1 /*
2 * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.util.jar;
27
28 import jdk.internal.misc.SharedSecrets;
29 import jdk.internal.misc.JavaUtilZipFileAccess;
30 import sun.security.action.GetPropertyAction;
31 import sun.security.util.ManifestEntryVerifier;
32 import sun.security.util.SignatureFileVerifier;
33
34 import java.io.ByteArrayInputStream;
35 import java.io.EOFException;
36 import java.io.File;
37 import java.io.IOException;
38 import java.io.InputStream;
39 import java.lang.ref.SoftReference;
40 import java.net.URL;
41 import java.security.CodeSigner;
42 import java.security.CodeSource;
43 import java.security.cert.Certificate;
44 import java.util.ArrayList;
45 import java.util.Enumeration;
46 import java.util.List;
47 import java.util.Locale;
48 import java.util.NoSuchElementException;
49 import java.util.Objects;
50 import java.util.function.Function;
51 import java.util.stream.Stream;
52 import java.util.zip.ZipEntry;
53 import java.util.zip.ZipException;
54 import java.util.zip.ZipFile;
55
56 /**
57 * The {@code JarFile} class is used to read the contents of a jar file
58 * from any file that can be opened with {@code java.io.RandomAccessFile}.
59 * It extends the class {@code java.util.zip.ZipFile} with support
60 * for reading an optional {@code Manifest} entry, and support for
61 * processing multi-release jar files. The {@code Manifest} can be used
62 * to specify meta-information about the jar file and its entries.
63 *
64 * <p><a id="multirelease">A multi-release jar file</a> is a jar file that
65 * contains a manifest with a main attribute named "Multi-Release",
66 * a set of "base" entries, some of which are public classes with public
67 * or protected methods that comprise the public interface of the jar file,
68 * and a set of "versioned" entries contained in subdirectories of the
69 * "META-INF/versions" directory. The versioned entries are partitioned by the
70 * major version of the Java platform. A versioned entry, with a version
71 * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides
72 * the base entry as well as any entry with a version number {@code i} where
73 * {@code 8 < i < n}.
74 *
75 * <p>By default, a {@code JarFile} for a multi-release jar file is configured
76 * to process the multi-release jar file as if it were a plain (unversioned) jar
77 * file, and as such an entry name is associated with at most one base entry.
78 * The {@code JarFile} may be configured to process a multi-release jar file by
79 * creating the {@code JarFile} with the
80 * {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} constructor. The
81 * {@code Runtime.Version} object sets a maximum version used when searching for
82 * versioned entries. When so configured, an entry name
83 * can correspond with at most one base entry and zero or more versioned
84 * entries. A search is required to associate the entry name with the latest
85 * versioned entry whose version is less than or equal to the maximum version
86 * (see {@link #getEntry(String)}).
87 *
88 * <p>Class loaders that utilize {@code JarFile} to load classes from the
89 * contents of {@code JarFile} entries should construct the {@code JarFile}
90 * by invoking the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
91 * constructor with the value {@code Runtime.version()} assigned to the last
92 * argument. This assures that classes compatible with the major
93 * version of the running JVM are loaded from multi-release jar files.
94 *
95 * <p>If the verify flag is on when opening a signed jar file, the content of
96 * the file is verified against its signature embedded inside the file. Please
97 * note that the verification process does not include validating the signer's
98 * certificate. A caller should inspect the return value of
99 * {@link JarEntry#getCodeSigners()} to further determine if the signature
100 * can be trusted.
101 *
102 * <p> Unless otherwise noted, passing a {@code null} argument to a constructor
103 * or method in this class will cause a {@link NullPointerException} to be
104 * thrown.
105 *
106 * @implNote
107 * <div class="block">
108 * If the API can not be used to configure a {@code JarFile} (e.g. to override
109 * the configuration of a compiled application or library), two {@code System}
110 * properties are available.
111 * <ul>
112 * <li>
113 * {@code jdk.util.jar.version} can be assigned a value that is the
114 * {@code String} representation of a non-negative integer
115 * {@code <= Runtime.version().major()}. The value is used to set the effective
116 * runtime version to something other than the default value obtained by
117 * evaluating {@code Runtime.version().major()}. The effective runtime version
118 * is the version that the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
119 * constructor uses when the value of the last argument is
120 * {@code JarFile.runtimeVersion()}.
121 * </li>
122 * <li>
123 * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three
124 * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>. The
125 * value <em>true</em>, the default value, enables multi-release jar file
126 * processing. The value <em>false</em> disables multi-release jar processing,
127 * ignoring the "Multi-Release" manifest attribute, and the versioned
128 * directories in a multi-release jar file if they exist. Furthermore,
129 * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value
130 * <em>force</em> causes the {@code JarFile} to be initialized to runtime
131 * versioning after construction. It effectively does the same as this code:
132 * {@code (new JarFile(File, boolean, int, JarFile.runtimeVersion())}.
133 * </li>
134 * </ul>
135 * </div>
136 *
137 * @author David Connelly
138 * @see Manifest
139 * @see java.util.zip.ZipFile
140 * @see java.util.jar.JarEntry
141 * @since 1.2
142 */
143 public
144 class JarFile extends ZipFile {
145 private final static Runtime.Version BASE_VERSION;
146 private final static int BASE_VERSION_MAJOR;
147 private final static Runtime.Version RUNTIME_VERSION;
148 private final static boolean MULTI_RELEASE_ENABLED;
149 private final static boolean MULTI_RELEASE_FORCED;
150 private SoftReference<Manifest> manRef;
151 private JarEntry manEntry;
152 private JarVerifier jv;
153 private boolean jvInitialized;
154 private boolean verify;
155 private final Runtime.Version version; // current version
156 private final int versionMajor; // version.major()
157 private boolean isMultiRelease; // is jar multi-release?
158
159 // indicates if Class-Path attribute present
160 private boolean hasClassPathAttribute;
161 // true if manifest checked for special attributes
162 private volatile boolean hasCheckedSpecialAttributes;
163
164 private static final JavaUtilZipFileAccess JUZFA;
165
166 static {
167 // Set up JavaUtilJarAccess in SharedSecrets
168 SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl());
169 // Get JavaUtilZipFileAccess from SharedSecrets
170 JUZFA = jdk.internal.misc.SharedSecrets.getJavaUtilZipFileAccess();
171 // multi-release jar file versions >= 9
172 BASE_VERSION = Runtime.Version.parse(Integer.toString(8));
173 BASE_VERSION_MAJOR = BASE_VERSION.major();
174 String jarVersion = GetPropertyAction.privilegedGetProperty("jdk.util.jar.version");
175 int runtimeVersion = Runtime.version().major();
176 if (jarVersion != null) {
177 int jarVer = Integer.parseInt(jarVersion);
178 runtimeVersion = (jarVer > runtimeVersion)
179 ? runtimeVersion
180 : Math.max(jarVer, BASE_VERSION_MAJOR);
181 }
182 RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion));
183 String enableMultiRelease = GetPropertyAction
184 .privilegedGetProperty("jdk.util.jar.enableMultiRelease", "true");
185 switch (enableMultiRelease) {
186 case "true":
187 default:
188 MULTI_RELEASE_ENABLED = true;
189 MULTI_RELEASE_FORCED = false;
190 break;
191 case "false":
192 MULTI_RELEASE_ENABLED = false;
193 MULTI_RELEASE_FORCED = false;
194 break;
195 case "force":
196 MULTI_RELEASE_ENABLED = true;
197 MULTI_RELEASE_FORCED = true;
198 break;
199 }
200 }
201
202 private static final String META_INF = "META-INF/";
203
204 private static final String META_INF_VERSIONS = META_INF + "versions/";
205
206 /**
207 * The JAR manifest file name.
208 */
209 public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF";
210
211 /**
212 * Returns the version that represents the unversioned configuration of a
213 * multi-release jar file.
214 *
215 * @return the version that represents the unversioned configuration
216 *
217 * @since 9
218 */
219 public static Runtime.Version baseVersion() {
220 return BASE_VERSION;
221 }
222
223 /**
224 * Returns the version that represents the effective runtime versioned
225 * configuration of a multi-release jar file.
226 * <p>
227 * By default the major version number of the returned {@code Version} will
228 * be equal to the major version number of {@code Runtime.version()}.
229 * However, if the {@code jdk.util.jar.version} property is set, the
230 * returned {@code Version} is derived from that property and major version
231 * numbers may not be equal.
232 *
233 * @return the version that represents the runtime versioned configuration
234 *
235 * @since 9
236 */
237 public static Runtime.Version runtimeVersion() {
238 return RUNTIME_VERSION;
239 }
240
241 /**
242 * Creates a new {@code JarFile} to read from the specified
243 * file {@code name}. The {@code JarFile} will be verified if
244 * it is signed.
245 * @param name the name of the jar file to be opened for reading
246 * @throws IOException if an I/O error has occurred
247 * @throws SecurityException if access to the file is denied
248 * by the SecurityManager
249 */
250 public JarFile(String name) throws IOException {
251 this(new File(name), true, ZipFile.OPEN_READ);
252 }
253
254 /**
255 * Creates a new {@code JarFile} to read from the specified
256 * file {@code name}.
257 * @param name the name of the jar file to be opened for reading
258 * @param verify whether or not to verify the jar file if
259 * it is signed.
260 * @throws IOException if an I/O error has occurred
261 * @throws SecurityException if access to the file is denied
262 * by the SecurityManager
263 */
264 public JarFile(String name, boolean verify) throws IOException {
265 this(new File(name), verify, ZipFile.OPEN_READ);
266 }
267
268 /**
269 * Creates a new {@code JarFile} to read from the specified
270 * {@code File} object. The {@code JarFile} will be verified if
271 * it is signed.
272 * @param file the jar file to be opened for reading
273 * @throws IOException if an I/O error has occurred
274 * @throws SecurityException if access to the file is denied
275 * by the SecurityManager
276 */
277 public JarFile(File file) throws IOException {
278 this(file, true, ZipFile.OPEN_READ);
279 }
280
281 /**
282 * Creates a new {@code JarFile} to read from the specified
283 * {@code File} object.
284 * @param file the jar file to be opened for reading
285 * @param verify whether or not to verify the jar file if
286 * it is signed.
287 * @throws IOException if an I/O error has occurred
288 * @throws SecurityException if access to the file is denied
289 * by the SecurityManager.
290 */
291 public JarFile(File file, boolean verify) throws IOException {
292 this(file, verify, ZipFile.OPEN_READ);
293 }
294
295 /**
296 * Creates a new {@code JarFile} to read from the specified
297 * {@code File} object in the specified mode. The mode argument
298 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
299 *
300 * @param file the jar file to be opened for reading
301 * @param verify whether or not to verify the jar file if
302 * it is signed.
303 * @param mode the mode in which the file is to be opened
304 * @throws IOException if an I/O error has occurred
305 * @throws IllegalArgumentException
306 * if the {@code mode} argument is invalid
307 * @throws SecurityException if access to the file is denied
308 * by the SecurityManager
309 * @since 1.3
310 */
311 public JarFile(File file, boolean verify, int mode) throws IOException {
312 this(file, verify, mode, BASE_VERSION);
313 }
314
315 /**
316 * Creates a new {@code JarFile} to read from the specified
317 * {@code File} object in the specified mode. The mode argument
318 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
319 * The version argument, after being converted to a canonical form, is
320 * used to configure the {@code JarFile} for processing
321 * multi-release jar files.
322 * <p>
323 * The canonical form derived from the version parameter is
324 * {@code Runtime.Version.parse(Integer.toString(n))} where {@code n} is
325 * {@code Math.max(version.major(), JarFile.baseVersion().major())}.
326 *
327 * @param file the jar file to be opened for reading
328 * @param verify whether or not to verify the jar file if
329 * it is signed.
330 * @param mode the mode in which the file is to be opened
331 * @param version specifies the release version for a multi-release jar file
332 * @throws IOException if an I/O error has occurred
333 * @throws IllegalArgumentException
334 * if the {@code mode} argument is invalid
335 * @throws SecurityException if access to the file is denied
336 * by the SecurityManager
337 * @throws NullPointerException if {@code version} is {@code null}
338 * @since 9
339 */
340 public JarFile(File file, boolean verify, int mode, Runtime.Version version) throws IOException {
341 super(file, mode);
342 this.verify = verify;
343 Objects.requireNonNull(version);
344 if (MULTI_RELEASE_FORCED || version.major() == RUNTIME_VERSION.major()) {
345 // This deals with the common case where the value from JarFile.runtimeVersion() is passed
346 this.version = RUNTIME_VERSION;
347 } else if (version.major() <= BASE_VERSION_MAJOR) {
348 // This also deals with the common case where the value from JarFile.baseVersion() is passed
349 this.version = BASE_VERSION;
350 } else {
351 // Canonicalize
352 this.version = Runtime.Version.parse(Integer.toString(version.major()));
353 }
354 this.versionMajor = this.version.major();
355 }
356
357 /**
358 * Returns the maximum version used when searching for versioned entries.
359 * <p>
360 * If this {@code JarFile} is not a multi-release jar file or is not
361 * configured to be processed as such, then the version returned will be the
362 * same as that returned from {@link #baseVersion()}.
363 *
364 * @return the maximum version
365 * @since 9
366 */
367 public final Runtime.Version getVersion() {
368 return isMultiRelease() ? this.version : BASE_VERSION;
369 }
370
371 /**
372 * Indicates whether or not this jar file is a multi-release jar file.
373 *
374 * @return true if this JarFile is a multi-release jar file
375 * @since 9
376 */
377 public final boolean isMultiRelease() {
378 if (isMultiRelease) {
379 return true;
380 }
381 if (MULTI_RELEASE_ENABLED) {
382 try {
383 checkForSpecialAttributes();
384 } catch (IOException io) {
385 isMultiRelease = false;
386 }
387 }
388 return isMultiRelease;
389 }
390
391 /**
392 * Returns the jar file manifest, or {@code null} if none.
393 *
394 * @return the jar file manifest, or {@code null} if none
395 *
396 * @throws IllegalStateException
397 * may be thrown if the jar file has been closed
398 * @throws IOException if an I/O error has occurred
399 */
400 public Manifest getManifest() throws IOException {
401 return getManifestFromReference();
402 }
403
404 private Manifest getManifestFromReference() throws IOException {
405 Manifest man = manRef != null ? manRef.get() : null;
406
407 if (man == null) {
408
409 JarEntry manEntry = getManEntry();
410
411 // If found then load the manifest
412 if (manEntry != null) {
413 if (verify) {
414 byte[] b = getBytes(manEntry);
415 man = new Manifest(new ByteArrayInputStream(b));
416 if (!jvInitialized) {
417 jv = new JarVerifier(b);
418 }
419 } else {
420 man = new Manifest(super.getInputStream(manEntry));
421 }
422 manRef = new SoftReference<>(man);
423 }
424 }
425 return man;
426 }
427
428 private String[] getMetaInfEntryNames() {
429 return JUZFA.getMetaInfEntryNames((ZipFile)this);
430 }
431
432 /**
433 * Returns the {@code JarEntry} for the given base entry name or
434 * {@code null} if not found.
435 *
436 * <p>If this {@code JarFile} is a multi-release jar file and is configured
437 * to be processed as such, then a search is performed to find and return
438 * a {@code JarEntry} that is the latest versioned entry associated with the
439 * given entry name. The returned {@code JarEntry} is the versioned entry
440 * corresponding to the given base entry name prefixed with the string
441 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
442 * which an entry exists. If such a versioned entry does not exist, then
443 * the {@code JarEntry} for the base entry is returned, otherwise
444 * {@code null} is returned if no entries are found. The initial value for
445 * the version {@code n} is the maximum version as returned by the method
446 * {@link JarFile#getVersion()}.
447 *
448 * @param name the jar file entry name
449 * @return the {@code JarEntry} for the given entry name, or
450 * the versioned entry name, or {@code null} if not found
451 *
452 * @throws IllegalStateException
453 * may be thrown if the jar file has been closed
454 *
455 * @see java.util.jar.JarEntry
456 *
457 * @implSpec
458 * <div class="block">
459 * This implementation invokes {@link JarFile#getEntry(String)}.
460 * </div>
461 */
462 public JarEntry getJarEntry(String name) {
463 return (JarEntry)getEntry(name);
464 }
465
466 /**
467 * Returns the {@code ZipEntry} for the given base entry name or
468 * {@code null} if not found.
469 *
470 * <p>If this {@code JarFile} is a multi-release jar file and is configured
471 * to be processed as such, then a search is performed to find and return
472 * a {@code ZipEntry} that is the latest versioned entry associated with the
473 * given entry name. The returned {@code ZipEntry} is the versioned entry
474 * corresponding to the given base entry name prefixed with the string
475 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
476 * which an entry exists. If such a versioned entry does not exist, then
477 * the {@code ZipEntry} for the base entry is returned, otherwise
478 * {@code null} is returned if no entries are found. The initial value for
479 * the version {@code n} is the maximum version as returned by the method
480 * {@link JarFile#getVersion()}.
481 *
482 * @param name the jar file entry name
483 * @return the {@code ZipEntry} for the given entry name or
484 * the versioned entry name or {@code null} if not found
485 *
486 * @throws IllegalStateException
487 * may be thrown if the jar file has been closed
488 *
489 * @see java.util.zip.ZipEntry
490 *
491 * @implSpec
492 * <div class="block">
493 * This implementation may return a versioned entry for the requested name
494 * even if there is not a corresponding base entry. This can occur
495 * if there is a private or package-private versioned entry that matches.
496 * If a subclass overrides this method, assure that the override method
497 * invokes {@code super.getEntry(name)} to obtain all versioned entries.
498 * </div>
499 */
500 public ZipEntry getEntry(String name) {
501 JarFileEntry je = getEntry0(name);
502 if (isMultiRelease()) {
503 return getVersionedEntry(name, je);
504 }
505 return je;
506 }
507
508 /**
509 * Returns an enumeration of the jar file entries.
510 *
511 * @return an enumeration of the jar file entries
512 * @throws IllegalStateException
513 * may be thrown if the jar file has been closed
514 */
515 public Enumeration<JarEntry> entries() {
516 return JUZFA.entries(this, JarFileEntry::new);
517 }
518
519 /**
520 * Returns an ordered {@code Stream} over the jar file entries.
521 * Entries appear in the {@code Stream} in the order they appear in
522 * the central directory of the jar file.
523 *
524 * @return an ordered {@code Stream} of entries in this jar file
525 * @throws IllegalStateException if the jar file has been closed
526 * @since 1.8
527 */
528 public Stream<JarEntry> stream() {
529 return JUZFA.stream(this, JarFileEntry::new);
530 }
531
532 /**
533 * Returns a {@code Stream} of the versioned jar file entries.
534 *
535 * <p>If this {@code JarFile} is a multi-release jar file and is configured to
536 * be processed as such, then an entry in the stream is the latest versioned entry
537 * associated with the corresponding base entry name. The maximum version of the
538 * latest versioned entry is the version returned by {@link #getVersion()}.
539 * The returned stream may include an entry that only exists as a versioned entry.
540 *
541 * If the jar file is not a multi-release jar file or the {@code JarFile} is not
542 * configured for processing a multi-release jar file, this method returns the
543 * same stream that {@link #stream()} returns.
544 *
545 * @return stream of versioned entries
546 * @since 10
547 */
548 public Stream<JarEntry> versionedStream() {
549
550 if (isMultiRelease()) {
551 return JUZFA.entryNameStream(this).map(this::getBasename)
552 .filter(Objects::nonNull)
553 .distinct()
554 .map(this::getJarEntry);
555 }
556 return stream();
557 }
558
559 /*
560 * Invokes {@ZipFile}'s getEntry to Return a {@code JarFileEntry} for the
561 * given entry name or {@code null} if not found.
562 */
563 private JarFileEntry getEntry0(String name) {
564 // Not using a lambda/method reference here to optimize startup time
565 Function<String, JarEntry> newJarFileEntryFn = new Function<>() {
566 @Override
567 public JarEntry apply(String name) {
568 return new JarFileEntry(name);
569 }
570 };
571 return (JarFileEntry)JUZFA.getEntry(this, name, newJarFileEntryFn);
572 }
573
574 private String getBasename(String name) {
575 if (name.startsWith(META_INF_VERSIONS)) {
576 int off = META_INF_VERSIONS.length();
577 int index = name.indexOf('/', off);
578 try {
579 // filter out dir META-INF/versions/ and META-INF/versions/*/
580 // and any entry with version > 'version'
581 if (index == -1 || index == (name.length() - 1) ||
582 Integer.parseInt(name, off, index, 10) > versionMajor) {
583 return null;
584 }
585 } catch (NumberFormatException x) {
586 return null; // remove malformed entries silently
587 }
588 // map to its base name
589 return name.substring(index + 1);
590 }
591 return name;
592 }
593
594 private JarEntry getVersionedEntry(String name, JarEntry je) {
595 if (BASE_VERSION_MAJOR < versionMajor) {
596 if (!name.startsWith(META_INF)) {
597 // search for versioned entry
598 int v = versionMajor;
599 while (v > BASE_VERSION_MAJOR) {
600 JarFileEntry vje = getEntry0(META_INF_VERSIONS + v + "/" + name);
601 if (vje != null) {
602 return vje.withBasename(name);
603 }
604 v--;
605 }
606 }
607 }
608 return je;
609 }
610
611 // placeholder for now
612 String getRealName(JarEntry entry) {
613 return entry.getRealName();
614 }
615
616 private class JarFileEntry extends JarEntry {
617 private String basename;
618
619 JarFileEntry(String name) {
620 super(name);
621 this.basename = name;
622 }
623
624 JarFileEntry(String name, ZipEntry vze) {
625 super(vze);
626 this.basename = name;
627 }
628
629 @Override
630 public Attributes getAttributes() throws IOException {
631 Manifest man = JarFile.this.getManifest();
632 if (man != null) {
633 return man.getAttributes(super.getName());
634 } else {
635 return null;
636 }
637 }
638
639 @Override
640 public Certificate[] getCertificates() {
641 try {
642 maybeInstantiateVerifier();
643 } catch (IOException e) {
644 throw new RuntimeException(e);
645 }
646 if (certs == null && jv != null) {
647 certs = jv.getCerts(JarFile.this, realEntry());
648 }
649 return certs == null ? null : certs.clone();
650 }
651
652 @Override
653 public CodeSigner[] getCodeSigners() {
654 try {
655 maybeInstantiateVerifier();
656 } catch (IOException e) {
657 throw new RuntimeException(e);
658 }
659 if (signers == null && jv != null) {
660 signers = jv.getCodeSigners(JarFile.this, realEntry());
661 }
662 return signers == null ? null : signers.clone();
663 }
664
665 @Override
666 public String getRealName() {
667 return super.getName();
668 }
669
670 @Override
671 public String getName() {
672 return basename;
673 }
674
675 JarFileEntry realEntry() {
676 if (isMultiRelease() && versionMajor != BASE_VERSION_MAJOR) {
677 String entryName = super.getName();
678 return entryName == basename || entryName.equals(basename) ?
679 this : new JarFileEntry(entryName, this);
680 }
681 return this;
682 }
683
684 // changes the basename, returns "this"
685 JarFileEntry withBasename(String name) {
686 basename = name;
687 return this;
688 }
689 }
690
691 /*
692 * Ensures that the JarVerifier has been created if one is
693 * necessary (i.e., the jar appears to be signed.) This is done as
694 * a quick check to avoid processing of the manifest for unsigned
695 * jars.
696 */
697 private void maybeInstantiateVerifier() throws IOException {
698 if (jv != null) {
699 return;
700 }
701
702 if (verify) {
703 String[] names = getMetaInfEntryNames();
704 if (names != null) {
705 for (String nameLower : names) {
706 String name = nameLower.toUpperCase(Locale.ENGLISH);
707 if (name.endsWith(".DSA") ||
708 name.endsWith(".RSA") ||
709 name.endsWith(".EC") ||
710 name.endsWith(".SF")) {
711 // Assume since we found a signature-related file
712 // that the jar is signed and that we therefore
713 // need a JarVerifier and Manifest
714 getManifest();
715 return;
716 }
717 }
718 }
719 // No signature-related files; don't instantiate a
720 // verifier
721 verify = false;
722 }
723 }
724
725 /*
726 * Initializes the verifier object by reading all the manifest
727 * entries and passing them to the verifier.
728 */
729 private void initializeVerifier() {
730 ManifestEntryVerifier mev = null;
731
732 // Verify "META-INF/" entries...
733 try {
734 String[] names = getMetaInfEntryNames();
735 if (names != null) {
736 for (String name : names) {
737 String uname = name.toUpperCase(Locale.ENGLISH);
738 if (MANIFEST_NAME.equals(uname)
739 || SignatureFileVerifier.isBlockOrSF(uname)) {
740 JarEntry e = getJarEntry(name);
741 if (e == null) {
742 throw new JarException("corrupted jar file");
743 }
744 if (mev == null) {
745 mev = new ManifestEntryVerifier
746 (getManifestFromReference());
747 }
748 byte[] b = getBytes(e);
749 if (b != null && b.length > 0) {
750 jv.beginEntry(e, mev);
751 jv.update(b.length, b, 0, b.length, mev);
752 jv.update(-1, null, 0, 0, mev);
753 }
754 }
755 }
756 }
757 } catch (IOException ex) {
758 // if we had an error parsing any blocks, just
759 // treat the jar file as being unsigned
760 jv = null;
761 verify = false;
762 if (JarVerifier.debug != null) {
763 JarVerifier.debug.println("jarfile parsing error!");
764 ex.printStackTrace();
765 }
766 }
767
768 // if after initializing the verifier we have nothing
769 // signed, we null it out.
770
771 if (jv != null) {
772
773 jv.doneWithMeta();
774 if (JarVerifier.debug != null) {
775 JarVerifier.debug.println("done with meta!");
776 }
777
778 if (jv.nothingToVerify()) {
779 if (JarVerifier.debug != null) {
780 JarVerifier.debug.println("nothing to verify!");
781 }
782 jv = null;
783 verify = false;
784 }
785 }
786 }
787
788 /*
789 * Reads all the bytes for a given entry. Used to process the
790 * META-INF files.
791 */
792 private byte[] getBytes(ZipEntry ze) throws IOException {
793 try (InputStream is = super.getInputStream(ze)) {
794 int len = (int)ze.getSize();
795 int bytesRead;
796 byte[] b;
797 // trust specified entry sizes when reasonably small
798 if (len != -1 && len <= 65535) {
799 b = new byte[len];
800 bytesRead = is.readNBytes(b, 0, len);
801 } else {
802 b = is.readAllBytes();
803 bytesRead = b.length;
804 }
805 if (len != -1 && len != bytesRead) {
806 throw new EOFException("Expected:" + len + ", read:" + bytesRead);
807 }
808 return b;
809 }
810 }
811
812 /**
813 * Returns an input stream for reading the contents of the specified
814 * zip file entry.
815 * @param ze the zip file entry
816 * @return an input stream for reading the contents of the specified
817 * zip file entry
818 * @throws ZipException if a zip file format error has occurred
819 * @throws IOException if an I/O error has occurred
820 * @throws SecurityException if any of the jar file entries
821 * are incorrectly signed.
822 * @throws IllegalStateException
823 * may be thrown if the jar file has been closed
824 */
825 public synchronized InputStream getInputStream(ZipEntry ze)
826 throws IOException
827 {
828 maybeInstantiateVerifier();
829 if (jv == null) {
830 return super.getInputStream(ze);
831 }
832 if (!jvInitialized) {
833 initializeVerifier();
834 jvInitialized = true;
835 // could be set to null after a call to
836 // initializeVerifier if we have nothing to
837 // verify
838 if (jv == null)
839 return super.getInputStream(ze);
840 }
841
842 // wrap a verifier stream around the real stream
843 return new JarVerifier.VerifierStream(
844 getManifestFromReference(),
845 verifiableEntry(ze),
846 super.getInputStream(ze),
847 jv);
848 }
849
850 private JarEntry verifiableEntry(ZipEntry ze) {
851 if (ze instanceof JarFileEntry) {
852 // assure the name and entry match for verification
853 return ((JarFileEntry)ze).realEntry();
854 }
855 ze = getJarEntry(ze.getName());
856 if (ze instanceof JarFileEntry) {
857 return ((JarFileEntry)ze).realEntry();
858 }
859 return (JarEntry)ze;
860 }
861
862 // Statics for hand-coded Boyer-Moore search
863 private static final byte[] CLASSPATH_CHARS =
864 {'C','L','A','S','S','-','P','A','T','H', ':', ' '};
865
866 // The bad character shift for "class-path: "
867 private static final byte[] CLASSPATH_LASTOCC;
868
869 // The good suffix shift for "class-path: "
870 private static final byte[] CLASSPATH_OPTOSFT;
871
872 private static final byte[] MULTIRELEASE_CHARS =
873 {'M','U','L','T','I','-','R','E','L','E', 'A', 'S', 'E', ':',
874 ' ', 'T', 'R', 'U', 'E'};
875
876 // The bad character shift for "multi-release: true"
877 private static final byte[] MULTIRELEASE_LASTOCC;
878
879 // The good suffix shift for "multi-release: true"
880 private static final byte[] MULTIRELEASE_OPTOSFT;
881
882 static {
883 CLASSPATH_LASTOCC = new byte[65];
884 CLASSPATH_OPTOSFT = new byte[12];
885 CLASSPATH_LASTOCC[(int)'C' - 32] = 1;
886 CLASSPATH_LASTOCC[(int)'L' - 32] = 2;
887 CLASSPATH_LASTOCC[(int)'S' - 32] = 5;
888 CLASSPATH_LASTOCC[(int)'-' - 32] = 6;
889 CLASSPATH_LASTOCC[(int)'P' - 32] = 7;
890 CLASSPATH_LASTOCC[(int)'A' - 32] = 8;
891 CLASSPATH_LASTOCC[(int)'T' - 32] = 9;
892 CLASSPATH_LASTOCC[(int)'H' - 32] = 10;
893 CLASSPATH_LASTOCC[(int)':' - 32] = 11;
894 CLASSPATH_LASTOCC[(int)' ' - 32] = 12;
895 for (int i = 0; i < 11; i++) {
896 CLASSPATH_OPTOSFT[i] = 12;
897 }
898 CLASSPATH_OPTOSFT[11] = 1;
899
900 MULTIRELEASE_LASTOCC = new byte[65];
901 MULTIRELEASE_OPTOSFT = new byte[19];
902 MULTIRELEASE_LASTOCC[(int)'M' - 32] = 1;
903 MULTIRELEASE_LASTOCC[(int)'I' - 32] = 5;
904 MULTIRELEASE_LASTOCC[(int)'-' - 32] = 6;
905 MULTIRELEASE_LASTOCC[(int)'L' - 32] = 9;
906 MULTIRELEASE_LASTOCC[(int)'A' - 32] = 11;
907 MULTIRELEASE_LASTOCC[(int)'S' - 32] = 12;
908 MULTIRELEASE_LASTOCC[(int)':' - 32] = 14;
909 MULTIRELEASE_LASTOCC[(int)' ' - 32] = 15;
910 MULTIRELEASE_LASTOCC[(int)'T' - 32] = 16;
911 MULTIRELEASE_LASTOCC[(int)'R' - 32] = 17;
912 MULTIRELEASE_LASTOCC[(int)'U' - 32] = 18;
913 MULTIRELEASE_LASTOCC[(int)'E' - 32] = 19;
914 for (int i = 0; i < 17; i++) {
915 MULTIRELEASE_OPTOSFT[i] = 19;
916 }
917 MULTIRELEASE_OPTOSFT[17] = 6;
918 MULTIRELEASE_OPTOSFT[18] = 1;
919 }
920
921 private JarEntry getManEntry() {
922 if (manEntry == null) {
923 // First look up manifest entry using standard name
924 JarEntry manEntry = getEntry0(MANIFEST_NAME);
925 if (manEntry == null) {
926 // If not found, then iterate through all the "META-INF/"
927 // entries to find a match.
928 String[] names = getMetaInfEntryNames();
929 if (names != null) {
930 for (String name : names) {
931 if (MANIFEST_NAME.equals(name.toUpperCase(Locale.ENGLISH))) {
932 manEntry = getEntry0(name);
933 break;
934 }
935 }
936 }
937 }
938 this.manEntry = manEntry;
939 }
940 return manEntry;
941 }
942
943 /**
944 * Returns {@code true} iff this JAR file has a manifest with the
945 * Class-Path attribute
946 */
947 boolean hasClassPathAttribute() throws IOException {
948 checkForSpecialAttributes();
949 return hasClassPathAttribute;
950 }
951
952 /**
953 * Returns true if the pattern {@code src} is found in {@code b}.
954 * The {@code lastOcc} array is the precomputed bad character shifts.
955 * Since there are no repeated substring in our search strings,
956 * the good suffix shifts can be replaced with a comparison.
957 */
958 private int match(byte[] src, byte[] b, byte[] lastOcc, byte[] optoSft) {
959 int len = src.length;
960 int last = b.length - len;
961 int i = 0;
962 next:
963 while (i <= last) {
964 for (int j = (len - 1); j >= 0; j--) {
965 byte c = b[i + j];
966 if (c >= ' ' && c <= 'z') {
967 if (c >= 'a') c -= 32; // Canonicalize
968
969 if (c != src[j]) {
970 // no match
971 int badShift = lastOcc[c - 32];
972 i += Math.max(j + 1 - badShift, optoSft[j]);
973 continue next;
974 }
975 } else {
976 // no match, character not valid for name
977 i += len;
978 continue next;
979 }
980 }
981 return i;
982 }
983 return -1;
984 }
985
986 /**
987 * On first invocation, check if the JAR file has the Class-Path
988 * and the Multi-Release attribute. A no-op on subsequent calls.
989 */
990 private void checkForSpecialAttributes() throws IOException {
991 if (hasCheckedSpecialAttributes) {
992 return;
993 }
994 synchronized (this) {
995 if (hasCheckedSpecialAttributes) {
996 return;
997 }
998 JarEntry manEntry = getManEntry();
999 if (manEntry != null) {
1000 byte[] b = getBytes(manEntry);
1001 hasClassPathAttribute = match(CLASSPATH_CHARS, b,
1002 CLASSPATH_LASTOCC, CLASSPATH_OPTOSFT) != -1;
1003 // is this a multi-release jar file
1004 if (MULTI_RELEASE_ENABLED) {
1005 int i = match(MULTIRELEASE_CHARS, b, MULTIRELEASE_LASTOCC,
1006 MULTIRELEASE_OPTOSFT);
1007 if (i != -1) {
1008 i += MULTIRELEASE_CHARS.length;
1009 if (i < b.length) {
1010 byte c = b[i++];
1011 // Check that the value is followed by a newline
1012 // and does not have a continuation
1013 if (c == '\n' &&
1014 (i == b.length || b[i] != ' ')) {
1015 isMultiRelease = true;
1016 } else if (c == '\r') {
1017 if (i == b.length) {
1018 isMultiRelease = true;
1019 } else {
1020 c = b[i++];
1021 if (c == '\n') {
1022 if (i == b.length || b[i] != ' ') {
1023 isMultiRelease = true;
1024 }
1025 } else if (c != ' ') {
1026 isMultiRelease = true;
1027 }
1028 }
1029 }
1030 }
1031 }
1032 }
1033 }
1034 hasCheckedSpecialAttributes = true;
1035 }
1036 }
1037
1038 private synchronized void ensureInitialization() {
1039 try {
1040 maybeInstantiateVerifier();
1041 } catch (IOException e) {
1042 throw new RuntimeException(e);
1043 }
1044 if (jv != null && !jvInitialized) {
1045 initializeVerifier();
1046 jvInitialized = true;
1047 }
1048 }
1049
1050 /*
1051 * Returns a versioned {@code JarFileEntry} for the given entry,
1052 * if there is one. Otherwise returns the original entry. This
1053 * is invoked by the {@code entries2} for verifier.
1054 */
1055 JarEntry newEntry(JarEntry je) {
1056 if (isMultiRelease()) {
1057 return getVersionedEntry(je.getName(), je);
1058 }
1059 return je;
1060 }
1061
1062 /*
1063 * Returns a versioned {@code JarFileEntry} for the given entry
1064 * name, if there is one. Otherwise returns a {@code JarFileEntry}
1065 * with the given name. It is invoked from JarVerifier's entries2
1066 * for {@code singers}.
1067 */
1068 JarEntry newEntry(String name) {
1069 if (isMultiRelease()) {
1070 JarEntry vje = getVersionedEntry(name, (JarEntry)null);
1071 if (vje != null) {
1072 return vje;
1073 }
1074 }
1075 return new JarFileEntry(name);
1076 }
1077
1078 Enumeration<String> entryNames(CodeSource[] cs) {
1079 ensureInitialization();
1080 if (jv != null) {
1081 return jv.entryNames(this, cs);
1082 }
1083
1084 /*
1085 * JAR file has no signed content. Is there a non-signing
1086 * code source?
1087 */
1088 boolean includeUnsigned = false;
1089 for (CodeSource c : cs) {
1090 if (c.getCodeSigners() == null) {
1091 includeUnsigned = true;
1092 break;
1093 }
1094 }
1095 if (includeUnsigned) {
1096 return unsignedEntryNames();
1097 } else {
1098 return new Enumeration<>() {
1099
1100 public boolean hasMoreElements() {
1101 return false;
1102 }
1103
1104 public String nextElement() {
1105 throw new NoSuchElementException();
1106 }
1107 };
1108 }
1109 }
1110
1111 /**
1112 * Returns an enumeration of the zip file entries
1113 * excluding internal JAR mechanism entries and including
1114 * signed entries missing from the ZIP directory.
1115 */
1116 Enumeration<JarEntry> entries2() {
1117 ensureInitialization();
1118 if (jv != null) {
1119 return jv.entries2(this, JUZFA.entries(JarFile.this,
1120 JarFileEntry::new));
1121 }
1122
1123 // screen out entries which are never signed
1124 final var unfilteredEntries = JUZFA.entries(JarFile.this, JarFileEntry::new);
1125
1126 return new Enumeration<>() {
1127
1128 JarEntry entry;
1129
1130 public boolean hasMoreElements() {
1131 if (entry != null) {
1132 return true;
1133 }
1134 while (unfilteredEntries.hasMoreElements()) {
1135 JarEntry je = unfilteredEntries.nextElement();
1136 if (JarVerifier.isSigningRelated(je.getName())) {
1137 continue;
1138 }
1139 entry = je;
1140 return true;
1141 }
1142 return false;
1143 }
1144
1145 public JarEntry nextElement() {
1146 if (hasMoreElements()) {
1147 JarEntry je = entry;
1148 entry = null;
1149 return newEntry(je);
1150 }
1151 throw new NoSuchElementException();
1152 }
1153 };
1154 }
1155
1156 CodeSource[] getCodeSources(URL url) {
1157 ensureInitialization();
1158 if (jv != null) {
1159 return jv.getCodeSources(this, url);
1160 }
1161
1162 /*
1163 * JAR file has no signed content. Is there a non-signing
1164 * code source?
1165 */
1166 Enumeration<String> unsigned = unsignedEntryNames();
1167 if (unsigned.hasMoreElements()) {
1168 return new CodeSource[]{JarVerifier.getUnsignedCS(url)};
1169 } else {
1170 return null;
1171 }
1172 }
1173
1174 private Enumeration<String> unsignedEntryNames() {
1175 final Enumeration<JarEntry> entries = entries();
1176 return new Enumeration<>() {
1177
1178 String name;
1179
1180 /*
1181 * Grab entries from ZIP directory but screen out
1182 * metadata.
1183 */
1184 public boolean hasMoreElements() {
1185 if (name != null) {
1186 return true;
1187 }
1188 while (entries.hasMoreElements()) {
1189 String value;
1190 ZipEntry e = entries.nextElement();
1191 value = e.getName();
1192 if (e.isDirectory() || JarVerifier.isSigningRelated(value)) {
1193 continue;
1194 }
1195 name = value;
1196 return true;
1197 }
1198 return false;
1199 }
1200
1201 public String nextElement() {
1202 if (hasMoreElements()) {
1203 String value = name;
1204 name = null;
1205 return value;
1206 }
1207 throw new NoSuchElementException();
1208 }
1209 };
1210 }
1211
1212 CodeSource getCodeSource(URL url, String name) {
1213 ensureInitialization();
1214 if (jv != null) {
1215 if (jv.eagerValidation) {
1216 CodeSource cs = null;
1217 JarEntry je = getJarEntry(name);
1218 if (je != null) {
1219 cs = jv.getCodeSource(url, this, je);
1220 } else {
1221 cs = jv.getCodeSource(url, name);
1222 }
1223 return cs;
1224 } else {
1225 return jv.getCodeSource(url, name);
1226 }
1227 }
1228
1229 return JarVerifier.getUnsignedCS(url);
1230 }
1231
1232 void setEagerValidation(boolean eager) {
1233 try {
1234 maybeInstantiateVerifier();
1235 } catch (IOException e) {
1236 throw new RuntimeException(e);
1237 }
1238 if (jv != null) {
1239 jv.setEagerValidation(eager);
1240 }
1241 }
1242
1243 List<Object> getManifestDigests() {
1244 ensureInitialization();
1245 if (jv != null) {
1246 return jv.getManifestDigests();
1247 }
1248 return new ArrayList<>();
1249 }
1250 }