catch (IOException | ModuleFileParserException x) {
 241                 throw new Command.Exception("unable to read module file", x);
 242             }
 243 
 244             // Next, generate signature and insert into signed module file
 245             File tmpFile = (signedModuleFile == null)
 246                 ? new File(moduleFile + ".sig") : signedModuleFile;
 247             try (RandomAccessFile mraf = new RandomAccessFile(moduleFile, "r");
 248                  RandomAccessFile raf = new RandomAccessFile(tmpFile, "rw"))
 249             {



 250                 raf.setLength(0);
 251 
 252                 // Transfer header and module-info from module file
 253                 // to signed module file.
 254                 long remainderStart = ModuleFileHeader.LENGTH
 255                                       + SectionHeader.LENGTH
 256                                       + moduleInfoLength;
 257                 FileChannel source = mraf.getChannel();
 258                 FileChannel dest = raf.getChannel();
 259                 for (long pos = 0; pos < remainderStart;) {
 260                     pos += source.transferTo(pos, remainderStart - pos, dest);
 261                 }
 262 
 263                 // Write out the Signature Section
 264                 writeSignatureSection(raf, hashes, pke);
 265 
 266                 // Transfer the remainder of the file
 267                 for (long pos = remainderStart; pos < mraf.length();) {
 268                     pos += source.transferTo(pos, mraf.length() - pos, dest);
 269                 }
 270 
 271             } catch (IOException | GeneralSecurityException x) {
 272                 try {
 273                     Files.deleteIfExists(tmpFile.toPath());
 274                 } catch (IOException ioe) {




  23  * questions.
  24  */
  25 
  26 package org.openjdk.jigsaw.cli;
  27 
  28 import java.io.*;
  29 import java.net.URI;
  30 import java.nio.channels.FileChannel;
  31 import java.nio.file.Files;
  32 import java.nio.file.StandardCopyOption;
  33 import java.security.*;
  34 import java.security.cert.X509Certificate;
  35 import java.util.ArrayList;
  36 import java.util.Arrays;
  37 import java.util.List;
  38 import javax.security.auth.DestroyFailedException;
  39 
  40 import static java.lang.System.err;
  41 import static java.lang.System.in;
  42 import static java.lang.System.out;
  43 import java.nio.channels.Channels;
  44 import static java.security.KeyStore.PasswordProtection;
  45 import static java.security.KeyStore.PrivateKeyEntry;
  46 import java.util.Map;
  47 
  48 import org.openjdk.jigsaw.*;
  49 import org.openjdk.jigsaw.ModuleFileParserException;
  50 import org.openjdk.jigsaw.ModuleFileParser.Event;
  51 import org.openjdk.internal.joptsimple.OptionException;
  52 import org.openjdk.internal.joptsimple.OptionParser;
  53 import org.openjdk.internal.joptsimple.OptionSet;
  54 import org.openjdk.internal.joptsimple.OptionSpec;
  55 
  56 import static org.openjdk.jigsaw.ModuleFile.*;
  57 import static org.openjdk.jigsaw.FileConstants.ModuleFile.*;
  58 
  59 import sun.security.pkcs.PKCS7;
  60 import sun.security.util.Password;
  61 
  62 /* Interface:
  63 


 231                         if (header.getType() == SectionType.SIGNATURE)
 232                             throw new Command.Exception("module file is already signed");
 233                         if (header.getType() == SectionType.MODULE_INFO)
 234                             moduleInfoLength = header.getCSize();
 235                     }
 236                 }
 237                 hashes.add(parser.getHeaderHash());
 238                 for (byte[] hash: parser.getHashes().values())
 239                     hashes.add(hash);  // section hashes
 240                 hashes.add(parser.getFileHash());
 241             } catch (IOException | ModuleFileParserException x) {
 242                 throw new Command.Exception("unable to read module file", x);
 243             }
 244 
 245             // Next, generate signature and insert into signed module file
 246             File tmpFile = (signedModuleFile == null)
 247                 ? new File(moduleFile + ".sig") : signedModuleFile;
 248             try (RandomAccessFile mraf = new RandomAccessFile(moduleFile, "r");
 249                  RandomAccessFile raf = new RandomAccessFile(tmpFile, "rw"))
 250             {
 251                 ModuleFileHeader header = ModuleFileHeader.read(Channels.newInputStream(mraf.getChannel()));
 252 
 253                 mraf.seek(0);
 254                 raf.setLength(0);
 255 
 256                 // Transfer header and module-info from module file
 257                 // to signed module file.
 258                 long remainderStart = header.getLength()
 259                                       + SectionHeader.LENGTH
 260                                       + moduleInfoLength;
 261                 FileChannel source = mraf.getChannel();
 262                 FileChannel dest = raf.getChannel();
 263                 for (long pos = 0; pos < remainderStart;) {
 264                     pos += source.transferTo(pos, remainderStart - pos, dest);
 265                 }
 266 
 267                 // Write out the Signature Section
 268                 writeSignatureSection(raf, hashes, pke);
 269 
 270                 // Transfer the remainder of the file
 271                 for (long pos = remainderStart; pos < mraf.length();) {
 272                     pos += source.transferTo(pos, mraf.length() - pos, dest);
 273                 }
 274 
 275             } catch (IOException | GeneralSecurityException x) {
 276                 try {
 277                     Files.deleteIfExists(tmpFile.toPath());
 278                 } catch (IOException ioe) {