1 /*
2 * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.util.jar;
27
28 import java.io.*;
29 import java.lang.ref.SoftReference;
30 import java.net.URL;
31 import java.util.*;
32 import java.util.stream.Stream;
33 import java.util.stream.StreamSupport;
34 import java.util.zip.*;
35 import java.security.CodeSigner;
36 import java.security.cert.Certificate;
37 import java.security.CodeSource;
38 import jdk.internal.misc.SharedSecrets;
39 import jdk.internal.util.jar.JarAttributes;
40 import sun.security.action.GetPropertyAction;
41 import sun.security.util.ManifestEntryVerifier;
42 import sun.security.util.SignatureFileVerifier;
43
44 /**
45 * The {@code JarFile} class is used to read the contents of a jar file
46 * from any file that can be opened with {@code java.io.RandomAccessFile}.
47 * It extends the class {@code java.util.zip.ZipFile} with support
48 * for reading an optional {@code Manifest} entry, and support for
49 * processing multi-release jar files. The {@code Manifest} can be used
50 * to specify meta-information about the jar file and its entries.
51 *
52 * <p><a name="multirelease">A multi-release jar file</a> is a jar file that
53 * contains a manifest with a main attribute named "Multi-Release",
54 * a set of "base" entries, some of which are public classes with public
55 * or protected methods that comprise the public interface of the jar file,
56 * and a set of "versioned" entries contained in subdirectories of the
57 * "META-INF/versions" directory. The versioned entries are partitioned by the
58 * major version of the Java platform. A versioned entry, with a version
59 * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides
60 * the base entry as well as any entry with a version number {@code i} where
61 * {@code 8 < i < n}.
62 *
63 * <p>By default, a {@code JarFile} for a multi-release jar file is configured
64 * to process the multi-release jar file as if it were a plain (unversioned) jar
65 * file, and as such an entry name is associated with at most one base entry.
66 * The {@code JarFile} may be configured to process a multi-release jar file by
67 * creating the {@code JarFile} with the
68 * {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} constructor. The
69 * {@code Runtime.Version} object sets a maximum version used when searching for
70 * versioned entries. When so configured, an entry name
71 * can correspond with at most one base entry and zero or more versioned
72 * entries. A search is required to associate the entry name with the latest
73 * versioned entry whose version is less than or equal to the maximum version
74 * (see {@link #getEntry(String)}).
75 *
76 * <p>Class loaders that utilize {@code JarFile} to load classes from the
77 * contents of {@code JarFile} entries should construct the {@code JarFile}
78 * by invoking the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
79 * constructor with the value {@code Runtime.version()} assigned to the last
80 * argument. This assures that classes compatible with the major
81 * version of the running JVM are loaded from multi-release jar files.
82 *
83 * <p>If the verify flag is on when opening a signed jar file, the content of
84 * the file is verified against its signature embedded inside the file. Please
85 * note that the verification process does not include validating the signer's
86 * certificate. A caller should inspect the return value of
87 * {@link JarEntry#getCodeSigners()} to further determine if the signature
88 * can be trusted.
89 *
90 * <p> Unless otherwise noted, passing a {@code null} argument to a constructor
91 * or method in this class will cause a {@link NullPointerException} to be
92 * thrown.
93 *
94 * @implNote
95 * <div class="block">
96 * If the API can not be used to configure a {@code JarFile} (e.g. to override
97 * the configuration of a compiled application or library), two {@code System}
98 * properties are available.
99 * <ul>
100 * <li>
101 * {@code jdk.util.jar.version} can be assigned a value that is the
102 * {@code String} representation of a non-negative integer
103 * {@code <= Runtime.version().major()}. The value is used to set the effective
104 * runtime version to something other than the default value obtained by
105 * evaluating {@code Runtime.version().major()}. The effective runtime version
106 * is the version that the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
107 * constructor uses when the value of the last argument is
108 * {@code JarFile.runtimeVersion()}.
109 * </li>
110 * <li>
111 * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three
112 * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>. The
113 * value <em>true</em>, the default value, enables multi-release jar file
114 * processing. The value <em>false</em> disables multi-release jar processing,
115 * ignoring the "Multi-Release" manifest attribute, and the versioned
116 * directories in a multi-release jar file if they exist. Furthermore,
117 * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value
118 * <em>force</em> causes the {@code JarFile} to be initialized to runtime
119 * versioning after construction. It effectively does the same as this code:
120 * {@code (new JarFile(File, boolean, int, JarFile.runtimeVersion())}.
121 * </li>
122 * </ul>
123 * </div>
124 *
125 * @author David Connelly
126 * @see Manifest
127 * @see java.util.zip.ZipFile
128 * @see java.util.jar.JarEntry
129 * @since 1.2
130 */
131 public
132 class JarFile extends ZipFile {
133 private final static Runtime.Version BASE_VERSION;
134 private final static int BASE_VERSION_MAJOR;
135 private final static Runtime.Version RUNTIME_VERSION;
136 private final static boolean MULTI_RELEASE_ENABLED;
137 private final static boolean MULTI_RELEASE_FORCED;
138 private SoftReference<Manifest> manRef;
139 private JarEntry manEntry;
140 private JarVerifier jv;
141 private boolean jvInitialized;
142 private boolean verify;
143 private final Runtime.Version version; // current version
144 private final int versionMajor; // version.major()
145 private boolean isMultiRelease; // is jar multi-release?
146
147 // indicates if Class-Path attribute present
148 private boolean hasClassPathAttribute;
149 // true if manifest checked for special attributes
150 private volatile boolean hasCheckedSpecialAttributes;
151
152 static {
153 // Set up JavaUtilJarAccess in SharedSecrets
154 SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl());
155 // multi-release jar file versions >= 9
156 BASE_VERSION = Runtime.Version.parse(Integer.toString(8));
157 BASE_VERSION_MAJOR = BASE_VERSION.major();
158 String jarVersion = GetPropertyAction.privilegedGetProperty("jdk.util.jar.version");
159 int runtimeVersion = Runtime.version().major();
160 if (jarVersion != null) {
161 int jarVer = Integer.parseInt(jarVersion);
162 runtimeVersion = (jarVer > runtimeVersion)
163 ? runtimeVersion
164 : Math.max(jarVer, BASE_VERSION_MAJOR);
165 }
166 RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion));
167 String enableMultiRelease = GetPropertyAction
168 .privilegedGetProperty("jdk.util.jar.enableMultiRelease", "true");
169 switch (enableMultiRelease) {
170 case "true":
171 default:
172 MULTI_RELEASE_ENABLED = true;
173 MULTI_RELEASE_FORCED = false;
174 break;
175 case "false":
176 MULTI_RELEASE_ENABLED = false;
177 MULTI_RELEASE_FORCED = false;
178 break;
179 case "force":
180 MULTI_RELEASE_ENABLED = true;
181 MULTI_RELEASE_FORCED = true;
182 break;
183 }
184 }
185
186 private static final String META_INF = "META-INF/";
187
188 private static final String META_INF_VERSIONS = META_INF + "versions/";
189
190 /**
191 * The JAR manifest file name.
192 */
193 public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF";
194
195 /**
196 * Returns the version that represents the unversioned configuration of a
197 * multi-release jar file.
198 *
199 * @return the version that represents the unversioned configuration
200 *
201 * @since 9
202 */
203 public static Runtime.Version baseVersion() {
204 return BASE_VERSION;
205 }
206
207 /**
208 * Returns the version that represents the effective runtime versioned
209 * configuration of a multi-release jar file.
210 * <p>
211 * By default the major version number of the returned {@code Version} will
212 * be equal to the major version number of {@code Runtime.version()}.
213 * However, if the {@code jdk.util.jar.version} property is set, the
214 * returned {@code Version} is derived from that property and major version
215 * numbers may not be equal.
216 *
217 * @return the version that represents the runtime versioned configuration
218 *
219 * @since 9
220 */
221 public static Runtime.Version runtimeVersion() {
222 return RUNTIME_VERSION;
223 }
224
225 /**
226 * Creates a new {@code JarFile} to read from the specified
227 * file {@code name}. The {@code JarFile} will be verified if
228 * it is signed.
229 * @param name the name of the jar file to be opened for reading
230 * @throws IOException if an I/O error has occurred
231 * @throws SecurityException if access to the file is denied
232 * by the SecurityManager
233 */
234 public JarFile(String name) throws IOException {
235 this(new File(name), true, ZipFile.OPEN_READ);
236 }
237
238 /**
239 * Creates a new {@code JarFile} to read from the specified
240 * file {@code name}.
241 * @param name the name of the jar file to be opened for reading
242 * @param verify whether or not to verify the jar file if
243 * it is signed.
244 * @throws IOException if an I/O error has occurred
245 * @throws SecurityException if access to the file is denied
246 * by the SecurityManager
247 */
248 public JarFile(String name, boolean verify) throws IOException {
249 this(new File(name), verify, ZipFile.OPEN_READ);
250 }
251
252 /**
253 * Creates a new {@code JarFile} to read from the specified
254 * {@code File} object. The {@code JarFile} will be verified if
255 * it is signed.
256 * @param file the jar file to be opened for reading
257 * @throws IOException if an I/O error has occurred
258 * @throws SecurityException if access to the file is denied
259 * by the SecurityManager
260 */
261 public JarFile(File file) throws IOException {
262 this(file, true, ZipFile.OPEN_READ);
263 }
264
265 /**
266 * Creates a new {@code JarFile} to read from the specified
267 * {@code File} object.
268 * @param file the jar file to be opened for reading
269 * @param verify whether or not to verify the jar file if
270 * it is signed.
271 * @throws IOException if an I/O error has occurred
272 * @throws SecurityException if access to the file is denied
273 * by the SecurityManager.
274 */
275 public JarFile(File file, boolean verify) throws IOException {
276 this(file, verify, ZipFile.OPEN_READ);
277 }
278
279 /**
280 * Creates a new {@code JarFile} to read from the specified
281 * {@code File} object in the specified mode. The mode argument
282 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
283 *
284 * @param file the jar file to be opened for reading
285 * @param verify whether or not to verify the jar file if
286 * it is signed.
287 * @param mode the mode in which the file is to be opened
288 * @throws IOException if an I/O error has occurred
289 * @throws IllegalArgumentException
290 * if the {@code mode} argument is invalid
291 * @throws SecurityException if access to the file is denied
292 * by the SecurityManager
293 * @since 1.3
294 */
295 public JarFile(File file, boolean verify, int mode) throws IOException {
296 this(file, verify, mode, BASE_VERSION);
297 }
298
299 /**
300 * Creates a new {@code JarFile} to read from the specified
301 * {@code File} object in the specified mode. The mode argument
302 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
303 * The version argument, after being converted to a canonical form, is
304 * used to configure the {@code JarFile} for processing
305 * multi-release jar files.
306 * <p>
307 * The canonical form derived from the version parameter is
308 * {@code Runtime.Version.parse(Integer.toString(n))} where {@code n} is
309 * {@code Math.max(version.major(), JarFile.baseVersion().major())}.
310 *
311 * @param file the jar file to be opened for reading
312 * @param verify whether or not to verify the jar file if
313 * it is signed.
314 * @param mode the mode in which the file is to be opened
315 * @param version specifies the release version for a multi-release jar file
316 * @throws IOException if an I/O error has occurred
317 * @throws IllegalArgumentException
318 * if the {@code mode} argument is invalid
319 * @throws SecurityException if access to the file is denied
320 * by the SecurityManager
321 * @throws NullPointerException if {@code version} is {@code null}
322 * @since 9
323 */
324 public JarFile(File file, boolean verify, int mode, Runtime.Version version) throws IOException {
325 super(file, mode);
326 this.verify = verify;
327 Objects.requireNonNull(version);
328 if (MULTI_RELEASE_FORCED || version.major() == RUNTIME_VERSION.major()) {
329 // This deals with the common case where the value from JarFile.runtimeVersion() is passed
330 this.version = RUNTIME_VERSION;
331 } else if (version.major() <= BASE_VERSION_MAJOR) {
332 // This also deals with the common case where the value from JarFile.baseVersion() is passed
333 this.version = BASE_VERSION;
334 } else {
335 // Canonicalize
336 this.version = Runtime.Version.parse(Integer.toString(version.major()));
337 }
338 this.versionMajor = this.version.major();
339 }
340
341 /**
342 * Returns the maximum version used when searching for versioned entries.
343 * <p>
344 * If this {@code JarFile} is not a multi-release jar file or is not
345 * configured to be processed as such, then the version returned will be the
346 * same as that returned from {@link #baseVersion()}.
347 *
348 * @return the maximum version
349 * @since 9
350 */
351 public final Runtime.Version getVersion() {
352 return isMultiRelease() ? this.version : BASE_VERSION;
353 }
354
355 /**
356 * Indicates whether or not this jar file is a multi-release jar file.
357 *
358 * @return true if this JarFile is a multi-release jar file
359 * @since 9
360 */
361 public final boolean isMultiRelease() {
362 if (isMultiRelease) {
363 return true;
364 }
365 if (MULTI_RELEASE_ENABLED) {
366 try {
367 checkForSpecialAttributes();
368 } catch (IOException io) {
369 isMultiRelease = false;
370 }
371 }
372 return isMultiRelease;
373 }
374
375 /**
376 * Returns the jar file manifest, or {@code null} if none.
377 *
378 * @return the jar file manifest, or {@code null} if none
379 *
380 * @throws IllegalStateException
381 * may be thrown if the jar file has been closed
382 * @throws IOException if an I/O error has occurred
383 */
384 public Manifest getManifest() throws IOException {
385 return getManifestFromReference();
386 }
387
388 private Manifest getManifestFromReference() throws IOException {
389 Manifest man = manRef != null ? manRef.get() : null;
390
391 if (man == null) {
392
393 JarEntry manEntry = getManEntry();
394
395 // If found then load the manifest
396 if (manEntry != null) {
397 if (verify) {
398 byte[] b = getBytes(manEntry);
399 man = new Manifest(new ByteArrayInputStream(b));
400 if (!jvInitialized) {
401 jv = new JarVerifier(b);
402 }
403 } else {
404 man = new Manifest(super.getInputStream(manEntry));
405 }
406 manRef = new SoftReference<>(man);
407 }
408 }
409 return man;
410 }
411
412 private String[] getMetaInfEntryNames() {
413 return jdk.internal.misc.SharedSecrets.getJavaUtilZipFileAccess()
414 .getMetaInfEntryNames((ZipFile)this);
415 }
416
417 /**
418 * Returns the {@code JarEntry} for the given base entry name or
419 * {@code null} if not found.
420 *
421 * <p>If this {@code JarFile} is a multi-release jar file and is configured
422 * to be processed as such, then a search is performed to find and return
423 * a {@code JarEntry} that is the latest versioned entry associated with the
424 * given entry name. The returned {@code JarEntry} is the versioned entry
425 * corresponding to the given base entry name prefixed with the string
426 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
427 * which an entry exists. If such a versioned entry does not exist, then
428 * the {@code JarEntry} for the base entry is returned, otherwise
429 * {@code null} is returned if no entries are found. The initial value for
430 * the version {@code n} is the maximum version as returned by the method
431 * {@link JarFile#getVersion()}.
432 *
433 * @param name the jar file entry name
434 * @return the {@code JarEntry} for the given entry name, or
435 * the versioned entry name, or {@code null} if not found
436 *
437 * @throws IllegalStateException
438 * may be thrown if the jar file has been closed
439 *
440 * @see java.util.jar.JarEntry
441 *
442 * @implSpec
443 * <div class="block">
444 * This implementation invokes {@link JarFile#getEntry(String)}.
445 * </div>
446 */
447 public JarEntry getJarEntry(String name) {
448 return (JarEntry)getEntry(name);
449 }
450
451 /**
452 * Returns the {@code ZipEntry} for the given base entry name or
453 * {@code null} if not found.
454 *
455 * <p>If this {@code JarFile} is a multi-release jar file and is configured
456 * to be processed as such, then a search is performed to find and return
457 * a {@code ZipEntry} that is the latest versioned entry associated with the
458 * given entry name. The returned {@code ZipEntry} is the versioned entry
459 * corresponding to the given base entry name prefixed with the string
460 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
461 * which an entry exists. If such a versioned entry does not exist, then
462 * the {@code ZipEntry} for the base entry is returned, otherwise
463 * {@code null} is returned if no entries are found. The initial value for
464 * the version {@code n} is the maximum version as returned by the method
465 * {@link JarFile#getVersion()}.
466 *
467 * @param name the jar file entry name
468 * @return the {@code ZipEntry} for the given entry name or
469 * the versioned entry name or {@code null} if not found
470 *
471 * @throws IllegalStateException
472 * may be thrown if the jar file has been closed
473 *
474 * @see java.util.zip.ZipEntry
475 *
476 * @implSpec
477 * <div class="block">
478 * This implementation may return a versioned entry for the requested name
479 * even if there is not a corresponding base entry. This can occur
480 * if there is a private or package-private versioned entry that matches.
481 * If a subclass overrides this method, assure that the override method
482 * invokes {@code super.getEntry(name)} to obtain all versioned entries.
483 * </div>
484 */
485 public ZipEntry getEntry(String name) {
486 ZipEntry ze = super.getEntry(name);
487 if (ze != null) {
488 return new JarFileEntry(ze);
489 }
490 // no matching base entry, but maybe there is a versioned entry,
491 // like a new private class
492 if (isMultiRelease()) {
493 ze = new ZipEntry(name);
494 ZipEntry vze = getVersionedEntry(ze);
495 if (ze != vze) {
496 return new JarFileEntry(name, vze);
497 }
498 }
499 return null;
500 }
501
502 private class JarEntryIterator implements Enumeration<JarEntry>,
503 Iterator<JarEntry>
504 {
505 final Enumeration<? extends ZipEntry> e = JarFile.super.entries();
506
507 public boolean hasNext() {
508 return e.hasMoreElements();
509 }
510
511 public JarEntry next() {
512 ZipEntry ze = e.nextElement();
513 return new JarFileEntry(ze.getName(), ze);
514 }
515
516 public boolean hasMoreElements() {
517 return hasNext();
518 }
519
520 public JarEntry nextElement() {
521 return next();
522 }
523
524 public Iterator<JarEntry> asIterator() {
525 return this;
526 }
527 }
528
529 /**
530 * Returns an enumeration of the jar file entries.
531 *
532 * @return an enumeration of the jar file entries
533 * @throws IllegalStateException
534 * may be thrown if the jar file has been closed
535 */
536 public Enumeration<JarEntry> entries() {
537 return new JarEntryIterator();
538 }
539
540 /**
541 * Returns an ordered {@code Stream} over the jar file entries.
542 * Entries appear in the {@code Stream} in the order they appear in
543 * the central directory of the jar file.
544 *
545 * @return an ordered {@code Stream} of entries in this jar file
546 * @throws IllegalStateException if the jar file has been closed
547 * @since 1.8
548 */
549 public Stream<JarEntry> stream() {
550 return StreamSupport.stream(Spliterators.spliterator(
551 new JarEntryIterator(), size(),
552 Spliterator.ORDERED | Spliterator.DISTINCT |
553 Spliterator.IMMUTABLE | Spliterator.NONNULL), false);
554 }
555
556 private ZipEntry searchForVersionedEntry(final int version, String name) {
557 ZipEntry vze = null;
558 String sname = "/" + name;
559 int i = version;
560 while (i > BASE_VERSION_MAJOR) {
561 vze = super.getEntry(META_INF_VERSIONS + i + sname);
562 if (vze != null) break;
563 i--;
564 }
565 return vze;
566 }
567
568 private ZipEntry getVersionedEntry(ZipEntry ze) {
569 ZipEntry vze = null;
570 if (BASE_VERSION_MAJOR < versionMajor) {
571 String name = ze.getName();
572 if (!name.startsWith(META_INF)) {
573 vze = searchForVersionedEntry(versionMajor, name);
574 }
575 }
576 return vze == null ? ze : vze;
577 }
578
579 /**
580 * Returns the real name of a {@code JarEntry}. If this {@code JarFile} is
581 * a multi-release jar file and is configured to be processed as such, the
582 * name returned by this method is the path name of the versioned entry
583 * that the {@code JarEntry} represents, rather than the path name of the
584 * base entry that {@link JarEntry#getName()} returns. If the
585 * {@code JarEntry} does not represent a versioned entry, or the
586 * jar file is not a multi-release jar file or {@code JarFile} is not
587 * configured for processing a multi-release jar file, this method returns
588 * the same name that {@link JarEntry#getName()} returns.
589 *
590 * @param entry the JarEntry
591 * @return the real name of the JarEntry
592 * @since 9
593 */
594 String getRealName(JarEntry entry) {
595 if (entry instanceof JarFileEntry) {
596 return ((JarFileEntry)entry).realName();
597 }
598 return entry.getName();
599 }
600
601 private class JarFileEntry extends JarEntry {
602 final private String name;
603
604 JarFileEntry(ZipEntry ze) {
605 super(isMultiRelease() ? getVersionedEntry(ze) : ze);
606 this.name = ze.getName();
607 }
608 JarFileEntry(String name, ZipEntry vze) {
609 super(vze);
610 this.name = name;
611 }
612 public Attributes getAttributes() throws IOException {
613 Manifest man = JarFile.this.getManifest();
614 if (man != null) {
615 return man.getAttributes(super.getName());
616 } else {
617 return null;
618 }
619 }
620 public Certificate[] getCertificates() {
621 try {
622 maybeInstantiateVerifier();
623 } catch (IOException e) {
624 throw new RuntimeException(e);
625 }
626 if (certs == null && jv != null) {
627 certs = jv.getCerts(JarFile.this, realEntry());
628 }
629 return certs == null ? null : certs.clone();
630 }
631 public CodeSigner[] getCodeSigners() {
632 try {
633 maybeInstantiateVerifier();
634 } catch (IOException e) {
635 throw new RuntimeException(e);
636 }
637 if (signers == null && jv != null) {
638 signers = jv.getCodeSigners(JarFile.this, realEntry());
639 }
640 return signers == null ? null : signers.clone();
641 }
642 JarFileEntry realEntry() {
643 if (isMultiRelease() && versionMajor != BASE_VERSION_MAJOR) {
644 String entryName = super.getName();
645 return entryName.equals(this.name) ? this : new JarFileEntry(entryName, this);
646 }
647 return this;
648 }
649 String realName() {
650 return super.getName();
651 }
652
653 @Override
654 public String getName() {
655 return name;
656 }
657 }
658
659 /*
660 * Ensures that the JarVerifier has been created if one is
661 * necessary (i.e., the jar appears to be signed.) This is done as
662 * a quick check to avoid processing of the manifest for unsigned
663 * jars.
664 */
665 private void maybeInstantiateVerifier() throws IOException {
666 if (jv != null) {
667 return;
668 }
669
670 if (verify) {
671 String[] names = getMetaInfEntryNames();
672 if (names != null) {
673 for (String nameLower : names) {
674 String name = nameLower.toUpperCase(Locale.ENGLISH);
675 if (name.endsWith(".DSA") ||
676 name.endsWith(".RSA") ||
677 name.endsWith(".EC") ||
678 name.endsWith(".SF")) {
679 // Assume since we found a signature-related file
680 // that the jar is signed and that we therefore
681 // need a JarVerifier and Manifest
682 getManifest();
683 return;
684 }
685 }
686 }
687 // No signature-related files; don't instantiate a
688 // verifier
689 verify = false;
690 }
691 }
692
693
694 /*
695 * Initializes the verifier object by reading all the manifest
696 * entries and passing them to the verifier.
697 */
698 private void initializeVerifier() {
699 ManifestEntryVerifier mev = null;
700
701 // Verify "META-INF/" entries...
702 try {
703 String[] names = getMetaInfEntryNames();
704 if (names != null) {
705 for (String name : names) {
706 String uname = name.toUpperCase(Locale.ENGLISH);
707 if (MANIFEST_NAME.equals(uname)
708 || SignatureFileVerifier.isBlockOrSF(uname)) {
709 JarEntry e = getJarEntry(name);
710 if (e == null) {
711 throw new JarException("corrupted jar file");
712 }
713 if (mev == null) {
714 mev = new ManifestEntryVerifier
715 (getManifestFromReference());
716 }
717 byte[] b = getBytes(e);
718 if (b != null && b.length > 0) {
719 jv.beginEntry(e, mev);
720 jv.update(b.length, b, 0, b.length, mev);
721 jv.update(-1, null, 0, 0, mev);
722 }
723 }
724 }
725 }
726 } catch (IOException ex) {
727 // if we had an error parsing any blocks, just
728 // treat the jar file as being unsigned
729 jv = null;
730 verify = false;
731 if (JarVerifier.debug != null) {
732 JarVerifier.debug.println("jarfile parsing error!");
733 ex.printStackTrace();
734 }
735 }
736
737 // if after initializing the verifier we have nothing
738 // signed, we null it out.
739
740 if (jv != null) {
741
742 jv.doneWithMeta();
743 if (JarVerifier.debug != null) {
744 JarVerifier.debug.println("done with meta!");
745 }
746
747 if (jv.nothingToVerify()) {
748 if (JarVerifier.debug != null) {
749 JarVerifier.debug.println("nothing to verify!");
750 }
751 jv = null;
752 verify = false;
753 }
754 }
755 }
756
757 /*
758 * Reads all the bytes for a given entry. Used to process the
759 * META-INF files.
760 */
761 private byte[] getBytes(ZipEntry ze) throws IOException {
762 try (InputStream is = super.getInputStream(ze)) {
763 int len = (int)ze.getSize();
764 int bytesRead;
765 byte[] b;
766 // trust specified entry sizes when reasonably small
767 if (len != -1 && len <= 65535) {
768 b = new byte[len];
769 bytesRead = is.readNBytes(b, 0, len);
770 } else {
771 b = is.readAllBytes();
772 bytesRead = b.length;
773 }
774 if (len != -1 && len != bytesRead) {
775 throw new EOFException("Expected:" + len + ", read:" + bytesRead);
776 }
777 return b;
778 }
779 }
780
781 /**
782 * Returns an input stream for reading the contents of the specified
783 * zip file entry.
784 * @param ze the zip file entry
785 * @return an input stream for reading the contents of the specified
786 * zip file entry
787 * @throws ZipException if a zip file format error has occurred
788 * @throws IOException if an I/O error has occurred
789 * @throws SecurityException if any of the jar file entries
790 * are incorrectly signed.
791 * @throws IllegalStateException
792 * may be thrown if the jar file has been closed
793 */
794 public synchronized InputStream getInputStream(ZipEntry ze)
795 throws IOException
796 {
797 maybeInstantiateVerifier();
798 if (jv == null) {
799 return super.getInputStream(ze);
800 }
801 if (!jvInitialized) {
802 initializeVerifier();
803 jvInitialized = true;
804 // could be set to null after a call to
805 // initializeVerifier if we have nothing to
806 // verify
807 if (jv == null)
808 return super.getInputStream(ze);
809 }
810
811 // wrap a verifier stream around the real stream
812 return new JarVerifier.VerifierStream(
813 getManifestFromReference(),
814 verifiableEntry(ze),
815 super.getInputStream(ze),
816 jv);
817 }
818
819 private JarEntry verifiableEntry(ZipEntry ze) {
820 if (ze instanceof JarFileEntry) {
821 // assure the name and entry match for verification
822 return ((JarFileEntry)ze).realEntry();
823 }
824 ze = getJarEntry(ze.getName());
825 if (ze instanceof JarFileEntry) {
826 return ((JarFileEntry)ze).realEntry();
827 }
828 return (JarEntry)ze;
829 }
830
831 private JarEntry getManEntry() {
832 if (manEntry == null) {
833 // First look up manifest entry using standard name
834 ZipEntry manEntry = super.getEntry(MANIFEST_NAME);
835 if (manEntry == null) {
836 // If not found, then iterate through all the "META-INF/"
837 // entries to find a match.
838 String[] names = getMetaInfEntryNames();
839 if (names != null) {
840 for (String name : names) {
841 if (MANIFEST_NAME.equals(name.toUpperCase(Locale.ENGLISH))) {
842 manEntry = super.getEntry(name);
843 break;
844 }
845 }
846 }
847 }
848 this.manEntry = (manEntry == null)
849 ? null
850 : new JarFileEntry(manEntry.getName(), manEntry);
851 }
852 return manEntry;
853 }
854
855 /**
856 * Returns {@code true} iff this JAR file has a manifest with the
857 * Class-Path attribute
858 */
859 boolean hasClassPathAttribute() throws IOException {
860 checkForSpecialAttributes();
861 return hasClassPathAttribute;
862 }
863
864
865 /**
866 * On first invocation, check if the JAR file has the Class-Path
867 * and the Multi-Release attribute. A no-op on subsequent calls.
868 */
869 private void checkForSpecialAttributes() throws IOException {
870 if (hasCheckedSpecialAttributes) {
871 return;
872 }
873 synchronized (this) {
874 if (hasCheckedSpecialAttributes) {
875 return;
876 }
877 JarEntry manEntry = getManEntry();
878 if (manEntry != null) {
879 byte[] b = getBytes(manEntry);
880 hasClassPathAttribute = JarAttributes.hasClassPathAttribute(b);
881 // is this a multi-release jar file
882 if (MULTI_RELEASE_ENABLED) {
883 isMultiRelease = JarAttributes.isMultiRelease(b);
884 }
885 }
886 hasCheckedSpecialAttributes = true;
887 }
888 }
889
890 private synchronized void ensureInitialization() {
891 try {
892 maybeInstantiateVerifier();
893 } catch (IOException e) {
894 throw new RuntimeException(e);
895 }
896 if (jv != null && !jvInitialized) {
897 initializeVerifier();
898 jvInitialized = true;
899 }
900 }
901
902 JarEntry newEntry(ZipEntry ze) {
903 return new JarFileEntry(ze);
904 }
905
906 Enumeration<String> entryNames(CodeSource[] cs) {
907 ensureInitialization();
908 if (jv != null) {
909 return jv.entryNames(this, cs);
910 }
911
912 /*
913 * JAR file has no signed content. Is there a non-signing
914 * code source?
915 */
916 boolean includeUnsigned = false;
917 for (CodeSource c : cs) {
918 if (c.getCodeSigners() == null) {
919 includeUnsigned = true;
920 break;
921 }
922 }
923 if (includeUnsigned) {
924 return unsignedEntryNames();
925 } else {
926 return new Enumeration<>() {
927
928 public boolean hasMoreElements() {
929 return false;
930 }
931
932 public String nextElement() {
933 throw new NoSuchElementException();
934 }
935 };
936 }
937 }
938
939 /**
940 * Returns an enumeration of the zip file entries
941 * excluding internal JAR mechanism entries and including
942 * signed entries missing from the ZIP directory.
943 */
944 Enumeration<JarEntry> entries2() {
945 ensureInitialization();
946 if (jv != null) {
947 return jv.entries2(this, super.entries());
948 }
949
950 // screen out entries which are never signed
951 final Enumeration<? extends ZipEntry> enum_ = super.entries();
952 return new Enumeration<>() {
953
954 ZipEntry entry;
955
956 public boolean hasMoreElements() {
957 if (entry != null) {
958 return true;
959 }
960 while (enum_.hasMoreElements()) {
961 ZipEntry ze = enum_.nextElement();
962 if (JarVerifier.isSigningRelated(ze.getName())) {
963 continue;
964 }
965 entry = ze;
966 return true;
967 }
968 return false;
969 }
970
971 public JarFileEntry nextElement() {
972 if (hasMoreElements()) {
973 ZipEntry ze = entry;
974 entry = null;
975 return new JarFileEntry(ze);
976 }
977 throw new NoSuchElementException();
978 }
979 };
980 }
981
982 CodeSource[] getCodeSources(URL url) {
983 ensureInitialization();
984 if (jv != null) {
985 return jv.getCodeSources(this, url);
986 }
987
988 /*
989 * JAR file has no signed content. Is there a non-signing
990 * code source?
991 */
992 Enumeration<String> unsigned = unsignedEntryNames();
993 if (unsigned.hasMoreElements()) {
994 return new CodeSource[]{JarVerifier.getUnsignedCS(url)};
995 } else {
996 return null;
997 }
998 }
999
1000 private Enumeration<String> unsignedEntryNames() {
1001 final Enumeration<JarEntry> entries = entries();
1002 return new Enumeration<>() {
1003
1004 String name;
1005
1006 /*
1007 * Grab entries from ZIP directory but screen out
1008 * metadata.
1009 */
1010 public boolean hasMoreElements() {
1011 if (name != null) {
1012 return true;
1013 }
1014 while (entries.hasMoreElements()) {
1015 String value;
1016 ZipEntry e = entries.nextElement();
1017 value = e.getName();
1018 if (e.isDirectory() || JarVerifier.isSigningRelated(value)) {
1019 continue;
1020 }
1021 name = value;
1022 return true;
1023 }
1024 return false;
1025 }
1026
1027 public String nextElement() {
1028 if (hasMoreElements()) {
1029 String value = name;
1030 name = null;
1031 return value;
1032 }
1033 throw new NoSuchElementException();
1034 }
1035 };
1036 }
1037
1038 CodeSource getCodeSource(URL url, String name) {
1039 ensureInitialization();
1040 if (jv != null) {
1041 if (jv.eagerValidation) {
1042 CodeSource cs = null;
1043 JarEntry je = getJarEntry(name);
1044 if (je != null) {
1045 cs = jv.getCodeSource(url, this, je);
1046 } else {
1047 cs = jv.getCodeSource(url, name);
1048 }
1049 return cs;
1050 } else {
1051 return jv.getCodeSource(url, name);
1052 }
1053 }
1054
1055 return JarVerifier.getUnsignedCS(url);
1056 }
1057
1058 void setEagerValidation(boolean eager) {
1059 try {
1060 maybeInstantiateVerifier();
1061 } catch (IOException e) {
1062 throw new RuntimeException(e);
1063 }
1064 if (jv != null) {
1065 jv.setEagerValidation(eager);
1066 }
1067 }
1068
1069 List<Object> getManifestDigests() {
1070 ensureInitialization();
1071 if (jv != null) {
1072 return jv.getManifestDigests();
1073 }
1074 return new ArrayList<>();
1075 }
1076 }