src/share/classes/org/openjdk/jigsaw/cli/Signer.java

Print this page




 399         private void writeSignatureSection(DataOutput out,
 400                                            List<byte[]> hashes,
 401                                            SignerParameters params)
 402             throws IOException, SignatureException, NoSuchAlgorithmException {
 403 
 404             ByteArrayOutputStream baos = new ByteArrayOutputStream();
 405             short hashLength;
 406             for (byte[] hash : hashes) {
 407                 hashLength = (short) hash.length;
 408                 baos.write((byte) ((hashLength >>> 8) & 0xFF));
 409                 baos.write((byte) ((hashLength >>> 0) & 0xFF));
 410                 baos.write(hash, 0, hashLength);
 411             }
 412             byte[] toBeSigned = baos.toByteArray();
 413 
 414             // Compute the signature
 415             SignedModule.PKCS7Signer signer = new SignedModule.PKCS7Signer();
 416             byte[] signature = signer.generateSignature(toBeSigned, params);
 417 
 418             // Generate the hash for the signature header and content



 419             baos = new ByteArrayOutputStream();
 420             DataOutputStream dos = new DataOutputStream(baos);
 421             short signatureType = (short)signer.getSignatureType().value();
 422             dos.writeShort(signatureType);
 423             short signatureLength = (short)signature.length;
 424             dos.writeInt(signature.length);
 425             byte[] signatureHeader = baos.toByteArray();
 426             MessageDigest md = MessageDigest.getInstance("SHA-256");
 427             md.update(signatureHeader);
 428             md.update(signature);
 429             byte[] hash = md.digest();
 430 
 431             // Write out the Signature Section
 432             SectionHeader header =
 433                     new SectionHeader(FileConstants.ModuleFile.SectionType.SIGNATURE,
 434                                       FileConstants.ModuleFile.Compressor.NONE,
 435                                       signature.length + 6,
 436                                       (short)0, hash);
 437             header.write(out);
 438             out.write(signatureHeader);
 439             out.write(signature);
 440         }
 441     }
 442 
 443     /**
 444      * Returns true if KeyStore has a password. This is true except for
 445      * MSCAPI KeyStores
 446      */
 447     private static boolean isWindowsKeyStore(String storetype) {
 448         return storetype.equalsIgnoreCase("Windows-MY")
 449                 || storetype.equalsIgnoreCase("Windows-ROOT");
 450     }
 451 }


 399         private void writeSignatureSection(DataOutput out,
 400                                            List<byte[]> hashes,
 401                                            SignerParameters params)
 402             throws IOException, SignatureException, NoSuchAlgorithmException {
 403 
 404             ByteArrayOutputStream baos = new ByteArrayOutputStream();
 405             short hashLength;
 406             for (byte[] hash : hashes) {
 407                 hashLength = (short) hash.length;
 408                 baos.write((byte) ((hashLength >>> 8) & 0xFF));
 409                 baos.write((byte) ((hashLength >>> 0) & 0xFF));
 410                 baos.write(hash, 0, hashLength);
 411             }
 412             byte[] toBeSigned = baos.toByteArray();
 413 
 414             // Compute the signature
 415             SignedModule.PKCS7Signer signer = new SignedModule.PKCS7Signer();
 416             byte[] signature = signer.generateSignature(toBeSigned, params);
 417 
 418             // Generate the hash for the signature header and content
 419             SignatureSection signatureSection =
 420                     new SignatureSection(signer.getSignatureType().value(),
 421                                          signature.length, signature);
 422             baos = new ByteArrayOutputStream();
 423             DataOutputStream dos = new DataOutputStream(baos);
 424             signatureSection.write(dos);
 425             byte[] hash = MessageDigest.getInstance("SHA-256").digest(baos.toByteArray());







 426 
 427             // Write out the Signature Section
 428             SectionHeader header =
 429                     new SectionHeader(FileConstants.ModuleFile.SectionType.SIGNATURE,
 430                                       FileConstants.ModuleFile.Compressor.NONE,
 431                                       signature.length + 6,
 432                                       (short)0, hash);
 433             header.write(out);
 434             signatureSection.write(out);

 435         }
 436     }
 437 
 438     /**
 439      * Returns true if KeyStore has a password. This is true except for
 440      * MSCAPI KeyStores
 441      */
 442     private static boolean isWindowsKeyStore(String storetype) {
 443         return storetype.equalsIgnoreCase("Windows-MY")
 444                 || storetype.equalsIgnoreCase("Windows-ROOT");
 445     }
 446 }