1 /* 2 * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.util.jar; 27 28 import jdk.internal.misc.SharedSecrets; 29 import jdk.internal.misc.JavaUtilZipFileAccess; 30 import sun.security.action.GetPropertyAction; 31 import sun.security.util.ManifestEntryVerifier; 32 import sun.security.util.SignatureFileVerifier; 33 34 import java.io.ByteArrayInputStream; 35 import java.io.EOFException; 36 import java.io.File; 37 import java.io.IOException; 38 import java.io.InputStream; 39 import java.lang.ref.SoftReference; 40 import java.net.URL; 41 import java.security.CodeSigner; 42 import java.security.CodeSource; 43 import java.security.cert.Certificate; 44 import java.util.ArrayList; 45 import java.util.Enumeration; 46 import java.util.List; 47 import java.util.Locale; 48 import java.util.NoSuchElementException; 49 import java.util.Objects; 50 import java.util.function.Function; 51 import java.util.stream.Stream; 52 import java.util.zip.ZipEntry; 53 import java.util.zip.ZipException; 54 import java.util.zip.ZipFile; 55 56 /** 57 * The {@code JarFile} class is used to read the contents of a jar file 58 * from any file that can be opened with {@code java.io.RandomAccessFile}. 59 * It extends the class {@code java.util.zip.ZipFile} with support 60 * for reading an optional {@code Manifest} entry, and support for 61 * processing multi-release jar files. The {@code Manifest} can be used 62 * to specify meta-information about the jar file and its entries. 63 * 64 * <p><a id="multirelease">A multi-release jar file</a> is a jar file that 65 * contains a manifest with a main attribute named "Multi-Release", 66 * a set of "base" entries, some of which are public classes with public 67 * or protected methods that comprise the public interface of the jar file, 68 * and a set of "versioned" entries contained in subdirectories of the 69 * "META-INF/versions" directory. The versioned entries are partitioned by the 70 * major version of the Java platform. A versioned entry, with a version 71 * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides 72 * the base entry as well as any entry with a version number {@code i} where 73 * {@code 8 < i < n}. 74 * 75 * <p>By default, a {@code JarFile} for a multi-release jar file is configured 76 * to process the multi-release jar file as if it were a plain (unversioned) jar 77 * file, and as such an entry name is associated with at most one base entry. 78 * The {@code JarFile} may be configured to process a multi-release jar file by 79 * creating the {@code JarFile} with the 80 * {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} constructor. The 81 * {@code Runtime.Version} object sets a maximum version used when searching for 82 * versioned entries. When so configured, an entry name 83 * can correspond with at most one base entry and zero or more versioned 84 * entries. A search is required to associate the entry name with the latest 85 * versioned entry whose version is less than or equal to the maximum version 86 * (see {@link #getEntry(String)}). 87 * 88 * <p>Class loaders that utilize {@code JarFile} to load classes from the 89 * contents of {@code JarFile} entries should construct the {@code JarFile} 90 * by invoking the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} 91 * constructor with the value {@code Runtime.version()} assigned to the last 92 * argument. This assures that classes compatible with the major 93 * version of the running JVM are loaded from multi-release jar files. 94 * 95 * <p>If the verify flag is on when opening a signed jar file, the content of 96 * the file is verified against its signature embedded inside the file. Please 97 * note that the verification process does not include validating the signer's 98 * certificate. A caller should inspect the return value of 99 * {@link JarEntry#getCodeSigners()} to further determine if the signature 100 * can be trusted. 101 * 102 * <p> Unless otherwise noted, passing a {@code null} argument to a constructor 103 * or method in this class will cause a {@link NullPointerException} to be 104 * thrown. 105 * 106 * @implNote 107 * <div class="block"> 108 * If the API can not be used to configure a {@code JarFile} (e.g. to override 109 * the configuration of a compiled application or library), two {@code System} 110 * properties are available. 111 * <ul> 112 * <li> 113 * {@code jdk.util.jar.version} can be assigned a value that is the 114 * {@code String} representation of a non-negative integer 115 * {@code <= Runtime.version().major()}. The value is used to set the effective 116 * runtime version to something other than the default value obtained by 117 * evaluating {@code Runtime.version().major()}. The effective runtime version 118 * is the version that the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} 119 * constructor uses when the value of the last argument is 120 * {@code JarFile.runtimeVersion()}. 121 * </li> 122 * <li> 123 * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three 124 * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>. The 125 * value <em>true</em>, the default value, enables multi-release jar file 126 * processing. The value <em>false</em> disables multi-release jar processing, 127 * ignoring the "Multi-Release" manifest attribute, and the versioned 128 * directories in a multi-release jar file if they exist. Furthermore, 129 * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value 130 * <em>force</em> causes the {@code JarFile} to be initialized to runtime 131 * versioning after construction. It effectively does the same as this code: 132 * {@code (new JarFile(File, boolean, int, JarFile.runtimeVersion())}. 133 * </li> 134 * </ul> 135 * </div> 136 * 137 * @author David Connelly 138 * @see Manifest 139 * @see java.util.zip.ZipFile 140 * @see java.util.jar.JarEntry 141 * @since 1.2 142 */ 143 public 144 class JarFile extends ZipFile { 145 private final static Runtime.Version BASE_VERSION; 146 private final static int BASE_VERSION_MAJOR; 147 private final static Runtime.Version RUNTIME_VERSION; 148 private final static boolean MULTI_RELEASE_ENABLED; 149 private final static boolean MULTI_RELEASE_FORCED; 150 private SoftReference<Manifest> manRef; 151 private JarEntry manEntry; 152 private JarVerifier jv; 153 private boolean jvInitialized; 154 private boolean verify; 155 private final Runtime.Version version; // current version 156 private final int versionMajor; // version.major() 157 private boolean isMultiRelease; // is jar multi-release? 158 159 // indicates if Class-Path attribute present 160 private boolean hasClassPathAttribute; 161 // true if manifest checked for special attributes 162 private volatile boolean hasCheckedSpecialAttributes; 163 164 private static final JavaUtilZipFileAccess JUZFA; 165 166 static { 167 // Set up JavaUtilJarAccess in SharedSecrets 168 SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl()); 169 // Get JavaUtilZipFileAccess from SharedSecrets 170 JUZFA = jdk.internal.misc.SharedSecrets.getJavaUtilZipFileAccess(); 171 // multi-release jar file versions >= 9 172 BASE_VERSION = Runtime.Version.parse(Integer.toString(8)); 173 BASE_VERSION_MAJOR = BASE_VERSION.major(); 174 String jarVersion = GetPropertyAction.privilegedGetProperty("jdk.util.jar.version"); 175 int runtimeVersion = Runtime.version().major(); 176 if (jarVersion != null) { 177 int jarVer = Integer.parseInt(jarVersion); 178 runtimeVersion = (jarVer > runtimeVersion) 179 ? runtimeVersion 180 : Math.max(jarVer, BASE_VERSION_MAJOR); 181 } 182 RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion)); 183 String enableMultiRelease = GetPropertyAction 184 .privilegedGetProperty("jdk.util.jar.enableMultiRelease", "true"); 185 switch (enableMultiRelease) { 186 case "true": 187 default: 188 MULTI_RELEASE_ENABLED = true; 189 MULTI_RELEASE_FORCED = false; 190 break; 191 case "false": 192 MULTI_RELEASE_ENABLED = false; 193 MULTI_RELEASE_FORCED = false; 194 break; 195 case "force": 196 MULTI_RELEASE_ENABLED = true; 197 MULTI_RELEASE_FORCED = true; 198 break; 199 } 200 } 201 202 private static final String META_INF = "META-INF/"; 203 204 private static final String META_INF_VERSIONS = META_INF + "versions/"; 205 206 /** 207 * The JAR manifest file name. 208 */ 209 public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF"; 210 211 /** 212 * Returns the version that represents the unversioned configuration of a 213 * multi-release jar file. 214 * 215 * @return the version that represents the unversioned configuration 216 * 217 * @since 9 218 */ 219 public static Runtime.Version baseVersion() { 220 return BASE_VERSION; 221 } 222 223 /** 224 * Returns the version that represents the effective runtime versioned 225 * configuration of a multi-release jar file. 226 * <p> 227 * By default the major version number of the returned {@code Version} will 228 * be equal to the major version number of {@code Runtime.version()}. 229 * However, if the {@code jdk.util.jar.version} property is set, the 230 * returned {@code Version} is derived from that property and major version 231 * numbers may not be equal. 232 * 233 * @return the version that represents the runtime versioned configuration 234 * 235 * @since 9 236 */ 237 public static Runtime.Version runtimeVersion() { 238 return RUNTIME_VERSION; 239 } 240 241 /** 242 * Creates a new {@code JarFile} to read from the specified 243 * file {@code name}. The {@code JarFile} will be verified if 244 * it is signed. 245 * @param name the name of the jar file to be opened for reading 246 * @throws IOException if an I/O error has occurred 247 * @throws SecurityException if access to the file is denied 248 * by the SecurityManager 249 */ 250 public JarFile(String name) throws IOException { 251 this(new File(name), true, ZipFile.OPEN_READ); 252 } 253 254 /** 255 * Creates a new {@code JarFile} to read from the specified 256 * file {@code name}. 257 * @param name the name of the jar file to be opened for reading 258 * @param verify whether or not to verify the jar file if 259 * it is signed. 260 * @throws IOException if an I/O error has occurred 261 * @throws SecurityException if access to the file is denied 262 * by the SecurityManager 263 */ 264 public JarFile(String name, boolean verify) throws IOException { 265 this(new File(name), verify, ZipFile.OPEN_READ); 266 } 267 268 /** 269 * Creates a new {@code JarFile} to read from the specified 270 * {@code File} object. The {@code JarFile} will be verified if 271 * it is signed. 272 * @param file the jar file to be opened for reading 273 * @throws IOException if an I/O error has occurred 274 * @throws SecurityException if access to the file is denied 275 * by the SecurityManager 276 */ 277 public JarFile(File file) throws IOException { 278 this(file, true, ZipFile.OPEN_READ); 279 } 280 281 /** 282 * Creates a new {@code JarFile} to read from the specified 283 * {@code File} object. 284 * @param file the jar file to be opened for reading 285 * @param verify whether or not to verify the jar file if 286 * it is signed. 287 * @throws IOException if an I/O error has occurred 288 * @throws SecurityException if access to the file is denied 289 * by the SecurityManager. 290 */ 291 public JarFile(File file, boolean verify) throws IOException { 292 this(file, verify, ZipFile.OPEN_READ); 293 } 294 295 /** 296 * Creates a new {@code JarFile} to read from the specified 297 * {@code File} object in the specified mode. The mode argument 298 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}. 299 * 300 * @param file the jar file to be opened for reading 301 * @param verify whether or not to verify the jar file if 302 * it is signed. 303 * @param mode the mode in which the file is to be opened 304 * @throws IOException if an I/O error has occurred 305 * @throws IllegalArgumentException 306 * if the {@code mode} argument is invalid 307 * @throws SecurityException if access to the file is denied 308 * by the SecurityManager 309 * @since 1.3 310 */ 311 public JarFile(File file, boolean verify, int mode) throws IOException { 312 this(file, verify, mode, BASE_VERSION); 313 } 314 315 /** 316 * Creates a new {@code JarFile} to read from the specified 317 * {@code File} object in the specified mode. The mode argument 318 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}. 319 * The version argument, after being converted to a canonical form, is 320 * used to configure the {@code JarFile} for processing 321 * multi-release jar files. 322 * <p> 323 * The canonical form derived from the version parameter is 324 * {@code Runtime.Version.parse(Integer.toString(n))} where {@code n} is 325 * {@code Math.max(version.major(), JarFile.baseVersion().major())}. 326 * 327 * @param file the jar file to be opened for reading 328 * @param verify whether or not to verify the jar file if 329 * it is signed. 330 * @param mode the mode in which the file is to be opened 331 * @param version specifies the release version for a multi-release jar file 332 * @throws IOException if an I/O error has occurred 333 * @throws IllegalArgumentException 334 * if the {@code mode} argument is invalid 335 * @throws SecurityException if access to the file is denied 336 * by the SecurityManager 337 * @throws NullPointerException if {@code version} is {@code null} 338 * @since 9 339 */ 340 public JarFile(File file, boolean verify, int mode, Runtime.Version version) throws IOException { 341 super(file, mode); 342 this.verify = verify; 343 Objects.requireNonNull(version); 344 if (MULTI_RELEASE_FORCED || version.major() == RUNTIME_VERSION.major()) { 345 // This deals with the common case where the value from JarFile.runtimeVersion() is passed 346 this.version = RUNTIME_VERSION; 347 } else if (version.major() <= BASE_VERSION_MAJOR) { 348 // This also deals with the common case where the value from JarFile.baseVersion() is passed 349 this.version = BASE_VERSION; 350 } else { 351 // Canonicalize 352 this.version = Runtime.Version.parse(Integer.toString(version.major())); 353 } 354 this.versionMajor = this.version.major(); 355 } 356 357 /** 358 * Returns the maximum version used when searching for versioned entries. 359 * <p> 360 * If this {@code JarFile} is not a multi-release jar file or is not 361 * configured to be processed as such, then the version returned will be the 362 * same as that returned from {@link #baseVersion()}. 363 * 364 * @return the maximum version 365 * @since 9 366 */ 367 public final Runtime.Version getVersion() { 368 return isMultiRelease() ? this.version : BASE_VERSION; 369 } 370 371 /** 372 * Indicates whether or not this jar file is a multi-release jar file. 373 * 374 * @return true if this JarFile is a multi-release jar file 375 * @since 9 376 */ 377 public final boolean isMultiRelease() { 378 if (isMultiRelease) { 379 return true; 380 } 381 if (MULTI_RELEASE_ENABLED) { 382 try { 383 checkForSpecialAttributes(); 384 } catch (IOException io) { 385 isMultiRelease = false; 386 } 387 } 388 return isMultiRelease; 389 } 390 391 /** 392 * Returns the jar file manifest, or {@code null} if none. 393 * 394 * @return the jar file manifest, or {@code null} if none 395 * 396 * @throws IllegalStateException 397 * may be thrown if the jar file has been closed 398 * @throws IOException if an I/O error has occurred 399 */ 400 public Manifest getManifest() throws IOException { 401 return getManifestFromReference(); 402 } 403 404 private Manifest getManifestFromReference() throws IOException { 405 Manifest man = manRef != null ? manRef.get() : null; 406 407 if (man == null) { 408 409 JarEntry manEntry = getManEntry(); 410 411 // If found then load the manifest 412 if (manEntry != null) { 413 if (verify) { 414 byte[] b = getBytes(manEntry); 415 man = new Manifest(new ByteArrayInputStream(b)); 416 if (!jvInitialized) { 417 jv = new JarVerifier(b); 418 } 419 } else { 420 man = new Manifest(super.getInputStream(manEntry)); 421 } 422 manRef = new SoftReference<>(man); 423 } 424 } 425 return man; 426 } 427 428 private String[] getMetaInfEntryNames() { 429 return JUZFA.getMetaInfEntryNames((ZipFile)this); 430 } 431 432 /** 433 * Returns the {@code JarEntry} for the given base entry name or 434 * {@code null} if not found. 435 * 436 * <p>If this {@code JarFile} is a multi-release jar file and is configured 437 * to be processed as such, then a search is performed to find and return 438 * a {@code JarEntry} that is the latest versioned entry associated with the 439 * given entry name. The returned {@code JarEntry} is the versioned entry 440 * corresponding to the given base entry name prefixed with the string 441 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for 442 * which an entry exists. If such a versioned entry does not exist, then 443 * the {@code JarEntry} for the base entry is returned, otherwise 444 * {@code null} is returned if no entries are found. The initial value for 445 * the version {@code n} is the maximum version as returned by the method 446 * {@link JarFile#getVersion()}. 447 * 448 * @param name the jar file entry name 449 * @return the {@code JarEntry} for the given entry name, or 450 * the versioned entry name, or {@code null} if not found 451 * 452 * @throws IllegalStateException 453 * may be thrown if the jar file has been closed 454 * 455 * @see java.util.jar.JarEntry 456 * 457 * @implSpec 458 * <div class="block"> 459 * This implementation invokes {@link JarFile#getEntry(String)}. 460 * </div> 461 */ 462 public JarEntry getJarEntry(String name) { 463 return (JarEntry)getEntry(name); 464 } 465 466 /** 467 * Returns the {@code ZipEntry} for the given base entry name or 468 * {@code null} if not found. 469 * 470 * <p>If this {@code JarFile} is a multi-release jar file and is configured 471 * to be processed as such, then a search is performed to find and return 472 * a {@code ZipEntry} that is the latest versioned entry associated with the 473 * given entry name. The returned {@code ZipEntry} is the versioned entry 474 * corresponding to the given base entry name prefixed with the string 475 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for 476 * which an entry exists. If such a versioned entry does not exist, then 477 * the {@code ZipEntry} for the base entry is returned, otherwise 478 * {@code null} is returned if no entries are found. The initial value for 479 * the version {@code n} is the maximum version as returned by the method 480 * {@link JarFile#getVersion()}. 481 * 482 * @param name the jar file entry name 483 * @return the {@code ZipEntry} for the given entry name or 484 * the versioned entry name or {@code null} if not found 485 * 486 * @throws IllegalStateException 487 * may be thrown if the jar file has been closed 488 * 489 * @see java.util.zip.ZipEntry 490 * 491 * @implSpec 492 * <div class="block"> 493 * This implementation may return a versioned entry for the requested name 494 * even if there is not a corresponding base entry. This can occur 495 * if there is a private or package-private versioned entry that matches. 496 * If a subclass overrides this method, assure that the override method 497 * invokes {@code super.getEntry(name)} to obtain all versioned entries. 498 * </div> 499 */ 500 public ZipEntry getEntry(String name) { 501 JarFileEntry je = getEntry0(name); 502 if (isMultiRelease()) { 503 return getVersionedEntry(name, je); 504 } 505 return je; 506 } 507 508 /** 509 * Returns an enumeration of the jar file entries. 510 * 511 * @return an enumeration of the jar file entries 512 * @throws IllegalStateException 513 * may be thrown if the jar file has been closed 514 */ 515 public Enumeration<JarEntry> entries() { 516 return JUZFA.entries(this, JarFileEntry::new); 517 } 518 519 /** 520 * Returns an ordered {@code Stream} over the jar file entries. 521 * Entries appear in the {@code Stream} in the order they appear in 522 * the central directory of the jar file. 523 * 524 * @return an ordered {@code Stream} of entries in this jar file 525 * @throws IllegalStateException if the jar file has been closed 526 * @since 1.8 527 */ 528 public Stream<JarEntry> stream() { 529 return JUZFA.stream(this, JarFileEntry::new); 530 } 531 532 /** 533 * Returns a {@code Stream} of the versioned jar file entries. 534 * 535 * <p>If this {@code JarFile} is a multi-release jar file and is configured to 536 * be processed as such, then an entry in the stream is the latest versioned entry 537 * associated with the corresponding base entry name. The maximum version of the 538 * latest versioned entry is the version returned by {@link #getVersion()}. 539 * The returned stream may include an entry that only exists as a versioned entry. 540 * 541 * If the jar file is not a multi-release jar file or the {@code JarFile} is not 542 * configured for processing a multi-release jar file, this method returns the 543 * same stream that {@link #stream()} returns. 544 * 545 * @return stream of versioned entries 546 * @since 10 547 */ 548 public Stream<JarEntry> versionedStream() { 549 550 if (isMultiRelease()) { 551 return JUZFA.entryNameStream(this).map(this::getBasename) 552 .filter(Objects::nonNull) 553 .distinct() 554 .map(this::getJarEntry); 555 } 556 return stream(); 557 } 558 559 /* 560 * Invokes {@ZipFile}'s getEntry to Return a {@code JarFileEntry} for the 561 * given entry name or {@code null} if not found. 562 */ 563 private JarFileEntry getEntry0(String name) { 564 // Not using a lambda/method reference here to optimize startup time 565 Function<String, JarEntry> newJarFileEntryFn = new Function<>() { 566 @Override 567 public JarEntry apply(String name) { 568 return new JarFileEntry(name); 569 } 570 }; 571 return (JarFileEntry)JUZFA.getEntry(this, name, newJarFileEntryFn); 572 } 573 574 private String getBasename(String name) { 575 if (name.startsWith(META_INF_VERSIONS)) { 576 int off = META_INF_VERSIONS.length(); 577 int index = name.indexOf('/', off); 578 try { 579 // filter out dir META-INF/versions/ and META-INF/versions/*/ 580 // and any entry with version > 'version' 581 if (index == -1 || index == (name.length() - 1) || 582 Integer.parseInt(name, off, index, 10) > versionMajor) { 583 return null; 584 } 585 } catch (NumberFormatException x) { 586 return null; // remove malformed entries silently 587 } 588 // map to its base name 589 return name.substring(index + 1); 590 } 591 return name; 592 } 593 594 private JarEntry getVersionedEntry(String name, JarEntry je) { 595 if (BASE_VERSION_MAJOR < versionMajor) { 596 if (!name.startsWith(META_INF)) { 597 // search for versioned entry 598 int v = versionMajor; 599 while (v > BASE_VERSION_MAJOR) { 600 JarFileEntry vje = getEntry0(META_INF_VERSIONS + v + "/" + name); 601 if (vje != null) { 602 return vje.withBasename(name); 603 } 604 v--; 605 } 606 } 607 } 608 return je; 609 } 610 611 // placeholder for now 612 String getRealName(JarEntry entry) { 613 return entry.getRealName(); 614 } 615 616 private class JarFileEntry extends JarEntry { 617 private String basename; 618 619 JarFileEntry(String name) { 620 super(name); 621 this.basename = name; 622 } 623 624 JarFileEntry(String name, ZipEntry vze) { 625 super(vze); 626 this.basename = name; 627 } 628 629 @Override 630 public Attributes getAttributes() throws IOException { 631 Manifest man = JarFile.this.getManifest(); 632 if (man != null) { 633 return man.getAttributes(super.getName()); 634 } else { 635 return null; 636 } 637 } 638 639 @Override 640 public Certificate[] getCertificates() { 641 try { 642 maybeInstantiateVerifier(); 643 } catch (IOException e) { 644 throw new RuntimeException(e); 645 } 646 if (certs == null && jv != null) { 647 certs = jv.getCerts(JarFile.this, realEntry()); 648 } 649 return certs == null ? null : certs.clone(); 650 } 651 652 @Override 653 public CodeSigner[] getCodeSigners() { 654 try { 655 maybeInstantiateVerifier(); 656 } catch (IOException e) { 657 throw new RuntimeException(e); 658 } 659 if (signers == null && jv != null) { 660 signers = jv.getCodeSigners(JarFile.this, realEntry()); 661 } 662 return signers == null ? null : signers.clone(); 663 } 664 665 @Override 666 public String getRealName() { 667 return super.getName(); 668 } 669 670 @Override 671 public String getName() { 672 return basename; 673 } 674 675 JarFileEntry realEntry() { 676 if (isMultiRelease() && versionMajor != BASE_VERSION_MAJOR) { 677 String entryName = super.getName(); 678 return entryName == basename || entryName.equals(basename) ? 679 this : new JarFileEntry(entryName, this); 680 } 681 return this; 682 } 683 684 // changes the basename, returns "this" 685 JarFileEntry withBasename(String name) { 686 basename = name; 687 return this; 688 } 689 } 690 691 /* 692 * Ensures that the JarVerifier has been created if one is 693 * necessary (i.e., the jar appears to be signed.) This is done as 694 * a quick check to avoid processing of the manifest for unsigned 695 * jars. 696 */ 697 private void maybeInstantiateVerifier() throws IOException { 698 if (jv != null) { 699 return; 700 } 701 702 if (verify) { 703 String[] names = getMetaInfEntryNames(); 704 if (names != null) { 705 for (String nameLower : names) { 706 String name = nameLower.toUpperCase(Locale.ENGLISH); 707 if (name.endsWith(".DSA") || 708 name.endsWith(".RSA") || 709 name.endsWith(".EC") || 710 name.endsWith(".SF")) { 711 // Assume since we found a signature-related file 712 // that the jar is signed and that we therefore 713 // need a JarVerifier and Manifest 714 getManifest(); 715 return; 716 } 717 } 718 } 719 // No signature-related files; don't instantiate a 720 // verifier 721 verify = false; 722 } 723 } 724 725 /* 726 * Initializes the verifier object by reading all the manifest 727 * entries and passing them to the verifier. 728 */ 729 private void initializeVerifier() { 730 ManifestEntryVerifier mev = null; 731 732 // Verify "META-INF/" entries... 733 try { 734 String[] names = getMetaInfEntryNames(); 735 if (names != null) { 736 for (String name : names) { 737 String uname = name.toUpperCase(Locale.ENGLISH); 738 if (MANIFEST_NAME.equals(uname) 739 || SignatureFileVerifier.isBlockOrSF(uname)) { 740 JarEntry e = getJarEntry(name); 741 if (e == null) { 742 throw new JarException("corrupted jar file"); 743 } 744 if (mev == null) { 745 mev = new ManifestEntryVerifier 746 (getManifestFromReference()); 747 } 748 byte[] b = getBytes(e); 749 if (b != null && b.length > 0) { 750 jv.beginEntry(e, mev); 751 jv.update(b.length, b, 0, b.length, mev); 752 jv.update(-1, null, 0, 0, mev); 753 } 754 } 755 } 756 } 757 } catch (IOException ex) { 758 // if we had an error parsing any blocks, just 759 // treat the jar file as being unsigned 760 jv = null; 761 verify = false; 762 if (JarVerifier.debug != null) { 763 JarVerifier.debug.println("jarfile parsing error!"); 764 ex.printStackTrace(); 765 } 766 } 767 768 // if after initializing the verifier we have nothing 769 // signed, we null it out. 770 771 if (jv != null) { 772 773 jv.doneWithMeta(); 774 if (JarVerifier.debug != null) { 775 JarVerifier.debug.println("done with meta!"); 776 } 777 778 if (jv.nothingToVerify()) { 779 if (JarVerifier.debug != null) { 780 JarVerifier.debug.println("nothing to verify!"); 781 } 782 jv = null; 783 verify = false; 784 } 785 } 786 } 787 788 /* 789 * Reads all the bytes for a given entry. Used to process the 790 * META-INF files. 791 */ 792 private byte[] getBytes(ZipEntry ze) throws IOException { 793 try (InputStream is = super.getInputStream(ze)) { 794 int len = (int)ze.getSize(); 795 int bytesRead; 796 byte[] b; 797 // trust specified entry sizes when reasonably small 798 if (len != -1 && len <= 65535) { 799 b = new byte[len]; 800 bytesRead = is.readNBytes(b, 0, len); 801 } else { 802 b = is.readAllBytes(); 803 bytesRead = b.length; 804 } 805 if (len != -1 && len != bytesRead) { 806 throw new EOFException("Expected:" + len + ", read:" + bytesRead); 807 } 808 return b; 809 } 810 } 811 812 /** 813 * Returns an input stream for reading the contents of the specified 814 * zip file entry. 815 * @param ze the zip file entry 816 * @return an input stream for reading the contents of the specified 817 * zip file entry 818 * @throws ZipException if a zip file format error has occurred 819 * @throws IOException if an I/O error has occurred 820 * @throws SecurityException if any of the jar file entries 821 * are incorrectly signed. 822 * @throws IllegalStateException 823 * may be thrown if the jar file has been closed 824 */ 825 public synchronized InputStream getInputStream(ZipEntry ze) 826 throws IOException 827 { 828 maybeInstantiateVerifier(); 829 if (jv == null) { 830 return super.getInputStream(ze); 831 } 832 if (!jvInitialized) { 833 initializeVerifier(); 834 jvInitialized = true; 835 // could be set to null after a call to 836 // initializeVerifier if we have nothing to 837 // verify 838 if (jv == null) 839 return super.getInputStream(ze); 840 } 841 842 // wrap a verifier stream around the real stream 843 return new JarVerifier.VerifierStream( 844 getManifestFromReference(), 845 verifiableEntry(ze), 846 super.getInputStream(ze), 847 jv); 848 } 849 850 private JarEntry verifiableEntry(ZipEntry ze) { 851 if (ze instanceof JarFileEntry) { 852 // assure the name and entry match for verification 853 return ((JarFileEntry)ze).realEntry(); 854 } 855 ze = getJarEntry(ze.getName()); 856 if (ze instanceof JarFileEntry) { 857 return ((JarFileEntry)ze).realEntry(); 858 } 859 return (JarEntry)ze; 860 } 861 862 // Statics for hand-coded Boyer-Moore search 863 private static final byte[] CLASSPATH_CHARS = 864 {'C','L','A','S','S','-','P','A','T','H', ':', ' '}; 865 866 // The bad character shift for "class-path: " 867 private static final byte[] CLASSPATH_LASTOCC; 868 869 // The good suffix shift for "class-path: " 870 private static final byte[] CLASSPATH_OPTOSFT; 871 872 private static final byte[] MULTIRELEASE_CHARS = 873 {'M','U','L','T','I','-','R','E','L','E', 'A', 'S', 'E', ':', 874 ' ', 'T', 'R', 'U', 'E'}; 875 876 // The bad character shift for "multi-release: true" 877 private static final byte[] MULTIRELEASE_LASTOCC; 878 879 // The good suffix shift for "multi-release: true" 880 private static final byte[] MULTIRELEASE_OPTOSFT; 881 882 static { 883 CLASSPATH_LASTOCC = new byte[65]; 884 CLASSPATH_OPTOSFT = new byte[12]; 885 CLASSPATH_LASTOCC[(int)'C' - 32] = 1; 886 CLASSPATH_LASTOCC[(int)'L' - 32] = 2; 887 CLASSPATH_LASTOCC[(int)'S' - 32] = 5; 888 CLASSPATH_LASTOCC[(int)'-' - 32] = 6; 889 CLASSPATH_LASTOCC[(int)'P' - 32] = 7; 890 CLASSPATH_LASTOCC[(int)'A' - 32] = 8; 891 CLASSPATH_LASTOCC[(int)'T' - 32] = 9; 892 CLASSPATH_LASTOCC[(int)'H' - 32] = 10; 893 CLASSPATH_LASTOCC[(int)':' - 32] = 11; 894 CLASSPATH_LASTOCC[(int)' ' - 32] = 12; 895 for (int i = 0; i < 11; i++) { 896 CLASSPATH_OPTOSFT[i] = 12; 897 } 898 CLASSPATH_OPTOSFT[11] = 1; 899 900 MULTIRELEASE_LASTOCC = new byte[65]; 901 MULTIRELEASE_OPTOSFT = new byte[19]; 902 MULTIRELEASE_LASTOCC[(int)'M' - 32] = 1; 903 MULTIRELEASE_LASTOCC[(int)'I' - 32] = 5; 904 MULTIRELEASE_LASTOCC[(int)'-' - 32] = 6; 905 MULTIRELEASE_LASTOCC[(int)'L' - 32] = 9; 906 MULTIRELEASE_LASTOCC[(int)'A' - 32] = 11; 907 MULTIRELEASE_LASTOCC[(int)'S' - 32] = 12; 908 MULTIRELEASE_LASTOCC[(int)':' - 32] = 14; 909 MULTIRELEASE_LASTOCC[(int)' ' - 32] = 15; 910 MULTIRELEASE_LASTOCC[(int)'T' - 32] = 16; 911 MULTIRELEASE_LASTOCC[(int)'R' - 32] = 17; 912 MULTIRELEASE_LASTOCC[(int)'U' - 32] = 18; 913 MULTIRELEASE_LASTOCC[(int)'E' - 32] = 19; 914 for (int i = 0; i < 17; i++) { 915 MULTIRELEASE_OPTOSFT[i] = 19; 916 } 917 MULTIRELEASE_OPTOSFT[17] = 6; 918 MULTIRELEASE_OPTOSFT[18] = 1; 919 } 920 921 private JarEntry getManEntry() { 922 if (manEntry == null) { 923 // First look up manifest entry using standard name 924 JarEntry manEntry = getEntry0(MANIFEST_NAME); 925 if (manEntry == null) { 926 // If not found, then iterate through all the "META-INF/" 927 // entries to find a match. 928 String[] names = getMetaInfEntryNames(); 929 if (names != null) { 930 for (String name : names) { 931 if (MANIFEST_NAME.equals(name.toUpperCase(Locale.ENGLISH))) { 932 manEntry = getEntry0(name); 933 break; 934 } 935 } 936 } 937 } 938 this.manEntry = manEntry; 939 } 940 return manEntry; 941 } 942 943 /** 944 * Returns {@code true} iff this JAR file has a manifest with the 945 * Class-Path attribute 946 */ 947 boolean hasClassPathAttribute() throws IOException { 948 checkForSpecialAttributes(); 949 return hasClassPathAttribute; 950 } 951 952 /** 953 * Returns true if the pattern {@code src} is found in {@code b}. 954 * The {@code lastOcc} array is the precomputed bad character shifts. 955 * Since there are no repeated substring in our search strings, 956 * the good suffix shifts can be replaced with a comparison. 957 */ 958 private int match(byte[] src, byte[] b, byte[] lastOcc, byte[] optoSft) { 959 int len = src.length; 960 int last = b.length - len; 961 int i = 0; 962 next: 963 while (i <= last) { 964 for (int j = (len - 1); j >= 0; j--) { 965 byte c = b[i + j]; 966 if (c >= ' ' && c <= 'z') { 967 if (c >= 'a') c -= 32; // Canonicalize 968 969 if (c != src[j]) { 970 // no match 971 int badShift = lastOcc[c - 32]; 972 i += Math.max(j + 1 - badShift, optoSft[j]); 973 continue next; 974 } 975 } else { 976 // no match, character not valid for name 977 i += len; 978 continue next; 979 } 980 } 981 return i; 982 } 983 return -1; 984 } 985 986 /** 987 * On first invocation, check if the JAR file has the Class-Path 988 * and the Multi-Release attribute. A no-op on subsequent calls. 989 */ 990 private void checkForSpecialAttributes() throws IOException { 991 if (hasCheckedSpecialAttributes) { 992 return; 993 } 994 synchronized (this) { 995 if (hasCheckedSpecialAttributes) { 996 return; 997 } 998 JarEntry manEntry = getManEntry(); 999 if (manEntry != null) { 1000 byte[] b = getBytes(manEntry); 1001 hasClassPathAttribute = match(CLASSPATH_CHARS, b, 1002 CLASSPATH_LASTOCC, CLASSPATH_OPTOSFT) != -1; 1003 // is this a multi-release jar file 1004 if (MULTI_RELEASE_ENABLED) { 1005 int i = match(MULTIRELEASE_CHARS, b, MULTIRELEASE_LASTOCC, 1006 MULTIRELEASE_OPTOSFT); 1007 if (i != -1) { 1008 i += MULTIRELEASE_CHARS.length; 1009 if (i < b.length) { 1010 byte c = b[i++]; 1011 // Check that the value is followed by a newline 1012 // and does not have a continuation 1013 if (c == '\n' && 1014 (i == b.length || b[i] != ' ')) { 1015 isMultiRelease = true; 1016 } else if (c == '\r') { 1017 if (i == b.length) { 1018 isMultiRelease = true; 1019 } else { 1020 c = b[i++]; 1021 if (c == '\n') { 1022 if (i == b.length || b[i] != ' ') { 1023 isMultiRelease = true; 1024 } 1025 } else if (c != ' ') { 1026 isMultiRelease = true; 1027 } 1028 } 1029 } 1030 } 1031 } 1032 } 1033 } 1034 hasCheckedSpecialAttributes = true; 1035 } 1036 } 1037 1038 private synchronized void ensureInitialization() { 1039 try { 1040 maybeInstantiateVerifier(); 1041 } catch (IOException e) { 1042 throw new RuntimeException(e); 1043 } 1044 if (jv != null && !jvInitialized) { 1045 initializeVerifier(); 1046 jvInitialized = true; 1047 } 1048 } 1049 1050 /* 1051 * Returns a versioned {@code JarFileEntry} for the given entry, 1052 * if there is one. Otherwise returns the original entry. This 1053 * is invoked by the {@code entries2} for verifier. 1054 */ 1055 JarEntry newEntry(JarEntry je) { 1056 if (isMultiRelease()) { 1057 return getVersionedEntry(je.getName(), je); 1058 } 1059 return je; 1060 } 1061 1062 /* 1063 * Returns a versioned {@code JarFileEntry} for the given entry 1064 * name, if there is one. Otherwise returns a {@code JarFileEntry} 1065 * with the given name. It is invoked from JarVerifier's entries2 1066 * for {@code singers}. 1067 */ 1068 JarEntry newEntry(String name) { 1069 if (isMultiRelease()) { 1070 JarEntry vje = getVersionedEntry(name, (JarEntry)null); 1071 if (vje != null) { 1072 return vje; 1073 } 1074 } 1075 return new JarFileEntry(name); 1076 } 1077 1078 Enumeration<String> entryNames(CodeSource[] cs) { 1079 ensureInitialization(); 1080 if (jv != null) { 1081 return jv.entryNames(this, cs); 1082 } 1083 1084 /* 1085 * JAR file has no signed content. Is there a non-signing 1086 * code source? 1087 */ 1088 boolean includeUnsigned = false; 1089 for (CodeSource c : cs) { 1090 if (c.getCodeSigners() == null) { 1091 includeUnsigned = true; 1092 break; 1093 } 1094 } 1095 if (includeUnsigned) { 1096 return unsignedEntryNames(); 1097 } else { 1098 return new Enumeration<>() { 1099 1100 public boolean hasMoreElements() { 1101 return false; 1102 } 1103 1104 public String nextElement() { 1105 throw new NoSuchElementException(); 1106 } 1107 }; 1108 } 1109 } 1110 1111 /** 1112 * Returns an enumeration of the zip file entries 1113 * excluding internal JAR mechanism entries and including 1114 * signed entries missing from the ZIP directory. 1115 */ 1116 Enumeration<JarEntry> entries2() { 1117 ensureInitialization(); 1118 if (jv != null) { 1119 return jv.entries2(this, JUZFA.entries(JarFile.this, 1120 JarFileEntry::new)); 1121 } 1122 1123 // screen out entries which are never signed 1124 final var unfilteredEntries = JUZFA.entries(JarFile.this, JarFileEntry::new); 1125 1126 return new Enumeration<>() { 1127 1128 JarEntry entry; 1129 1130 public boolean hasMoreElements() { 1131 if (entry != null) { 1132 return true; 1133 } 1134 while (unfilteredEntries.hasMoreElements()) { 1135 JarEntry je = unfilteredEntries.nextElement(); 1136 if (JarVerifier.isSigningRelated(je.getName())) { 1137 continue; 1138 } 1139 entry = je; 1140 return true; 1141 } 1142 return false; 1143 } 1144 1145 public JarEntry nextElement() { 1146 if (hasMoreElements()) { 1147 JarEntry je = entry; 1148 entry = null; 1149 return newEntry(je); 1150 } 1151 throw new NoSuchElementException(); 1152 } 1153 }; 1154 } 1155 1156 CodeSource[] getCodeSources(URL url) { 1157 ensureInitialization(); 1158 if (jv != null) { 1159 return jv.getCodeSources(this, url); 1160 } 1161 1162 /* 1163 * JAR file has no signed content. Is there a non-signing 1164 * code source? 1165 */ 1166 Enumeration<String> unsigned = unsignedEntryNames(); 1167 if (unsigned.hasMoreElements()) { 1168 return new CodeSource[]{JarVerifier.getUnsignedCS(url)}; 1169 } else { 1170 return null; 1171 } 1172 } 1173 1174 private Enumeration<String> unsignedEntryNames() { 1175 final Enumeration<JarEntry> entries = entries(); 1176 return new Enumeration<>() { 1177 1178 String name; 1179 1180 /* 1181 * Grab entries from ZIP directory but screen out 1182 * metadata. 1183 */ 1184 public boolean hasMoreElements() { 1185 if (name != null) { 1186 return true; 1187 } 1188 while (entries.hasMoreElements()) { 1189 String value; 1190 ZipEntry e = entries.nextElement(); 1191 value = e.getName(); 1192 if (e.isDirectory() || JarVerifier.isSigningRelated(value)) { 1193 continue; 1194 } 1195 name = value; 1196 return true; 1197 } 1198 return false; 1199 } 1200 1201 public String nextElement() { 1202 if (hasMoreElements()) { 1203 String value = name; 1204 name = null; 1205 return value; 1206 } 1207 throw new NoSuchElementException(); 1208 } 1209 }; 1210 } 1211 1212 CodeSource getCodeSource(URL url, String name) { 1213 ensureInitialization(); 1214 if (jv != null) { 1215 if (jv.eagerValidation) { 1216 CodeSource cs = null; 1217 JarEntry je = getJarEntry(name); 1218 if (je != null) { 1219 cs = jv.getCodeSource(url, this, je); 1220 } else { 1221 cs = jv.getCodeSource(url, name); 1222 } 1223 return cs; 1224 } else { 1225 return jv.getCodeSource(url, name); 1226 } 1227 } 1228 1229 return JarVerifier.getUnsignedCS(url); 1230 } 1231 1232 void setEagerValidation(boolean eager) { 1233 try { 1234 maybeInstantiateVerifier(); 1235 } catch (IOException e) { 1236 throw new RuntimeException(e); 1237 } 1238 if (jv != null) { 1239 jv.setEagerValidation(eager); 1240 } 1241 } 1242 1243 List<Object> getManifestDigests() { 1244 ensureInitialization(); 1245 if (jv != null) { 1246 return jv.getManifestDigests(); 1247 } 1248 return new ArrayList<>(); 1249 } 1250 }