1 /*
2 * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.util.jar;
27
28 import java.io.*;
29 import java.lang.ref.SoftReference;
30 import java.net.URL;
31 import java.util.*;
32 import java.util.stream.Stream;
33 import java.util.stream.StreamSupport;
34 import java.util.zip.*;
35 import java.security.CodeSigner;
36 import java.security.cert.Certificate;
37 import java.security.CodeSource;
38 import jdk.internal.misc.SharedSecrets;
39 import sun.security.action.GetPropertyAction;
40 import sun.security.util.ManifestEntryVerifier;
41 import sun.security.util.SignatureFileVerifier;
42
43 /**
44 * The {@code JarFile} class is used to read the contents of a jar file
45 * from any file that can be opened with {@code java.io.RandomAccessFile}.
46 * It extends the class {@code java.util.zip.ZipFile} with support
47 * for reading an optional {@code Manifest} entry, and support for
48 * processing multi-release jar files. The {@code Manifest} can be used
49 * to specify meta-information about the jar file and its entries.
50 *
51 * <p><a name="multirelease">A multi-release jar file</a> is a jar file that
52 * contains a manifest with a main attribute named "Multi-Release",
53 * a set of "base" entries, some of which are public classes with public
54 * or protected methods that comprise the public interface of the jar file,
55 * and a set of "versioned" entries contained in subdirectories of the
56 * "META-INF/versions" directory. The versioned entries are partitioned by the
57 * major version of the Java platform. A versioned entry, with a version
58 * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides
59 * the base entry as well as any entry with a version number {@code i} where
60 * {@code 8 < i < n}.
61 *
62 * <p>By default, a {@code JarFile} for a multi-release jar file is configured
63 * to process the multi-release jar file as if it were a plain (unversioned) jar
64 * file, and as such an entry name is associated with at most one base entry.
65 * The {@code JarFile} may be configured to process a multi-release jar file by
66 * creating the {@code JarFile} with the
67 * {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} constructor. The
68 * {@code Runtime.Version} object sets a maximum version used when searching for
69 * versioned entries. When so configured, an entry name
70 * can correspond with at most one base entry and zero or more versioned
71 * entries. A search is required to associate the entry name with the latest
72 * versioned entry whose version is less than or equal to the maximum version
73 * (see {@link #getEntry(String)}).
74 *
75 * <p>Class loaders that utilize {@code JarFile} to load classes from the
76 * contents of {@code JarFile} entries should construct the {@code JarFile}
77 * by invoking the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
78 * constructor with the value {@code Runtime.version()} assigned to the last
79 * argument. This assures that classes compatible with the major
80 * version of the running JVM are loaded from multi-release jar files.
81 *
82 * <p>If the verify flag is on when opening a signed jar file, the content of
83 * the file is verified against its signature embedded inside the file. Please
84 * note that the verification process does not include validating the signer's
85 * certificate. A caller should inspect the return value of
86 * {@link JarEntry#getCodeSigners()} to further determine if the signature
87 * can be trusted.
88 *
89 * <p> Unless otherwise noted, passing a {@code null} argument to a constructor
90 * or method in this class will cause a {@link NullPointerException} to be
91 * thrown.
92 *
93 * @implNote
94 * <div class="block">
95 * If the API can not be used to configure a {@code JarFile} (e.g. to override
96 * the configuration of a compiled application or library), two {@code System}
97 * properties are available.
98 * <ul>
99 * <li>
100 * {@code jdk.util.jar.version} can be assigned a value that is the
101 * {@code String} representation of a non-negative integer
102 * {@code <= Runtime.version().major()}. The value is used to set the effective
103 * runtime version to something other than the default value obtained by
104 * evaluating {@code Runtime.version().major()}. The effective runtime version
105 * is the version that the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
106 * constructor uses when the value of the last argument is
107 * {@code JarFile.runtimeVersion()}.
108 * </li>
109 * <li>
110 * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three
111 * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>. The
112 * value <em>true</em>, the default value, enables multi-release jar file
113 * processing. The value <em>false</em> disables multi-release jar processing,
114 * ignoring the "Multi-Release" manifest attribute, and the versioned
115 * directories in a multi-release jar file if they exist. Furthermore,
116 * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value
117 * <em>force</em> causes the {@code JarFile} to be initialized to runtime
118 * versioning after construction. It effectively does the same as this code:
119 * {@code (new JarFile(File, boolean, int, JarFile.runtimeVersion())}.
120 * </li>
121 * </ul>
122 * </div>
123 *
124 * @author David Connelly
125 * @see Manifest
126 * @see java.util.zip.ZipFile
127 * @see java.util.jar.JarEntry
128 * @since 1.2
129 */
130 public
131 class JarFile extends ZipFile {
132 private final static Runtime.Version BASE_VERSION;
133 private final static int BASE_VERSION_MAJOR;
134 private final static Runtime.Version RUNTIME_VERSION;
135 private final static boolean MULTI_RELEASE_ENABLED;
136 private final static boolean MULTI_RELEASE_FORCED;
137 private SoftReference<Manifest> manRef;
138 private JarEntry manEntry;
139 private JarVerifier jv;
140 private boolean jvInitialized;
141 private boolean verify;
142 private final Runtime.Version version; // current version
143 private final int versionMajor; // version.major()
144 private boolean isMultiRelease; // is jar multi-release?
145
146 // indicates if Class-Path attribute present
147 private boolean hasClassPathAttribute;
148 // true if manifest checked for special attributes
149 private volatile boolean hasCheckedSpecialAttributes;
150
151 static {
152 // Set up JavaUtilJarAccess in SharedSecrets
153 SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl());
154 // multi-release jar file versions >= 9
155 BASE_VERSION = Runtime.Version.parse(Integer.toString(8));
156 BASE_VERSION_MAJOR = BASE_VERSION.major();
157 String jarVersion = GetPropertyAction.privilegedGetProperty("jdk.util.jar.version");
158 int runtimeVersion = Runtime.version().major();
159 if (jarVersion != null) {
160 int jarVer = Integer.parseInt(jarVersion);
161 runtimeVersion = (jarVer > runtimeVersion)
162 ? runtimeVersion
163 : Math.max(jarVer, BASE_VERSION_MAJOR);
164 }
165 RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion));
166 String enableMultiRelease = GetPropertyAction
167 .privilegedGetProperty("jdk.util.jar.enableMultiRelease", "true");
168 switch (enableMultiRelease) {
169 case "true":
170 default:
171 MULTI_RELEASE_ENABLED = true;
172 MULTI_RELEASE_FORCED = false;
173 break;
174 case "false":
175 MULTI_RELEASE_ENABLED = false;
176 MULTI_RELEASE_FORCED = false;
177 break;
178 case "force":
179 MULTI_RELEASE_ENABLED = true;
180 MULTI_RELEASE_FORCED = true;
181 break;
182 }
183 }
184
185 private static final String META_INF = "META-INF/";
186
187 private static final String META_INF_VERSIONS = META_INF + "versions/";
188
189 /**
190 * The JAR manifest file name.
191 */
192 public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF";
193
194 /**
195 * Returns the version that represents the unversioned configuration of a
196 * multi-release jar file.
197 *
198 * @return the version that represents the unversioned configuration
199 *
200 * @since 9
201 */
202 public static Runtime.Version baseVersion() {
203 return BASE_VERSION;
204 }
205
206 /**
207 * Returns the version that represents the effective runtime versioned
208 * configuration of a multi-release jar file.
209 * <p>
210 * By default the major version number of the returned {@code Version} will
211 * be equal to the major version number of {@code Runtime.version()}.
212 * However, if the {@code jdk.util.jar.version} property is set, the
213 * returned {@code Version} is derived from that property and major version
214 * numbers may not be equal.
215 *
216 * @return the version that represents the runtime versioned configuration
217 *
218 * @since 9
219 */
220 public static Runtime.Version runtimeVersion() {
221 return RUNTIME_VERSION;
222 }
223
224 /**
225 * Creates a new {@code JarFile} to read from the specified
226 * file {@code name}. The {@code JarFile} will be verified if
227 * it is signed.
228 * @param name the name of the jar file to be opened for reading
229 * @throws IOException if an I/O error has occurred
230 * @throws SecurityException if access to the file is denied
231 * by the SecurityManager
232 */
233 public JarFile(String name) throws IOException {
234 this(new File(name), true, ZipFile.OPEN_READ);
235 }
236
237 /**
238 * Creates a new {@code JarFile} to read from the specified
239 * file {@code name}.
240 * @param name the name of the jar file to be opened for reading
241 * @param verify whether or not to verify the jar file if
242 * it is signed.
243 * @throws IOException if an I/O error has occurred
244 * @throws SecurityException if access to the file is denied
245 * by the SecurityManager
246 */
247 public JarFile(String name, boolean verify) throws IOException {
248 this(new File(name), verify, ZipFile.OPEN_READ);
249 }
250
251 /**
252 * Creates a new {@code JarFile} to read from the specified
253 * {@code File} object. The {@code JarFile} will be verified if
254 * it is signed.
255 * @param file the jar file to be opened for reading
256 * @throws IOException if an I/O error has occurred
257 * @throws SecurityException if access to the file is denied
258 * by the SecurityManager
259 */
260 public JarFile(File file) throws IOException {
261 this(file, true, ZipFile.OPEN_READ);
262 }
263
264 /**
265 * Creates a new {@code JarFile} to read from the specified
266 * {@code File} object.
267 * @param file the jar file to be opened for reading
268 * @param verify whether or not to verify the jar file if
269 * it is signed.
270 * @throws IOException if an I/O error has occurred
271 * @throws SecurityException if access to the file is denied
272 * by the SecurityManager.
273 */
274 public JarFile(File file, boolean verify) throws IOException {
275 this(file, verify, ZipFile.OPEN_READ);
276 }
277
278 /**
279 * Creates a new {@code JarFile} to read from the specified
280 * {@code File} object in the specified mode. The mode argument
281 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
282 *
283 * @param file the jar file to be opened for reading
284 * @param verify whether or not to verify the jar file if
285 * it is signed.
286 * @param mode the mode in which the file is to be opened
287 * @throws IOException if an I/O error has occurred
288 * @throws IllegalArgumentException
289 * if the {@code mode} argument is invalid
290 * @throws SecurityException if access to the file is denied
291 * by the SecurityManager
292 * @since 1.3
293 */
294 public JarFile(File file, boolean verify, int mode) throws IOException {
295 this(file, verify, mode, BASE_VERSION);
296 }
297
298 /**
299 * Creates a new {@code JarFile} to read from the specified
300 * {@code File} object in the specified mode. The mode argument
301 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
302 * The version argument, after being converted to a canonical form, is
303 * used to configure the {@code JarFile} for processing
304 * multi-release jar files.
305 * <p>
306 * The canonical form derived from the version parameter is
307 * {@code Runtime.Version.parse(Integer.toString(n))} where {@code n} is
308 * {@code Math.max(version.major(), JarFile.baseVersion().major())}.
309 *
310 * @param file the jar file to be opened for reading
311 * @param verify whether or not to verify the jar file if
312 * it is signed.
313 * @param mode the mode in which the file is to be opened
314 * @param version specifies the release version for a multi-release jar file
315 * @throws IOException if an I/O error has occurred
316 * @throws IllegalArgumentException
317 * if the {@code mode} argument is invalid
318 * @throws SecurityException if access to the file is denied
319 * by the SecurityManager
320 * @throws NullPointerException if {@code version} is {@code null}
321 * @since 9
322 */
323 public JarFile(File file, boolean verify, int mode, Runtime.Version version) throws IOException {
324 super(file, mode);
325 this.verify = verify;
326 Objects.requireNonNull(version);
327 if (MULTI_RELEASE_FORCED || version.major() == RUNTIME_VERSION.major()) {
328 // This deals with the common case where the value from JarFile.runtimeVersion() is passed
329 this.version = RUNTIME_VERSION;
330 } else if (version.major() <= BASE_VERSION_MAJOR) {
331 // This also deals with the common case where the value from JarFile.baseVersion() is passed
332 this.version = BASE_VERSION;
333 } else {
334 // Canonicalize
335 this.version = Runtime.Version.parse(Integer.toString(version.major()));
336 }
337 this.versionMajor = this.version.major();
338 }
339
340 /**
341 * Returns the maximum version used when searching for versioned entries.
342 * <p>
343 * If this {@code JarFile} is not a multi-release jar file or is not
344 * configured to be processed as such, then the version returned will be the
345 * same as that returned from {@link #baseVersion()}.
346 *
347 * @return the maximum version
348 * @since 9
349 */
350 public final Runtime.Version getVersion() {
351 return isMultiRelease() ? this.version : BASE_VERSION;
352 }
353
354 /**
355 * Indicates whether or not this jar file is a multi-release jar file.
356 *
357 * @return true if this JarFile is a multi-release jar file
358 * @since 9
359 */
360 public final boolean isMultiRelease() {
361 if (isMultiRelease) {
362 return true;
363 }
364 if (MULTI_RELEASE_ENABLED) {
365 try {
366 checkForSpecialAttributes();
367 } catch (IOException io) {
368 isMultiRelease = false;
369 }
370 }
371 return isMultiRelease;
372 }
373
374 /**
375 * Returns the jar file manifest, or {@code null} if none.
376 *
377 * @return the jar file manifest, or {@code null} if none
378 *
379 * @throws IllegalStateException
380 * may be thrown if the jar file has been closed
381 * @throws IOException if an I/O error has occurred
382 */
383 public Manifest getManifest() throws IOException {
384 return getManifestFromReference();
385 }
386
387 private Manifest getManifestFromReference() throws IOException {
388 Manifest man = manRef != null ? manRef.get() : null;
389
390 if (man == null) {
391
392 JarEntry manEntry = getManEntry();
393
394 // If found then load the manifest
395 if (manEntry != null) {
396 if (verify) {
397 byte[] b = getBytes(manEntry);
398 man = new Manifest(new ByteArrayInputStream(b));
399 if (!jvInitialized) {
400 jv = new JarVerifier(b);
401 }
402 } else {
403 man = new Manifest(super.getInputStream(manEntry));
404 }
405 manRef = new SoftReference<>(man);
406 }
407 }
408 return man;
409 }
410
411 private String[] getMetaInfEntryNames() {
412 return jdk.internal.misc.SharedSecrets.getJavaUtilZipFileAccess()
413 .getMetaInfEntryNames((ZipFile)this);
414 }
415
416 /**
417 * Returns the {@code JarEntry} for the given base entry name or
418 * {@code null} if not found.
419 *
420 * <p>If this {@code JarFile} is a multi-release jar file and is configured
421 * to be processed as such, then a search is performed to find and return
422 * a {@code JarEntry} that is the latest versioned entry associated with the
423 * given entry name. The returned {@code JarEntry} is the versioned entry
424 * corresponding to the given base entry name prefixed with the string
425 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
426 * which an entry exists. If such a versioned entry does not exist, then
427 * the {@code JarEntry} for the base entry is returned, otherwise
428 * {@code null} is returned if no entries are found. The initial value for
429 * the version {@code n} is the maximum version as returned by the method
430 * {@link JarFile#getVersion()}.
431 *
432 * @param name the jar file entry name
433 * @return the {@code JarEntry} for the given entry name, or
434 * the versioned entry name, or {@code null} if not found
435 *
436 * @throws IllegalStateException
437 * may be thrown if the jar file has been closed
438 *
439 * @see java.util.jar.JarEntry
440 *
441 * @implSpec
442 * <div class="block">
443 * This implementation invokes {@link JarFile#getEntry(String)}.
444 * </div>
445 */
446 public JarEntry getJarEntry(String name) {
447 return (JarEntry)getEntry(name);
448 }
449
450 /**
451 * Returns the {@code ZipEntry} for the given base entry name or
452 * {@code null} if not found.
453 *
454 * <p>If this {@code JarFile} is a multi-release jar file and is configured
455 * to be processed as such, then a search is performed to find and return
456 * a {@code ZipEntry} that is the latest versioned entry associated with the
457 * given entry name. The returned {@code ZipEntry} is the versioned entry
458 * corresponding to the given base entry name prefixed with the string
459 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
460 * which an entry exists. If such a versioned entry does not exist, then
461 * the {@code ZipEntry} for the base entry is returned, otherwise
462 * {@code null} is returned if no entries are found. The initial value for
463 * the version {@code n} is the maximum version as returned by the method
464 * {@link JarFile#getVersion()}.
465 *
466 * @param name the jar file entry name
467 * @return the {@code ZipEntry} for the given entry name or
468 * the versioned entry name or {@code null} if not found
469 *
470 * @throws IllegalStateException
471 * may be thrown if the jar file has been closed
472 *
473 * @see java.util.zip.ZipEntry
474 *
475 * @implSpec
476 * <div class="block">
477 * This implementation may return a versioned entry for the requested name
478 * even if there is not a corresponding base entry. This can occur
479 * if there is a private or package-private versioned entry that matches.
480 * If a subclass overrides this method, assure that the override method
481 * invokes {@code super.getEntry(name)} to obtain all versioned entries.
482 * </div>
483 */
484 public ZipEntry getEntry(String name) {
485 ZipEntry ze = super.getEntry(name);
486 if (ze != null) {
487 return new JarFileEntry(ze);
488 }
489 // no matching base entry, but maybe there is a versioned entry,
490 // like a new private class
491 if (isMultiRelease()) {
492 ze = new ZipEntry(name);
493 ZipEntry vze = getVersionedEntry(ze);
494 if (ze != vze) {
495 return new JarFileEntry(name, vze);
496 }
497 }
498 return null;
499 }
500
501 private class JarEntryIterator implements Enumeration<JarEntry>,
502 Iterator<JarEntry>
503 {
504 final Enumeration<? extends ZipEntry> e = JarFile.super.entries();
505
506 public boolean hasNext() {
507 return e.hasMoreElements();
508 }
509
510 public JarEntry next() {
511 ZipEntry ze = e.nextElement();
512 return new JarFileEntry(ze.getName(), ze);
513 }
514
515 public boolean hasMoreElements() {
516 return hasNext();
517 }
518
519 public JarEntry nextElement() {
520 return next();
521 }
522
523 public Iterator<JarEntry> asIterator() {
524 return this;
525 }
526 }
527
528 /**
529 * Returns an enumeration of the jar file entries.
530 *
531 * @return an enumeration of the jar file entries
532 * @throws IllegalStateException
533 * may be thrown if the jar file has been closed
534 */
535 public Enumeration<JarEntry> entries() {
536 return new JarEntryIterator();
537 }
538
539 /**
540 * Returns an ordered {@code Stream} over the jar file entries.
541 * Entries appear in the {@code Stream} in the order they appear in
542 * the central directory of the jar file.
543 *
544 * @return an ordered {@code Stream} of entries in this jar file
545 * @throws IllegalStateException if the jar file has been closed
546 * @since 1.8
547 */
548 public Stream<JarEntry> stream() {
549 return StreamSupport.stream(Spliterators.spliterator(
550 new JarEntryIterator(), size(),
551 Spliterator.ORDERED | Spliterator.DISTINCT |
552 Spliterator.IMMUTABLE | Spliterator.NONNULL), false);
553 }
554
555 private ZipEntry searchForVersionedEntry(final int version, String name) {
556 ZipEntry vze = null;
557 String sname = "/" + name;
558 int i = version;
559 while (i > BASE_VERSION_MAJOR) {
560 vze = super.getEntry(META_INF_VERSIONS + i + sname);
561 if (vze != null) break;
562 i--;
563 }
564 return vze;
565 }
566
567 private ZipEntry getVersionedEntry(ZipEntry ze) {
568 ZipEntry vze = null;
569 if (BASE_VERSION_MAJOR < versionMajor) {
570 String name = ze.getName();
571 if (!name.startsWith(META_INF)) {
572 vze = searchForVersionedEntry(versionMajor, name);
573 }
574 }
575 return vze == null ? ze : vze;
576 }
577
578 /**
579 * Returns the real name of a {@code JarEntry}. If this {@code JarFile} is
580 * a multi-release jar file and is configured to be processed as such, the
581 * name returned by this method is the path name of the versioned entry
582 * that the {@code JarEntry} represents, rather than the path name of the
583 * base entry that {@link JarEntry#getName()} returns. If the
584 * {@code JarEntry} does not represent a versioned entry, or the
585 * jar file is not a multi-release jar file or {@code JarFile} is not
586 * configured for processing a multi-release jar file, this method returns
587 * the same name that {@link JarEntry#getName()} returns.
588 *
589 * @param entry the JarEntry
590 * @return the real name of the JarEntry
591 * @since 9
592 */
593 String getRealName(JarEntry entry) {
594 if (entry instanceof JarFileEntry) {
595 return ((JarFileEntry)entry).realName();
596 }
597 return entry.getName();
598 }
599
600 private class JarFileEntry extends JarEntry {
601 final private String name;
602
603 JarFileEntry(ZipEntry ze) {
604 super(isMultiRelease() ? getVersionedEntry(ze) : ze);
605 this.name = ze.getName();
606 }
607 JarFileEntry(String name, ZipEntry vze) {
608 super(vze);
609 this.name = name;
610 }
611 public Attributes getAttributes() throws IOException {
612 Manifest man = JarFile.this.getManifest();
613 if (man != null) {
614 return man.getAttributes(super.getName());
615 } else {
616 return null;
617 }
618 }
619 public Certificate[] getCertificates() {
620 try {
621 maybeInstantiateVerifier();
622 } catch (IOException e) {
623 throw new RuntimeException(e);
624 }
625 if (certs == null && jv != null) {
626 certs = jv.getCerts(JarFile.this, realEntry());
627 }
628 return certs == null ? null : certs.clone();
629 }
630 public CodeSigner[] getCodeSigners() {
631 try {
632 maybeInstantiateVerifier();
633 } catch (IOException e) {
634 throw new RuntimeException(e);
635 }
636 if (signers == null && jv != null) {
637 signers = jv.getCodeSigners(JarFile.this, realEntry());
638 }
639 return signers == null ? null : signers.clone();
640 }
641 JarFileEntry realEntry() {
642 if (isMultiRelease() && versionMajor != BASE_VERSION_MAJOR) {
643 String entryName = super.getName();
644 return entryName.equals(this.name) ? this : new JarFileEntry(entryName, this);
645 }
646 return this;
647 }
648 String realName() {
649 return super.getName();
650 }
651
652 @Override
653 public String getName() {
654 return name;
655 }
656 }
657
658 /*
659 * Ensures that the JarVerifier has been created if one is
660 * necessary (i.e., the jar appears to be signed.) This is done as
661 * a quick check to avoid processing of the manifest for unsigned
662 * jars.
663 */
664 private void maybeInstantiateVerifier() throws IOException {
665 if (jv != null) {
666 return;
667 }
668
669 if (verify) {
670 String[] names = getMetaInfEntryNames();
671 if (names != null) {
672 for (String nameLower : names) {
673 String name = nameLower.toUpperCase(Locale.ENGLISH);
674 if (name.endsWith(".DSA") ||
675 name.endsWith(".RSA") ||
676 name.endsWith(".EC") ||
677 name.endsWith(".SF")) {
678 // Assume since we found a signature-related file
679 // that the jar is signed and that we therefore
680 // need a JarVerifier and Manifest
681 getManifest();
682 return;
683 }
684 }
685 }
686 // No signature-related files; don't instantiate a
687 // verifier
688 verify = false;
689 }
690 }
691
692
693 /*
694 * Initializes the verifier object by reading all the manifest
695 * entries and passing them to the verifier.
696 */
697 private void initializeVerifier() {
698 ManifestEntryVerifier mev = null;
699
700 // Verify "META-INF/" entries...
701 try {
702 String[] names = getMetaInfEntryNames();
703 if (names != null) {
704 for (String name : names) {
705 String uname = name.toUpperCase(Locale.ENGLISH);
706 if (MANIFEST_NAME.equals(uname)
707 || SignatureFileVerifier.isBlockOrSF(uname)) {
708 JarEntry e = getJarEntry(name);
709 if (e == null) {
710 throw new JarException("corrupted jar file");
711 }
712 if (mev == null) {
713 mev = new ManifestEntryVerifier
714 (getManifestFromReference());
715 }
716 byte[] b = getBytes(e);
717 if (b != null && b.length > 0) {
718 jv.beginEntry(e, mev);
719 jv.update(b.length, b, 0, b.length, mev);
720 jv.update(-1, null, 0, 0, mev);
721 }
722 }
723 }
724 }
725 } catch (IOException ex) {
726 // if we had an error parsing any blocks, just
727 // treat the jar file as being unsigned
728 jv = null;
729 verify = false;
730 if (JarVerifier.debug != null) {
731 JarVerifier.debug.println("jarfile parsing error!");
732 ex.printStackTrace();
733 }
734 }
735
736 // if after initializing the verifier we have nothing
737 // signed, we null it out.
738
739 if (jv != null) {
740
741 jv.doneWithMeta();
742 if (JarVerifier.debug != null) {
743 JarVerifier.debug.println("done with meta!");
744 }
745
746 if (jv.nothingToVerify()) {
747 if (JarVerifier.debug != null) {
748 JarVerifier.debug.println("nothing to verify!");
749 }
750 jv = null;
751 verify = false;
752 }
753 }
754 }
755
756 /*
757 * Reads all the bytes for a given entry. Used to process the
758 * META-INF files.
759 */
760 private byte[] getBytes(ZipEntry ze) throws IOException {
761 try (InputStream is = super.getInputStream(ze)) {
762 int len = (int)ze.getSize();
763 int bytesRead;
764 byte[] b;
765 // trust specified entry sizes when reasonably small
766 if (len != -1 && len <= 65535) {
767 b = new byte[len];
768 bytesRead = is.readNBytes(b, 0, len);
769 } else {
770 b = is.readAllBytes();
771 bytesRead = b.length;
772 }
773 if (len != -1 && len != bytesRead) {
774 throw new EOFException("Expected:" + len + ", read:" + bytesRead);
775 }
776 return b;
777 }
778 }
779
780 /**
781 * Returns an input stream for reading the contents of the specified
782 * zip file entry.
783 * @param ze the zip file entry
784 * @return an input stream for reading the contents of the specified
785 * zip file entry
786 * @throws ZipException if a zip file format error has occurred
787 * @throws IOException if an I/O error has occurred
788 * @throws SecurityException if any of the jar file entries
789 * are incorrectly signed.
790 * @throws IllegalStateException
791 * may be thrown if the jar file has been closed
792 */
793 public synchronized InputStream getInputStream(ZipEntry ze)
794 throws IOException
795 {
796 maybeInstantiateVerifier();
797 if (jv == null) {
798 return super.getInputStream(ze);
799 }
800 if (!jvInitialized) {
801 initializeVerifier();
802 jvInitialized = true;
803 // could be set to null after a call to
804 // initializeVerifier if we have nothing to
805 // verify
806 if (jv == null)
807 return super.getInputStream(ze);
808 }
809
810 // wrap a verifier stream around the real stream
811 return new JarVerifier.VerifierStream(
812 getManifestFromReference(),
813 verifiableEntry(ze),
814 super.getInputStream(ze),
815 jv);
816 }
817
818 private JarEntry verifiableEntry(ZipEntry ze) {
819 if (ze instanceof JarFileEntry) {
820 // assure the name and entry match for verification
821 return ((JarFileEntry)ze).realEntry();
822 }
823 ze = getJarEntry(ze.getName());
824 if (ze instanceof JarFileEntry) {
825 return ((JarFileEntry)ze).realEntry();
826 }
827 return (JarEntry)ze;
828 }
829
830 // Statics for hand-coded Boyer-Moore search
831 private static final byte[] CLASSPATH_CHARS =
832 {'C','L','A','S','S','-','P','A','T','H', ':', ' '};
833
834 // The bad character shift for "class-path: "
835 private static final byte[] CLASSPATH_LASTOCC;
836
837 // The good suffix shift for "class-path: "
838 private static final byte[] CLASSPATH_OPTOSFT;
839
840 private static final byte[] MULTIRELEASE_CHARS =
841 {'M','U','L','T','I','-','R','E','L','E', 'A', 'S', 'E', ':',
842 ' ', 'T', 'R', 'U', 'E'};
843
844 // The bad character shift for "multi-release: true"
845 private static final byte[] MULTIRELEASE_LASTOCC;
846
847 // The good suffix shift for "multi-release: true"
848 private static final byte[] MULTIRELEASE_OPTOSFT;
849
850 static {
851 CLASSPATH_LASTOCC = new byte[64];
852 CLASSPATH_OPTOSFT = new byte[12];
853 CLASSPATH_LASTOCC[(int)'C' - 32] = 1;
854 CLASSPATH_LASTOCC[(int)'L' - 32] = 2;
855 CLASSPATH_LASTOCC[(int)'S' - 32] = 5;
856 CLASSPATH_LASTOCC[(int)'-' - 32] = 6;
857 CLASSPATH_LASTOCC[(int)'P' - 32] = 7;
858 CLASSPATH_LASTOCC[(int)'A' - 32] = 8;
859 CLASSPATH_LASTOCC[(int)'T' - 32] = 9;
860 CLASSPATH_LASTOCC[(int)'H' - 32] = 10;
861 CLASSPATH_LASTOCC[(int)':' - 32] = 11;
862 CLASSPATH_LASTOCC[(int)' ' - 32] = 12;
863 for (int i = 0; i < 11; i++) {
864 CLASSPATH_OPTOSFT[i] = 12;
865 }
866 CLASSPATH_OPTOSFT[11] = 1;
867
868 MULTIRELEASE_LASTOCC = new byte[64];
869 MULTIRELEASE_OPTOSFT = new byte[19];
870 MULTIRELEASE_LASTOCC[(int)'M' - 32] = 1;
871 MULTIRELEASE_LASTOCC[(int)'I' - 32] = 5;
872 MULTIRELEASE_LASTOCC[(int)'-' - 32] = 6;
873 MULTIRELEASE_LASTOCC[(int)'L' - 32] = 9;
874 MULTIRELEASE_LASTOCC[(int)'A' - 32] = 11;
875 MULTIRELEASE_LASTOCC[(int)'S' - 32] = 12;
876 MULTIRELEASE_LASTOCC[(int)':' - 32] = 14;
877 MULTIRELEASE_LASTOCC[(int)' ' - 32] = 15;
878 MULTIRELEASE_LASTOCC[(int)'T' - 32] = 16;
879 MULTIRELEASE_LASTOCC[(int)'R' - 32] = 17;
880 MULTIRELEASE_LASTOCC[(int)'U' - 32] = 18;
881 MULTIRELEASE_LASTOCC[(int)'E' - 32] = 19;
882 for (int i = 0; i < 17; i++) {
883 MULTIRELEASE_OPTOSFT[i] = 19;
884 }
885 MULTIRELEASE_OPTOSFT[17] = 6;
886 MULTIRELEASE_OPTOSFT[18] = 1;
887 }
888
889 private JarEntry getManEntry() {
890 if (manEntry == null) {
891 // First look up manifest entry using standard name
892 ZipEntry manEntry = super.getEntry(MANIFEST_NAME);
893 if (manEntry == null) {
894 // If not found, then iterate through all the "META-INF/"
895 // entries to find a match.
896 String[] names = getMetaInfEntryNames();
897 if (names != null) {
898 for (String name : names) {
899 if (MANIFEST_NAME.equals(name.toUpperCase(Locale.ENGLISH))) {
900 manEntry = super.getEntry(name);
901 break;
902 }
903 }
904 }
905 }
906 this.manEntry = (manEntry == null)
907 ? null
908 : new JarFileEntry(manEntry.getName(), manEntry);
909 }
910 return manEntry;
911 }
912
913 /**
914 * Returns {@code true} iff this JAR file has a manifest with the
915 * Class-Path attribute
916 */
917 boolean hasClassPathAttribute() throws IOException {
918 checkForSpecialAttributes();
919 return hasClassPathAttribute;
920 }
921
922 /**
923 * Returns true if the pattern {@code src} is found in {@code b}.
924 * The {@code lastOcc} array is the precomputed bad character shifts.
925 * Since there are no repeated substring in our search strings,
926 * the good suffix shifts can be replaced with a comparison.
927 */
928 private int match(byte[] src, byte[] b, byte[] lastOcc, byte[] optoSft) {
929 int len = src.length;
930 int last = b.length - len;
931 int i = 0;
932 next:
933 while (i <= last) {
934 for (int j = (len - 1); j >= 0; j--) {
935 byte c = b[i + j];
936 if (c >= ' ' && c <= 'z') {
937 if (c >= 'a') c -= 32; // Canonicalize
938
939 if (c != src[j]) {
940 // no match
941 int badShift = lastOcc[c - 32];
942 i += Math.max(j + 1 - badShift, optoSft[j]);
943 continue next;
944 }
945 } else {
946 // no match, character not valid for name
947 i += len;
948 continue next;
949 }
950 }
951 return i;
952 }
953 return -1;
954 }
955
956 /**
957 * On first invocation, check if the JAR file has the Class-Path
958 * and the Multi-Release attribute. A no-op on subsequent calls.
959 */
960 private void checkForSpecialAttributes() throws IOException {
961 if (hasCheckedSpecialAttributes) {
962 return;
963 }
964 synchronized (this) {
965 if (hasCheckedSpecialAttributes) {
966 return;
967 }
968 JarEntry manEntry = getManEntry();
969 if (manEntry != null) {
970 byte[] b = getBytes(manEntry);
971 hasClassPathAttribute = match(CLASSPATH_CHARS, b,
972 CLASSPATH_LASTOCC, CLASSPATH_OPTOSFT) != -1;
973 // is this a multi-release jar file
974 if (MULTI_RELEASE_ENABLED) {
975 int i = match(MULTIRELEASE_CHARS, b, MULTIRELEASE_LASTOCC,
976 MULTIRELEASE_OPTOSFT);
977 if (i != -1) {
978 i += MULTIRELEASE_CHARS.length;
979 if (i < b.length) {
980 byte c = b[i++];
981 // Check that the value is followed by a newline
982 // and does not have a continuation
983 if (c == '\n' &&
984 (i == b.length || b[i] != ' ')) {
985 isMultiRelease = true;
986 } else if (c == '\r') {
987 if (i == b.length) {
988 isMultiRelease = true;
989 } else {
990 c = b[i++];
991 if (c == '\n') {
992 if (i == b.length || b[i] != ' ') {
993 isMultiRelease = true;
994 }
995 } else if (c != ' ') {
996 isMultiRelease = true;
997 }
998 }
999 }
1000 }
1001 }
1002 }
1003 }
1004 hasCheckedSpecialAttributes = true;
1005 }
1006 }
1007
1008 private synchronized void ensureInitialization() {
1009 try {
1010 maybeInstantiateVerifier();
1011 } catch (IOException e) {
1012 throw new RuntimeException(e);
1013 }
1014 if (jv != null && !jvInitialized) {
1015 initializeVerifier();
1016 jvInitialized = true;
1017 }
1018 }
1019
1020 JarEntry newEntry(ZipEntry ze) {
1021 return new JarFileEntry(ze);
1022 }
1023
1024 Enumeration<String> entryNames(CodeSource[] cs) {
1025 ensureInitialization();
1026 if (jv != null) {
1027 return jv.entryNames(this, cs);
1028 }
1029
1030 /*
1031 * JAR file has no signed content. Is there a non-signing
1032 * code source?
1033 */
1034 boolean includeUnsigned = false;
1035 for (CodeSource c : cs) {
1036 if (c.getCodeSigners() == null) {
1037 includeUnsigned = true;
1038 break;
1039 }
1040 }
1041 if (includeUnsigned) {
1042 return unsignedEntryNames();
1043 } else {
1044 return new Enumeration<>() {
1045
1046 public boolean hasMoreElements() {
1047 return false;
1048 }
1049
1050 public String nextElement() {
1051 throw new NoSuchElementException();
1052 }
1053 };
1054 }
1055 }
1056
1057 /**
1058 * Returns an enumeration of the zip file entries
1059 * excluding internal JAR mechanism entries and including
1060 * signed entries missing from the ZIP directory.
1061 */
1062 Enumeration<JarEntry> entries2() {
1063 ensureInitialization();
1064 if (jv != null) {
1065 return jv.entries2(this, super.entries());
1066 }
1067
1068 // screen out entries which are never signed
1069 final Enumeration<? extends ZipEntry> enum_ = super.entries();
1070 return new Enumeration<>() {
1071
1072 ZipEntry entry;
1073
1074 public boolean hasMoreElements() {
1075 if (entry != null) {
1076 return true;
1077 }
1078 while (enum_.hasMoreElements()) {
1079 ZipEntry ze = enum_.nextElement();
1080 if (JarVerifier.isSigningRelated(ze.getName())) {
1081 continue;
1082 }
1083 entry = ze;
1084 return true;
1085 }
1086 return false;
1087 }
1088
1089 public JarFileEntry nextElement() {
1090 if (hasMoreElements()) {
1091 ZipEntry ze = entry;
1092 entry = null;
1093 return new JarFileEntry(ze);
1094 }
1095 throw new NoSuchElementException();
1096 }
1097 };
1098 }
1099
1100 CodeSource[] getCodeSources(URL url) {
1101 ensureInitialization();
1102 if (jv != null) {
1103 return jv.getCodeSources(this, url);
1104 }
1105
1106 /*
1107 * JAR file has no signed content. Is there a non-signing
1108 * code source?
1109 */
1110 Enumeration<String> unsigned = unsignedEntryNames();
1111 if (unsigned.hasMoreElements()) {
1112 return new CodeSource[]{JarVerifier.getUnsignedCS(url)};
1113 } else {
1114 return null;
1115 }
1116 }
1117
1118 private Enumeration<String> unsignedEntryNames() {
1119 final Enumeration<JarEntry> entries = entries();
1120 return new Enumeration<>() {
1121
1122 String name;
1123
1124 /*
1125 * Grab entries from ZIP directory but screen out
1126 * metadata.
1127 */
1128 public boolean hasMoreElements() {
1129 if (name != null) {
1130 return true;
1131 }
1132 while (entries.hasMoreElements()) {
1133 String value;
1134 ZipEntry e = entries.nextElement();
1135 value = e.getName();
1136 if (e.isDirectory() || JarVerifier.isSigningRelated(value)) {
1137 continue;
1138 }
1139 name = value;
1140 return true;
1141 }
1142 return false;
1143 }
1144
1145 public String nextElement() {
1146 if (hasMoreElements()) {
1147 String value = name;
1148 name = null;
1149 return value;
1150 }
1151 throw new NoSuchElementException();
1152 }
1153 };
1154 }
1155
1156 CodeSource getCodeSource(URL url, String name) {
1157 ensureInitialization();
1158 if (jv != null) {
1159 if (jv.eagerValidation) {
1160 CodeSource cs = null;
1161 JarEntry je = getJarEntry(name);
1162 if (je != null) {
1163 cs = jv.getCodeSource(url, this, je);
1164 } else {
1165 cs = jv.getCodeSource(url, name);
1166 }
1167 return cs;
1168 } else {
1169 return jv.getCodeSource(url, name);
1170 }
1171 }
1172
1173 return JarVerifier.getUnsignedCS(url);
1174 }
1175
1176 void setEagerValidation(boolean eager) {
1177 try {
1178 maybeInstantiateVerifier();
1179 } catch (IOException e) {
1180 throw new RuntimeException(e);
1181 }
1182 if (jv != null) {
1183 jv.setEagerValidation(eager);
1184 }
1185 }
1186
1187 List<Object> getManifestDigests() {
1188 ensureInitialization();
1189 if (jv != null) {
1190 return jv.getManifestDigests();
1191 }
1192 return new ArrayList<>();
1193 }
1194 }