1 /* 2 * Copyright (c) 1997, 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.util.jar; 27 28 import java.io.*; 29 import java.lang.ref.SoftReference; 30 import java.net.URL; 31 import java.util.*; 32 import java.util.stream.Stream; 33 import java.util.stream.StreamSupport; 34 import java.util.zip.*; 35 import java.security.CodeSigner; 36 import java.security.cert.Certificate; 37 import java.security.CodeSource; 38 import jdk.internal.misc.SharedSecrets; 39 import sun.security.action.GetPropertyAction; 40 import sun.security.util.ManifestEntryVerifier; 41 import sun.security.util.SignatureFileVerifier; 42 43 /** 44 * The {@code JarFile} class is used to read the contents of a jar file 45 * from any file that can be opened with {@code java.io.RandomAccessFile}. 46 * It extends the class {@code java.util.zip.ZipFile} with support 47 * for reading an optional {@code Manifest} entry, and support for 48 * processing multi-release jar files. The {@code Manifest} can be used 49 * to specify meta-information about the jar file and its entries. 50 * 51 * <p>A multi-release jar file is a jar file that contains 52 * a manifest with a main attribute named "Multi-Release", 53 * a set of "base" entries, some of which are public classes with public 54 * or protected methods that comprise the public interface of the jar file, 55 * and a set of "versioned" entries contained in subdirectories of the 56 * "META-INF/versions" directory. The versioned entries are partitioned by the 57 * major version of the Java platform. A versioned entry, with a version 58 * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides 59 * the base entry as well as any entry with a version number {@code i} where 60 * {@code 8 < i < n}. 61 * 62 * <p>By default, a {@code JarFile} for a multi-release jar file is configured 63 * to process the multi-release jar file as if it were a plain (unversioned) jar 64 * file, and as such an entry name is associated with at most one base entry. 65 * The {@code JarFile} may be configured to process a multi-release jar file by 66 * creating the {@code JarFile} with the 67 * {@link JarFile#JarFile(File, boolean, int, Release)} constructor. The 68 * {@code Release} object sets a maximum version used when searching for 69 * versioned entries. When so configured, an entry name 70 * can correspond with at most one base entry and zero or more versioned 71 * entries. A search is required to associate the entry name with the latest 72 * versioned entry whose version is less than or equal to the maximum version 73 * (see {@link #getEntry(String)}). 74 * 75 * <p>Class loaders that utilize {@code JarFile} to load classes from the 76 * contents of {@code JarFile} entries should construct the {@code JarFile} 77 * by invoking the {@link JarFile#JarFile(File, boolean, int, Release)} 78 * constructor with the value {@code Release.RUNTIME} assigned to the last 79 * argument. This assures that classes compatible with the major 80 * version of the running JVM are loaded from multi-release jar files. 81 * 82 * <p>If the verify flag is on when opening a signed jar file, the content of 83 * the file is verified against its signature embedded inside the file. Please 84 * note that the verification process does not include validating the signer's 85 * certificate. A caller should inspect the return value of 86 * {@link JarEntry#getCodeSigners()} to further determine if the signature 87 * can be trusted. 88 * 89 * <p> Unless otherwise noted, passing a {@code null} argument to a constructor 90 * or method in this class will cause a {@link NullPointerException} to be 91 * thrown. 92 * 93 * @implNote 94 * <div class="block"> 95 * If the API can not be used to configure a {@code JarFile} (e.g. to override 96 * the configuration of a compiled application or library), two {@code System} 97 * properties are available. 98 * <ul> 99 * <li> 100 * {@code jdk.util.jar.version} can be assigned a value that is the 101 * {@code String} representation of a non-negative integer 102 * {@code <= Version.current().major()}. The value is used to set the effective 103 * runtime version to something other than the default value obtained by 104 * evaluating {@code Version.current().major()}. The effective runtime version 105 * is the version that the {@link JarFile#JarFile(File, boolean, int, Release)} 106 * constructor uses when the value of the last argument is 107 * {@code Release.RUNTIME}. 108 * </li> 109 * <li> 110 * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three 111 * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>. The 112 * value <em>true</em>, the default value, enables multi-release jar file 113 * processing. The value <em>false</em> disables multi-release jar processing, 114 * ignoring the "Multi-Release" manifest attribute, and the versioned 115 * directories in a multi-release jar file if they exist. Furthermore, 116 * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value 117 * <em>force</em> causes the {@code JarFile} to be initialized to runtime 118 * versioning after construction. It effectively does the same as this code: 119 * {@code (new JarFile(File, boolean, int, Release.RUNTIME)}. 120 * </li> 121 * </ul> 122 * </div> 123 * 124 * @author David Connelly 125 * @see Manifest 126 * @see java.util.zip.ZipFile 127 * @see java.util.jar.JarEntry 128 * @since 1.2 129 */ 130 public 131 class JarFile extends ZipFile { 132 private final static int BASE_VERSION; 133 private final static int RUNTIME_VERSION; 134 private final static boolean MULTI_RELEASE_ENABLED; 135 private final static boolean MULTI_RELEASE_FORCED; 136 private SoftReference<Manifest> manRef; 137 private JarEntry manEntry; 138 private JarVerifier jv; 139 private boolean jvInitialized; 140 private boolean verify; 141 private final int version; 142 private boolean notVersioned; 143 private final boolean runtimeVersioned; 144 private boolean isMultiRelease; // is jar multi-release? 145 146 // indicates if Class-Path attribute present 147 private boolean hasClassPathAttribute; 148 // true if manifest checked for special attributes 149 private volatile boolean hasCheckedSpecialAttributes; 150 151 static { 152 // Set up JavaUtilJarAccess in SharedSecrets 153 SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl()); 154 155 BASE_VERSION = 8; // one less than lowest version for versioned entries 156 int runtimeVersion = jdk.Version.current().major(); 157 String jarVersion = 158 GetPropertyAction.getProperty("jdk.util.jar.version"); 159 if (jarVersion != null) { 160 int jarVer = Integer.parseInt(jarVersion); 161 runtimeVersion = (jarVer > runtimeVersion) 162 ? runtimeVersion : Math.max(jarVer, 0); 163 } 164 RUNTIME_VERSION = runtimeVersion; 165 String enableMultiRelease = GetPropertyAction 166 .getProperty("jdk.util.jar.enableMultiRelease", "true"); 167 switch (enableMultiRelease) { 168 case "true": 169 default: 170 MULTI_RELEASE_ENABLED = true; 171 MULTI_RELEASE_FORCED = false; 172 break; 173 case "false": 174 MULTI_RELEASE_ENABLED = false; 175 MULTI_RELEASE_FORCED = false; 176 break; 177 case "force": 178 MULTI_RELEASE_ENABLED = true; 179 MULTI_RELEASE_FORCED = true; 180 break; 181 } 182 } 183 184 /** 185 * A set of constants that represent the entries in either the base directory 186 * or one of the versioned directories in a multi-release jar file. It's 187 * possible for a multi-release jar file to contain versioned directories 188 * that are not represented by the constants of the {@code Release} enum. 189 * In those cases, the entries will not be located by this {@code JarFile} 190 * through the aliasing mechanism, but they can be directly accessed by 191 * specifying the full path name of the entry. 192 * 193 * @since 9 194 */ 195 public enum Release { 196 /** 197 * Represents unversioned entries, or entries in "regular", as opposed 198 * to multi-release jar files. 199 */ 200 BASE(BASE_VERSION), 201 202 /** 203 * Represents entries found in the META-INF/versions/9 directory of a 204 * multi-release jar file. 205 */ 206 VERSION_9(9), 207 208 // fill in the "blanks" for future releases 209 210 /** 211 * Represents entries found in the META-INF/versions/{n} directory of a 212 * multi-release jar file, where {@code n} is the effective runtime 213 * version of the jar file. 214 * 215 * @implNote 216 * <div class="block"> 217 * The effective runtime version is determined 218 * by evaluating {@code Version.current().major()} or by using the value 219 * of the {@code jdk.util.jar.version} System property if it exists. 220 * </div> 221 */ 222 RUNTIME(RUNTIME_VERSION); 223 224 Release(int version) { 225 this.version = version; 226 } 227 228 private static Release valueOf(int version) { 229 return version <= BASE.value() ? BASE : valueOf("VERSION_" + version); 230 } 231 232 private final int version; 233 234 private int value() { 235 return this.version; 236 } 237 } 238 239 private static final String META_INF = "META-INF/"; 240 241 private static final String META_INF_VERSIONS = META_INF + "versions/"; 242 243 /** 244 * The JAR manifest file name. 245 */ 246 public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF"; 247 248 /** 249 * Creates a new {@code JarFile} to read from the specified 250 * file {@code name}. The {@code JarFile} will be verified if 251 * it is signed. 252 * @param name the name of the jar file to be opened for reading 253 * @throws IOException if an I/O error has occurred 254 * @throws SecurityException if access to the file is denied 255 * by the SecurityManager 256 */ 257 public JarFile(String name) throws IOException { 258 this(new File(name), true, ZipFile.OPEN_READ); 259 } 260 261 /** 262 * Creates a new {@code JarFile} to read from the specified 263 * file {@code name}. 264 * @param name the name of the jar file to be opened for reading 265 * @param verify whether or not to verify the jar file if 266 * it is signed. 267 * @throws IOException if an I/O error has occurred 268 * @throws SecurityException if access to the file is denied 269 * by the SecurityManager 270 */ 271 public JarFile(String name, boolean verify) throws IOException { 272 this(new File(name), verify, ZipFile.OPEN_READ); 273 } 274 275 /** 276 * Creates a new {@code JarFile} to read from the specified 277 * {@code File} object. The {@code JarFile} will be verified if 278 * it is signed. 279 * @param file the jar file to be opened for reading 280 * @throws IOException if an I/O error has occurred 281 * @throws SecurityException if access to the file is denied 282 * by the SecurityManager 283 */ 284 public JarFile(File file) throws IOException { 285 this(file, true, ZipFile.OPEN_READ); 286 } 287 288 /** 289 * Creates a new {@code JarFile} to read from the specified 290 * {@code File} object. 291 * @param file the jar file to be opened for reading 292 * @param verify whether or not to verify the jar file if 293 * it is signed. 294 * @throws IOException if an I/O error has occurred 295 * @throws SecurityException if access to the file is denied 296 * by the SecurityManager. 297 */ 298 public JarFile(File file, boolean verify) throws IOException { 299 this(file, verify, ZipFile.OPEN_READ); 300 } 301 302 /** 303 * Creates a new {@code JarFile} to read from the specified 304 * {@code File} object in the specified mode. The mode argument 305 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}. 306 * 307 * @param file the jar file to be opened for reading 308 * @param verify whether or not to verify the jar file if 309 * it is signed. 310 * @param mode the mode in which the file is to be opened 311 * @throws IOException if an I/O error has occurred 312 * @throws IllegalArgumentException 313 * if the {@code mode} argument is invalid 314 * @throws SecurityException if access to the file is denied 315 * by the SecurityManager 316 * @since 1.3 317 */ 318 public JarFile(File file, boolean verify, int mode) throws IOException { 319 this(file, verify, mode, Release.BASE); 320 this.notVersioned = true; 321 } 322 323 /** 324 * Creates a new {@code JarFile} to read from the specified 325 * {@code File} object in the specified mode. The mode argument 326 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}. 327 * The version argument configures the {@code JarFile} for processing 328 * multi-release jar files. 329 * 330 * @param file the jar file to be opened for reading 331 * @param verify whether or not to verify the jar file if 332 * it is signed. 333 * @param mode the mode in which the file is to be opened 334 * @param version specifies the release version for a multi-release jar file 335 * @throws IOException if an I/O error has occurred 336 * @throws IllegalArgumentException 337 * if the {@code mode} argument is invalid 338 * @throws SecurityException if access to the file is denied 339 * by the SecurityManager 340 * @throws NullPointerException if {@code version} is {@code null} 341 * @since 9 342 */ 343 public JarFile(File file, boolean verify, int mode, Release version) throws IOException { 344 super(file, mode); 345 Objects.requireNonNull(version); 346 this.verify = verify; 347 // version applies to multi-release jar files, ignored for regular jar files 348 if (MULTI_RELEASE_FORCED) { 349 this.version = RUNTIME_VERSION; 350 version = Release.RUNTIME; 351 } else { 352 this.version = version.value(); 353 } 354 this.runtimeVersioned = version == Release.RUNTIME; 355 356 assert runtimeVersionExists(); 357 } 358 359 private boolean runtimeVersionExists() { 360 int version = jdk.Version.current().major(); 361 try { 362 Release.valueOf(version); 363 return true; 364 } catch (IllegalArgumentException x) { 365 System.err.println("No JarFile.Release object for release " + version); 366 return false; 367 } 368 } 369 370 /** 371 * Returns the maximum version used when searching for versioned entries. 372 * 373 * @return the maximum version, or {@code Release.BASE} if this jar file is 374 * processed as if it is an unversioned jar file or is not a 375 * multi-release jar file 376 * @since 9 377 */ 378 public final Release getVersion() { 379 if (isMultiRelease()) { 380 return runtimeVersioned ? Release.RUNTIME : Release.valueOf(version); 381 } else { 382 return Release.BASE; 383 } 384 } 385 386 /** 387 * Indicates whether or not this jar file is a multi-release jar file. 388 * 389 * @return true if this JarFile is a multi-release jar file 390 * @since 9 391 */ 392 public final boolean isMultiRelease() { 393 if (isMultiRelease) { 394 return true; 395 } 396 if (MULTI_RELEASE_ENABLED && version != BASE_VERSION) { 397 try { 398 checkForSpecialAttributes(); 399 } catch (IOException io) { 400 isMultiRelease = false; 401 } 402 } 403 return isMultiRelease; 404 } 405 406 /** 407 * Returns the jar file manifest, or {@code null} if none. 408 * 409 * @return the jar file manifest, or {@code null} if none 410 * 411 * @throws IllegalStateException 412 * may be thrown if the jar file has been closed 413 * @throws IOException if an I/O error has occurred 414 */ 415 public Manifest getManifest() throws IOException { 416 return getManifestFromReference(); 417 } 418 419 private Manifest getManifestFromReference() throws IOException { 420 Manifest man = manRef != null ? manRef.get() : null; 421 422 if (man == null) { 423 424 JarEntry manEntry = getManEntry(); 425 426 // If found then load the manifest 427 if (manEntry != null) { 428 if (verify) { 429 byte[] b = getBytes(manEntry); 430 man = new Manifest(new ByteArrayInputStream(b)); 431 if (!jvInitialized) { 432 jv = new JarVerifier(b); 433 } 434 } else { 435 man = new Manifest(super.getInputStream(manEntry)); 436 } 437 manRef = new SoftReference<>(man); 438 } 439 } 440 return man; 441 } 442 443 private String[] getMetaInfEntryNames() { 444 return jdk.internal.misc.SharedSecrets.getJavaUtilZipFileAccess() 445 .getMetaInfEntryNames((ZipFile)this); 446 } 447 448 /** 449 * Returns the {@code JarEntry} for the given base entry name or 450 * {@code null} if not found. 451 * 452 * <p>If this {@code JarFile} is a multi-release jar file and is configured 453 * to be processed as such, then a search is performed to find and return 454 * a {@code JarEntry} that is the latest versioned entry associated with the 455 * given entry name. The returned {@code JarEntry} is the versioned entry 456 * corresponding to the given base entry name prefixed with the string 457 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for 458 * which an entry exists. If such a versioned entry does not exist, then 459 * the {@code JarEntry} for the base entry is returned, otherwise 460 * {@code null} is returned if no entries are found. The initial value for 461 * the version {@code n} is the maximum version as returned by the method 462 * {@link JarFile#getVersion()}. 463 * 464 * @param name the jar file entry name 465 * @return the {@code JarEntry} for the given entry name, or 466 * the versioned entry name, or {@code null} if not found 467 * 468 * @throws IllegalStateException 469 * may be thrown if the jar file has been closed 470 * 471 * @see java.util.jar.JarEntry 472 * 473 * @implSpec 474 * <div class="block"> 475 * This implementation invokes {@link JarFile#getEntry(String)}. 476 * </div> 477 */ 478 public JarEntry getJarEntry(String name) { 479 return (JarEntry)getEntry(name); 480 } 481 482 /** 483 * Returns the {@code ZipEntry} for the given base entry name or 484 * {@code null} if not found. 485 * 486 * <p>If this {@code JarFile} is a multi-release jar file and is configured 487 * to be processed as such, then a search is performed to find and return 488 * a {@code ZipEntry} that is the latest versioned entry associated with the 489 * given entry name. The returned {@code ZipEntry} is the versioned entry 490 * corresponding to the given base entry name prefixed with the string 491 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for 492 * which an entry exists. If such a versioned entry does not exist, then 493 * the {@code ZipEntry} for the base entry is returned, otherwise 494 * {@code null} is returned if no entries are found. The initial value for 495 * the version {@code n} is the maximum version as returned by the method 496 * {@link JarFile#getVersion()}. 497 * 498 * @param name the jar file entry name 499 * @return the {@code ZipEntry} for the given entry name or 500 * the versioned entry name or {@code null} if not found 501 * 502 * @throws IllegalStateException 503 * may be thrown if the jar file has been closed 504 * 505 * @see java.util.zip.ZipEntry 506 * 507 * @implSpec 508 * <div class="block"> 509 * This implementation may return a versioned entry for the requested name 510 * even if there is not a corresponding base entry. This can occur 511 * if there is a private or package-private versioned entry that matches. 512 * If a subclass overrides this method, assure that the override method 513 * invokes {@code super.getEntry(name)} to obtain all versioned entries. 514 * </div> 515 */ 516 public ZipEntry getEntry(String name) { 517 ZipEntry ze = super.getEntry(name); 518 if (ze != null) { 519 return new JarFileEntry(ze); 520 } 521 // no matching base entry, but maybe there is a versioned entry, 522 // like a new private class 523 if (isMultiRelease()) { 524 ze = new ZipEntry(name); 525 ZipEntry vze = getVersionedEntry(ze); 526 if (ze != vze) { 527 return new JarFileEntry(name, vze); 528 } 529 } 530 return null; 531 } 532 533 private class JarEntryIterator implements Enumeration<JarEntry>, 534 Iterator<JarEntry> 535 { 536 final Enumeration<? extends ZipEntry> e = JarFile.super.entries(); 537 ZipEntry ze; 538 539 public boolean hasNext() { 540 if (notVersioned) { 541 return e.hasMoreElements(); 542 } 543 if (ze != null) { 544 return true; 545 } 546 return findNext(); 547 } 548 549 private boolean findNext() { 550 while (e.hasMoreElements()) { 551 ZipEntry ze2 = e.nextElement(); 552 if (!ze2.getName().startsWith(META_INF_VERSIONS)) { 553 ze = ze2; 554 return true; 555 } 556 } 557 return false; 558 } 559 560 public JarEntry next() { 561 ZipEntry ze2; 562 563 if (notVersioned) { 564 ze2 = e.nextElement(); 565 return new JarFileEntry(ze2.getName(), ze2); 566 } 567 if (ze != null || findNext()) { 568 ze2 = ze; 569 ze = null; 570 return new JarFileEntry(ze2); 571 } 572 throw new NoSuchElementException(); 573 } 574 575 public boolean hasMoreElements() { 576 return hasNext(); 577 } 578 579 public JarEntry nextElement() { 580 return next(); 581 } 582 583 public Iterator<JarEntry> asIterator() { 584 return this; 585 } 586 } 587 588 /** 589 * Returns an enumeration of the jar file entries. The set of entries 590 * returned depends on whether or not the jar file is a multi-release jar 591 * file, and on the constructor used to create the {@code JarFile}. If the 592 * jar file is not a multi-release jar file, all entries are returned, 593 * regardless of how the {@code JarFile} is created. If the constructor 594 * does not take a {@code Release} argument, all entries are returned. 595 * If the jar file is a multi-release jar file and the constructor takes a 596 * {@code Release} argument, then the set of entries returned is equivalent 597 * to the set of entries that would be returned if the set was built by 598 * invoking {@link JarFile#getEntry(String)} or 599 * {@link JarFile#getJarEntry(String)} with the name of each base entry in 600 * the jar file. A base entry is an entry whose path name does not start 601 * with "META-INF/versions/". 602 * 603 * @return an enumeration of the jar file entries 604 * @throws IllegalStateException 605 * may be thrown if the jar file has been closed 606 */ 607 public Enumeration<JarEntry> entries() { 608 return new JarEntryIterator(); 609 } 610 611 /** 612 * Returns an ordered {@code Stream} over all the jar file entries. 613 * Entries appear in the {@code Stream} in the order they appear in 614 * the central directory of the jar file. The set of entries 615 * returned depends on whether or not the jar file is a multi-release jar 616 * file, and on the constructor used to create the {@code JarFile}. If the 617 * jar file is not a multi-release jar file, all entries are returned, 618 * regardless of how the {@code JarFile} is created. If the constructor 619 * does not take a {@code Release} argument, all entries are returned. 620 * If the jar file is a multi-release jar file and the constructor takes a 621 * {@code Release} argument, then the set of entries returned is equivalent 622 * to the set of entries that would be returned if the set was built by 623 * invoking {@link JarFile#getEntry(String)} or 624 * {@link JarFile#getJarEntry(String)} with the name of each base entry in 625 * the jar file. A base entry is an entry whose path name does not start 626 * with "META-INF/versions/". 627 * @return an ordered {@code Stream} of entries in this jar file 628 * @throws IllegalStateException if the jar file has been closed 629 * @since 1.8 630 */ 631 public Stream<JarEntry> stream() { 632 return StreamSupport.stream(Spliterators.spliterator( 633 new JarEntryIterator(), size(), 634 Spliterator.ORDERED | Spliterator.DISTINCT | 635 Spliterator.IMMUTABLE | Spliterator.NONNULL), false); 636 } 637 638 private ZipEntry searchForVersionedEntry(final int version, String name) { 639 ZipEntry vze = null; 640 String sname = "/" + name; 641 int i = version; 642 while (i > BASE_VERSION) { 643 vze = super.getEntry(META_INF_VERSIONS + i + sname); 644 if (vze != null) break; 645 i--; 646 } 647 return vze; 648 } 649 650 private ZipEntry getVersionedEntry(ZipEntry ze) { 651 ZipEntry vze = null; 652 if (version > BASE_VERSION && !ze.isDirectory()) { 653 String name = ze.getName(); 654 if (!name.startsWith(META_INF)) { 655 vze = searchForVersionedEntry(version, name); 656 } 657 } 658 return vze == null ? ze : vze; 659 } 660 661 private class JarFileEntry extends JarEntry { 662 final private String name; 663 664 JarFileEntry(ZipEntry ze) { 665 super(isMultiRelease() ? getVersionedEntry(ze) : ze); 666 this.name = ze.getName(); 667 } 668 JarFileEntry(String name, ZipEntry vze) { 669 super(vze); 670 this.name = name; 671 } 672 public Attributes getAttributes() throws IOException { 673 Manifest man = JarFile.this.getManifest(); 674 if (man != null) { 675 return man.getAttributes(super.getName()); 676 } else { 677 return null; 678 } 679 } 680 public Certificate[] getCertificates() { 681 try { 682 maybeInstantiateVerifier(); 683 } catch (IOException e) { 684 throw new RuntimeException(e); 685 } 686 if (certs == null && jv != null) { 687 certs = jv.getCerts(JarFile.this, reifiedEntry()); 688 } 689 return certs == null ? null : certs.clone(); 690 } 691 public CodeSigner[] getCodeSigners() { 692 try { 693 maybeInstantiateVerifier(); 694 } catch (IOException e) { 695 throw new RuntimeException(e); 696 } 697 if (signers == null && jv != null) { 698 signers = jv.getCodeSigners(JarFile.this, reifiedEntry()); 699 } 700 return signers == null ? null : signers.clone(); 701 } 702 JarFileEntry reifiedEntry() { 703 if (isMultiRelease()) { 704 String entryName = super.getName(); 705 return entryName.equals(this.name) ? this : new JarFileEntry(entryName, this); 706 } 707 return this; 708 } 709 710 @Override 711 public String getName() { 712 return name; 713 } 714 } 715 716 /* 717 * Ensures that the JarVerifier has been created if one is 718 * necessary (i.e., the jar appears to be signed.) This is done as 719 * a quick check to avoid processing of the manifest for unsigned 720 * jars. 721 */ 722 private void maybeInstantiateVerifier() throws IOException { 723 if (jv != null) { 724 return; 725 } 726 727 if (verify) { 728 String[] names = getMetaInfEntryNames(); 729 if (names != null) { 730 for (String nameLower : names) { 731 String name = nameLower.toUpperCase(Locale.ENGLISH); 732 if (name.endsWith(".DSA") || 733 name.endsWith(".RSA") || 734 name.endsWith(".EC") || 735 name.endsWith(".SF")) { 736 // Assume since we found a signature-related file 737 // that the jar is signed and that we therefore 738 // need a JarVerifier and Manifest 739 getManifest(); 740 return; 741 } 742 } 743 } 744 // No signature-related files; don't instantiate a 745 // verifier 746 verify = false; 747 } 748 } 749 750 751 /* 752 * Initializes the verifier object by reading all the manifest 753 * entries and passing them to the verifier. 754 */ 755 private void initializeVerifier() { 756 ManifestEntryVerifier mev = null; 757 758 // Verify "META-INF/" entries... 759 try { 760 String[] names = getMetaInfEntryNames(); 761 if (names != null) { 762 for (String name : names) { 763 String uname = name.toUpperCase(Locale.ENGLISH); 764 if (MANIFEST_NAME.equals(uname) 765 || SignatureFileVerifier.isBlockOrSF(uname)) { 766 JarEntry e = getJarEntry(name); 767 if (e == null) { 768 throw new JarException("corrupted jar file"); 769 } 770 if (mev == null) { 771 mev = new ManifestEntryVerifier 772 (getManifestFromReference()); 773 } 774 byte[] b = getBytes(e); 775 if (b != null && b.length > 0) { 776 jv.beginEntry(e, mev); 777 jv.update(b.length, b, 0, b.length, mev); 778 jv.update(-1, null, 0, 0, mev); 779 } 780 } 781 } 782 } 783 } catch (IOException ex) { 784 // if we had an error parsing any blocks, just 785 // treat the jar file as being unsigned 786 jv = null; 787 verify = false; 788 if (JarVerifier.debug != null) { 789 JarVerifier.debug.println("jarfile parsing error!"); 790 ex.printStackTrace(); 791 } 792 } 793 794 // if after initializing the verifier we have nothing 795 // signed, we null it out. 796 797 if (jv != null) { 798 799 jv.doneWithMeta(); 800 if (JarVerifier.debug != null) { 801 JarVerifier.debug.println("done with meta!"); 802 } 803 804 if (jv.nothingToVerify()) { 805 if (JarVerifier.debug != null) { 806 JarVerifier.debug.println("nothing to verify!"); 807 } 808 jv = null; 809 verify = false; 810 } 811 } 812 } 813 814 /* 815 * Reads all the bytes for a given entry. Used to process the 816 * META-INF files. 817 */ 818 private byte[] getBytes(ZipEntry ze) throws IOException { 819 try (InputStream is = super.getInputStream(ze)) { 820 int len = (int)ze.getSize(); 821 int bytesRead; 822 byte[] b; 823 // trust specified entry sizes when reasonably small 824 if (len != -1 && len <= 65535) { 825 b = new byte[len]; 826 bytesRead = is.readNBytes(b, 0, len); 827 } else { 828 b = is.readAllBytes(); 829 bytesRead = b.length; 830 } 831 if (len != -1 && len != bytesRead) { 832 throw new EOFException("Expected:" + len + ", read:" + bytesRead); 833 } 834 return b; 835 } 836 } 837 838 /** 839 * Returns an input stream for reading the contents of the specified 840 * zip file entry. 841 * @param ze the zip file entry 842 * @return an input stream for reading the contents of the specified 843 * zip file entry 844 * @throws ZipException if a zip file format error has occurred 845 * @throws IOException if an I/O error has occurred 846 * @throws SecurityException if any of the jar file entries 847 * are incorrectly signed. 848 * @throws IllegalStateException 849 * may be thrown if the jar file has been closed 850 */ 851 public synchronized InputStream getInputStream(ZipEntry ze) 852 throws IOException 853 { 854 maybeInstantiateVerifier(); 855 if (jv == null) { 856 return super.getInputStream(ze); 857 } 858 if (!jvInitialized) { 859 initializeVerifier(); 860 jvInitialized = true; 861 // could be set to null after a call to 862 // initializeVerifier if we have nothing to 863 // verify 864 if (jv == null) 865 return super.getInputStream(ze); 866 } 867 868 // wrap a verifier stream around the real stream 869 return new JarVerifier.VerifierStream( 870 getManifestFromReference(), 871 verifiableEntry(ze), 872 super.getInputStream(ze), 873 jv); 874 } 875 876 private JarEntry verifiableEntry(ZipEntry ze) { 877 if (ze instanceof JarFileEntry) { 878 // assure the name and entry match for verification 879 return ((JarFileEntry)ze).reifiedEntry(); 880 } 881 ze = getJarEntry(ze.getName()); 882 if (ze instanceof JarFileEntry) { 883 return ((JarFileEntry)ze).reifiedEntry(); 884 } 885 return (JarEntry)ze; 886 } 887 888 // Statics for hand-coded Boyer-Moore search 889 private static final byte[] CLASSPATH_CHARS = 890 {'C','L','A','S','S','-','P','A','T','H', ':', ' '}; 891 892 // The bad character shift for "class-path:" 893 private static final byte[] CLASSPATH_LASTOCC; 894 895 private static final byte[] MULTIRELEASE_CHARS = 896 {'M','U','L','T','I','-','R','E','L','E', 'A', 'S', 'E', ':', 897 ' ', 'T', 'R', 'U', 'E'}; 898 899 // The bad character shift for "multi-release: " 900 private static final byte[] MULTIRELEASE_LASTOCC; 901 902 static { 903 CLASSPATH_LASTOCC = new byte[64]; 904 CLASSPATH_LASTOCC[(int)'C' - 32] = 1; 905 CLASSPATH_LASTOCC[(int)'L' - 32] = 2; 906 CLASSPATH_LASTOCC[(int)'S' - 32] = 5; 907 CLASSPATH_LASTOCC[(int)'-' - 32] = 6; 908 CLASSPATH_LASTOCC[(int)'P' - 32] = 7; 909 CLASSPATH_LASTOCC[(int)'A' - 32] = 8; 910 CLASSPATH_LASTOCC[(int)'T' - 32] = 9; 911 CLASSPATH_LASTOCC[(int)'H' - 32] = 10; 912 CLASSPATH_LASTOCC[(int)':' - 32] = 11; 913 CLASSPATH_LASTOCC[(int)' ' - 32] = 12; 914 915 MULTIRELEASE_LASTOCC = new byte[64]; 916 MULTIRELEASE_LASTOCC[(int)'M' - 32] = 1; 917 MULTIRELEASE_LASTOCC[(int)'I' - 32] = 5; 918 MULTIRELEASE_LASTOCC[(int)'-' - 32] = 6; 919 MULTIRELEASE_LASTOCC[(int)'L' - 32] = 9; 920 MULTIRELEASE_LASTOCC[(int)'A' - 32] = 11; 921 MULTIRELEASE_LASTOCC[(int)'S' - 32] = 12; 922 MULTIRELEASE_LASTOCC[(int)':' - 32] = 14; 923 MULTIRELEASE_LASTOCC[(int)' ' - 32] = 15; 924 MULTIRELEASE_LASTOCC[(int)'T' - 32] = 16; 925 MULTIRELEASE_LASTOCC[(int)'R' - 32] = 17; 926 MULTIRELEASE_LASTOCC[(int)'U' - 32] = 18; 927 MULTIRELEASE_LASTOCC[(int)'E' - 32] = 19; 928 } 929 930 private JarEntry getManEntry() { 931 if (manEntry == null) { 932 // First look up manifest entry using standard name 933 ZipEntry manEntry = super.getEntry(MANIFEST_NAME); 934 if (manEntry == null) { 935 // If not found, then iterate through all the "META-INF/" 936 // entries to find a match. 937 String[] names = getMetaInfEntryNames(); 938 if (names != null) { 939 for (String name : names) { 940 if (MANIFEST_NAME.equals(name.toUpperCase(Locale.ENGLISH))) { 941 manEntry = super.getEntry(name); 942 break; 943 } 944 } 945 } 946 } 947 this.manEntry = (manEntry == null) 948 ? null 949 : new JarFileEntry(manEntry.getName(), manEntry); 950 } 951 return manEntry; 952 } 953 954 /** 955 * Returns {@code true} iff this JAR file has a manifest with the 956 * Class-Path attribute 957 */ 958 boolean hasClassPathAttribute() throws IOException { 959 checkForSpecialAttributes(); 960 return hasClassPathAttribute; 961 } 962 963 /** 964 * Returns true if the pattern {@code src} is found in {@code b}. 965 * The {@code lastOcc} array is the precomputed bad character shifts. 966 * Since there are no repeated substring in our search strings, 967 * the good suffix shifts can be replaced with a comparison. 968 */ 969 private int match(byte[] src, byte[] b, byte[] lastOcc) { 970 int len = src.length; 971 int last = b.length - len; 972 int i = 0; 973 next: 974 while (i <= last) { 975 for (int j = (len - 1); j >= 0; j--) { 976 byte c = b[i + j]; 977 if (c >= ' ' && c <= 'z') { 978 if (c >= 'a') c -= 32; // Canonicalize 979 980 if (c != src[j]) { 981 // no match 982 int goodShift = (j < len - 1) ? len : 1; 983 int badShift = lastOcc[c - 32]; 984 i += Math.max(j + 1 - badShift, goodShift); 985 continue next; 986 } 987 } else { 988 // no match, character not valid for name 989 i += len; 990 continue next; 991 } 992 } 993 return i; 994 } 995 return -1; 996 } 997 998 /** 999 * On first invocation, check if the JAR file has the Class-Path 1000 * and the Multi-Release attribute. A no-op on subsequent calls. 1001 */ 1002 private void checkForSpecialAttributes() throws IOException { 1003 if (hasCheckedSpecialAttributes) { 1004 return; 1005 } 1006 synchronized (this) { 1007 if (hasCheckedSpecialAttributes) { 1008 return; 1009 } 1010 JarEntry manEntry = getManEntry(); 1011 if (manEntry != null) { 1012 byte[] b = getBytes(manEntry); 1013 hasClassPathAttribute = match(CLASSPATH_CHARS, b, 1014 CLASSPATH_LASTOCC) != -1; 1015 // is this a multi-release jar file 1016 if (MULTI_RELEASE_ENABLED && version != BASE_VERSION) { 1017 int i = match(MULTIRELEASE_CHARS, b, MULTIRELEASE_LASTOCC); 1018 if (i != -1) { 1019 i += MULTIRELEASE_CHARS.length; 1020 if (i < b.length) { 1021 byte c = b[i++]; 1022 // Check that the value is followed by a newline 1023 // and does not have a continuation 1024 if (c == '\n' && 1025 (i == b.length || b[i] != ' ')) { 1026 isMultiRelease = true; 1027 } else if (c == '\r') { 1028 if (i == b.length) { 1029 isMultiRelease = true; 1030 } else { 1031 c = b[i++]; 1032 if (c == '\n') { 1033 if (i == b.length || b[i] != ' ') { 1034 isMultiRelease = true; 1035 } 1036 } else if (c != ' ') { 1037 isMultiRelease = true; 1038 } 1039 } 1040 } 1041 } 1042 } 1043 } 1044 } 1045 hasCheckedSpecialAttributes = true; 1046 } 1047 } 1048 1049 private synchronized void ensureInitialization() { 1050 try { 1051 maybeInstantiateVerifier(); 1052 } catch (IOException e) { 1053 throw new RuntimeException(e); 1054 } 1055 if (jv != null && !jvInitialized) { 1056 initializeVerifier(); 1057 jvInitialized = true; 1058 } 1059 } 1060 1061 JarEntry newEntry(ZipEntry ze) { 1062 return new JarFileEntry(ze); 1063 } 1064 1065 Enumeration<String> entryNames(CodeSource[] cs) { 1066 ensureInitialization(); 1067 if (jv != null) { 1068 return jv.entryNames(this, cs); 1069 } 1070 1071 /* 1072 * JAR file has no signed content. Is there a non-signing 1073 * code source? 1074 */ 1075 boolean includeUnsigned = false; 1076 for (CodeSource c : cs) { 1077 if (c.getCodeSigners() == null) { 1078 includeUnsigned = true; 1079 break; 1080 } 1081 } 1082 if (includeUnsigned) { 1083 return unsignedEntryNames(); 1084 } else { 1085 return new Enumeration<>() { 1086 1087 public boolean hasMoreElements() { 1088 return false; 1089 } 1090 1091 public String nextElement() { 1092 throw new NoSuchElementException(); 1093 } 1094 }; 1095 } 1096 } 1097 1098 /** 1099 * Returns an enumeration of the zip file entries 1100 * excluding internal JAR mechanism entries and including 1101 * signed entries missing from the ZIP directory. 1102 */ 1103 Enumeration<JarEntry> entries2() { 1104 ensureInitialization(); 1105 if (jv != null) { 1106 return jv.entries2(this, super.entries()); 1107 } 1108 1109 // screen out entries which are never signed 1110 final Enumeration<? extends ZipEntry> enum_ = super.entries(); 1111 return new Enumeration<>() { 1112 1113 ZipEntry entry; 1114 1115 public boolean hasMoreElements() { 1116 if (entry != null) { 1117 return true; 1118 } 1119 while (enum_.hasMoreElements()) { 1120 ZipEntry ze = enum_.nextElement(); 1121 if (JarVerifier.isSigningRelated(ze.getName())) { 1122 continue; 1123 } 1124 entry = ze; 1125 return true; 1126 } 1127 return false; 1128 } 1129 1130 public JarFileEntry nextElement() { 1131 if (hasMoreElements()) { 1132 ZipEntry ze = entry; 1133 entry = null; 1134 return new JarFileEntry(ze); 1135 } 1136 throw new NoSuchElementException(); 1137 } 1138 }; 1139 } 1140 1141 CodeSource[] getCodeSources(URL url) { 1142 ensureInitialization(); 1143 if (jv != null) { 1144 return jv.getCodeSources(this, url); 1145 } 1146 1147 /* 1148 * JAR file has no signed content. Is there a non-signing 1149 * code source? 1150 */ 1151 Enumeration<String> unsigned = unsignedEntryNames(); 1152 if (unsigned.hasMoreElements()) { 1153 return new CodeSource[]{JarVerifier.getUnsignedCS(url)}; 1154 } else { 1155 return null; 1156 } 1157 } 1158 1159 private Enumeration<String> unsignedEntryNames() { 1160 final Enumeration<JarEntry> entries = entries(); 1161 return new Enumeration<>() { 1162 1163 String name; 1164 1165 /* 1166 * Grab entries from ZIP directory but screen out 1167 * metadata. 1168 */ 1169 public boolean hasMoreElements() { 1170 if (name != null) { 1171 return true; 1172 } 1173 while (entries.hasMoreElements()) { 1174 String value; 1175 ZipEntry e = entries.nextElement(); 1176 value = e.getName(); 1177 if (e.isDirectory() || JarVerifier.isSigningRelated(value)) { 1178 continue; 1179 } 1180 name = value; 1181 return true; 1182 } 1183 return false; 1184 } 1185 1186 public String nextElement() { 1187 if (hasMoreElements()) { 1188 String value = name; 1189 name = null; 1190 return value; 1191 } 1192 throw new NoSuchElementException(); 1193 } 1194 }; 1195 } 1196 1197 CodeSource getCodeSource(URL url, String name) { 1198 ensureInitialization(); 1199 if (jv != null) { 1200 if (jv.eagerValidation) { 1201 CodeSource cs = null; 1202 JarEntry je = getJarEntry(name); 1203 if (je != null) { 1204 cs = jv.getCodeSource(url, this, je); 1205 } else { 1206 cs = jv.getCodeSource(url, name); 1207 } 1208 return cs; 1209 } else { 1210 return jv.getCodeSource(url, name); 1211 } 1212 } 1213 1214 return JarVerifier.getUnsignedCS(url); 1215 } 1216 1217 void setEagerValidation(boolean eager) { 1218 try { 1219 maybeInstantiateVerifier(); 1220 } catch (IOException e) { 1221 throw new RuntimeException(e); 1222 } 1223 if (jv != null) { 1224 jv.setEagerValidation(eager); 1225 } 1226 } 1227 1228 List<Object> getManifestDigests() { 1229 ensureInitialization(); 1230 if (jv != null) { 1231 return jv.getManifestDigests(); 1232 } 1233 return new ArrayList<>(); 1234 } 1235 }