1 /* 2 * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.util.jar; 27 28 import java.io.*; 29 import java.lang.ref.SoftReference; 30 import java.net.URL; 31 import java.util.*; 32 import java.util.stream.Stream; 33 import java.util.stream.StreamSupport; 34 import java.util.zip.*; 35 import java.security.CodeSigner; 36 import java.security.cert.Certificate; 37 import java.security.CodeSource; 38 import jdk.internal.misc.SharedSecrets; 39 import jdk.internal.util.jar.JarAttributes; 40 import sun.security.action.GetPropertyAction; 41 import sun.security.util.ManifestEntryVerifier; 42 import sun.security.util.SignatureFileVerifier; 43 44 /** 45 * The {@code JarFile} class is used to read the contents of a jar file 46 * from any file that can be opened with {@code java.io.RandomAccessFile}. 47 * It extends the class {@code java.util.zip.ZipFile} with support 48 * for reading an optional {@code Manifest} entry, and support for 49 * processing multi-release jar files. The {@code Manifest} can be used 50 * to specify meta-information about the jar file and its entries. 51 * 52 * <p><a name="multirelease">A multi-release jar file</a> is a jar file that 53 * contains a manifest with a main attribute named "Multi-Release", 54 * a set of "base" entries, some of which are public classes with public 55 * or protected methods that comprise the public interface of the jar file, 56 * and a set of "versioned" entries contained in subdirectories of the 57 * "META-INF/versions" directory. The versioned entries are partitioned by the 58 * major version of the Java platform. A versioned entry, with a version 59 * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides 60 * the base entry as well as any entry with a version number {@code i} where 61 * {@code 8 < i < n}. 62 * 63 * <p>By default, a {@code JarFile} for a multi-release jar file is configured 64 * to process the multi-release jar file as if it were a plain (unversioned) jar 65 * file, and as such an entry name is associated with at most one base entry. 66 * The {@code JarFile} may be configured to process a multi-release jar file by 67 * creating the {@code JarFile} with the 68 * {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} constructor. The 69 * {@code Runtime.Version} object sets a maximum version used when searching for 70 * versioned entries. When so configured, an entry name 71 * can correspond with at most one base entry and zero or more versioned 72 * entries. A search is required to associate the entry name with the latest 73 * versioned entry whose version is less than or equal to the maximum version 74 * (see {@link #getEntry(String)}). 75 * 76 * <p>Class loaders that utilize {@code JarFile} to load classes from the 77 * contents of {@code JarFile} entries should construct the {@code JarFile} 78 * by invoking the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} 79 * constructor with the value {@code Runtime.version()} assigned to the last 80 * argument. This assures that classes compatible with the major 81 * version of the running JVM are loaded from multi-release jar files. 82 * 83 * <p>If the verify flag is on when opening a signed jar file, the content of 84 * the file is verified against its signature embedded inside the file. Please 85 * note that the verification process does not include validating the signer's 86 * certificate. A caller should inspect the return value of 87 * {@link JarEntry#getCodeSigners()} to further determine if the signature 88 * can be trusted. 89 * 90 * <p> Unless otherwise noted, passing a {@code null} argument to a constructor 91 * or method in this class will cause a {@link NullPointerException} to be 92 * thrown. 93 * 94 * @implNote 95 * <div class="block"> 96 * If the API can not be used to configure a {@code JarFile} (e.g. to override 97 * the configuration of a compiled application or library), two {@code System} 98 * properties are available. 99 * <ul> 100 * <li> 101 * {@code jdk.util.jar.version} can be assigned a value that is the 102 * {@code String} representation of a non-negative integer 103 * {@code <= Runtime.version().major()}. The value is used to set the effective 104 * runtime version to something other than the default value obtained by 105 * evaluating {@code Runtime.version().major()}. The effective runtime version 106 * is the version that the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} 107 * constructor uses when the value of the last argument is 108 * {@code JarFile.runtimeVersion()}. 109 * </li> 110 * <li> 111 * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three 112 * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>. The 113 * value <em>true</em>, the default value, enables multi-release jar file 114 * processing. The value <em>false</em> disables multi-release jar processing, 115 * ignoring the "Multi-Release" manifest attribute, and the versioned 116 * directories in a multi-release jar file if they exist. Furthermore, 117 * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value 118 * <em>force</em> causes the {@code JarFile} to be initialized to runtime 119 * versioning after construction. It effectively does the same as this code: 120 * {@code (new JarFile(File, boolean, int, JarFile.runtimeVersion())}. 121 * </li> 122 * </ul> 123 * </div> 124 * 125 * @author David Connelly 126 * @see Manifest 127 * @see java.util.zip.ZipFile 128 * @see java.util.jar.JarEntry 129 * @since 1.2 130 */ 131 public 132 class JarFile extends ZipFile { 133 private final static Runtime.Version BASE_VERSION; 134 private final static int BASE_VERSION_MAJOR; 135 private final static Runtime.Version RUNTIME_VERSION; 136 private final static boolean MULTI_RELEASE_ENABLED; 137 private final static boolean MULTI_RELEASE_FORCED; 138 private SoftReference<Manifest> manRef; 139 private JarEntry manEntry; 140 private JarVerifier jv; 141 private boolean jvInitialized; 142 private boolean verify; 143 private final Runtime.Version version; // current version 144 private final int versionMajor; // version.major() 145 private boolean isMultiRelease; // is jar multi-release? 146 147 // indicates if Class-Path attribute present 148 private boolean hasClassPathAttribute; 149 // true if manifest checked for special attributes 150 private volatile boolean hasCheckedSpecialAttributes; 151 152 static { 153 // Set up JavaUtilJarAccess in SharedSecrets 154 SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl()); 155 // multi-release jar file versions >= 9 156 BASE_VERSION = Runtime.Version.parse(Integer.toString(8)); 157 BASE_VERSION_MAJOR = BASE_VERSION.major(); 158 String jarVersion = GetPropertyAction.privilegedGetProperty("jdk.util.jar.version"); 159 int runtimeVersion = Runtime.version().major(); 160 if (jarVersion != null) { 161 int jarVer = Integer.parseInt(jarVersion); 162 runtimeVersion = (jarVer > runtimeVersion) 163 ? runtimeVersion 164 : Math.max(jarVer, BASE_VERSION_MAJOR); 165 } 166 RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion)); 167 String enableMultiRelease = GetPropertyAction 168 .privilegedGetProperty("jdk.util.jar.enableMultiRelease", "true"); 169 switch (enableMultiRelease) { 170 case "true": 171 default: 172 MULTI_RELEASE_ENABLED = true; 173 MULTI_RELEASE_FORCED = false; 174 break; 175 case "false": 176 MULTI_RELEASE_ENABLED = false; 177 MULTI_RELEASE_FORCED = false; 178 break; 179 case "force": 180 MULTI_RELEASE_ENABLED = true; 181 MULTI_RELEASE_FORCED = true; 182 break; 183 } 184 } 185 186 private static final String META_INF = "META-INF/"; 187 188 private static final String META_INF_VERSIONS = META_INF + "versions/"; 189 190 /** 191 * The JAR manifest file name. 192 */ 193 public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF"; 194 195 /** 196 * Returns the version that represents the unversioned configuration of a 197 * multi-release jar file. 198 * 199 * @return the version that represents the unversioned configuration 200 * 201 * @since 9 202 */ 203 public static Runtime.Version baseVersion() { 204 return BASE_VERSION; 205 } 206 207 /** 208 * Returns the version that represents the effective runtime versioned 209 * configuration of a multi-release jar file. 210 * <p> 211 * By default the major version number of the returned {@code Version} will 212 * be equal to the major version number of {@code Runtime.version()}. 213 * However, if the {@code jdk.util.jar.version} property is set, the 214 * returned {@code Version} is derived from that property and major version 215 * numbers may not be equal. 216 * 217 * @return the version that represents the runtime versioned configuration 218 * 219 * @since 9 220 */ 221 public static Runtime.Version runtimeVersion() { 222 return RUNTIME_VERSION; 223 } 224 225 /** 226 * Creates a new {@code JarFile} to read from the specified 227 * file {@code name}. The {@code JarFile} will be verified if 228 * it is signed. 229 * @param name the name of the jar file to be opened for reading 230 * @throws IOException if an I/O error has occurred 231 * @throws SecurityException if access to the file is denied 232 * by the SecurityManager 233 */ 234 public JarFile(String name) throws IOException { 235 this(new File(name), true, ZipFile.OPEN_READ); 236 } 237 238 /** 239 * Creates a new {@code JarFile} to read from the specified 240 * file {@code name}. 241 * @param name the name of the jar file to be opened for reading 242 * @param verify whether or not to verify the jar file if 243 * it is signed. 244 * @throws IOException if an I/O error has occurred 245 * @throws SecurityException if access to the file is denied 246 * by the SecurityManager 247 */ 248 public JarFile(String name, boolean verify) throws IOException { 249 this(new File(name), verify, ZipFile.OPEN_READ); 250 } 251 252 /** 253 * Creates a new {@code JarFile} to read from the specified 254 * {@code File} object. The {@code JarFile} will be verified if 255 * it is signed. 256 * @param file the jar file to be opened for reading 257 * @throws IOException if an I/O error has occurred 258 * @throws SecurityException if access to the file is denied 259 * by the SecurityManager 260 */ 261 public JarFile(File file) throws IOException { 262 this(file, true, ZipFile.OPEN_READ); 263 } 264 265 /** 266 * Creates a new {@code JarFile} to read from the specified 267 * {@code File} object. 268 * @param file the jar file to be opened for reading 269 * @param verify whether or not to verify the jar file if 270 * it is signed. 271 * @throws IOException if an I/O error has occurred 272 * @throws SecurityException if access to the file is denied 273 * by the SecurityManager. 274 */ 275 public JarFile(File file, boolean verify) throws IOException { 276 this(file, verify, ZipFile.OPEN_READ); 277 } 278 279 /** 280 * Creates a new {@code JarFile} to read from the specified 281 * {@code File} object in the specified mode. The mode argument 282 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}. 283 * 284 * @param file the jar file to be opened for reading 285 * @param verify whether or not to verify the jar file if 286 * it is signed. 287 * @param mode the mode in which the file is to be opened 288 * @throws IOException if an I/O error has occurred 289 * @throws IllegalArgumentException 290 * if the {@code mode} argument is invalid 291 * @throws SecurityException if access to the file is denied 292 * by the SecurityManager 293 * @since 1.3 294 */ 295 public JarFile(File file, boolean verify, int mode) throws IOException { 296 this(file, verify, mode, BASE_VERSION); 297 } 298 299 /** 300 * Creates a new {@code JarFile} to read from the specified 301 * {@code File} object in the specified mode. The mode argument 302 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}. 303 * The version argument, after being converted to a canonical form, is 304 * used to configure the {@code JarFile} for processing 305 * multi-release jar files. 306 * <p> 307 * The canonical form derived from the version parameter is 308 * {@code Runtime.Version.parse(Integer.toString(n))} where {@code n} is 309 * {@code Math.max(version.major(), JarFile.baseVersion().major())}. 310 * 311 * @param file the jar file to be opened for reading 312 * @param verify whether or not to verify the jar file if 313 * it is signed. 314 * @param mode the mode in which the file is to be opened 315 * @param version specifies the release version for a multi-release jar file 316 * @throws IOException if an I/O error has occurred 317 * @throws IllegalArgumentException 318 * if the {@code mode} argument is invalid 319 * @throws SecurityException if access to the file is denied 320 * by the SecurityManager 321 * @throws NullPointerException if {@code version} is {@code null} 322 * @since 9 323 */ 324 public JarFile(File file, boolean verify, int mode, Runtime.Version version) throws IOException { 325 super(file, mode); 326 this.verify = verify; 327 Objects.requireNonNull(version); 328 if (MULTI_RELEASE_FORCED || version.major() == RUNTIME_VERSION.major()) { 329 // This deals with the common case where the value from JarFile.runtimeVersion() is passed 330 this.version = RUNTIME_VERSION; 331 } else if (version.major() <= BASE_VERSION_MAJOR) { 332 // This also deals with the common case where the value from JarFile.baseVersion() is passed 333 this.version = BASE_VERSION; 334 } else { 335 // Canonicalize 336 this.version = Runtime.Version.parse(Integer.toString(version.major())); 337 } 338 this.versionMajor = this.version.major(); 339 } 340 341 /** 342 * Returns the maximum version used when searching for versioned entries. 343 * <p> 344 * If this {@code JarFile} is not a multi-release jar file or is not 345 * configured to be processed as such, then the version returned will be the 346 * same as that returned from {@link #baseVersion()}. 347 * 348 * @return the maximum version 349 * @since 9 350 */ 351 public final Runtime.Version getVersion() { 352 return isMultiRelease() ? this.version : BASE_VERSION; 353 } 354 355 /** 356 * Indicates whether or not this jar file is a multi-release jar file. 357 * 358 * @return true if this JarFile is a multi-release jar file 359 * @since 9 360 */ 361 public final boolean isMultiRelease() { 362 if (isMultiRelease) { 363 return true; 364 } 365 if (MULTI_RELEASE_ENABLED) { 366 try { 367 checkForSpecialAttributes(); 368 } catch (IOException io) { 369 isMultiRelease = false; 370 } 371 } 372 return isMultiRelease; 373 } 374 375 /** 376 * Returns the jar file manifest, or {@code null} if none. 377 * 378 * @return the jar file manifest, or {@code null} if none 379 * 380 * @throws IllegalStateException 381 * may be thrown if the jar file has been closed 382 * @throws IOException if an I/O error has occurred 383 */ 384 public Manifest getManifest() throws IOException { 385 return getManifestFromReference(); 386 } 387 388 private Manifest getManifestFromReference() throws IOException { 389 Manifest man = manRef != null ? manRef.get() : null; 390 391 if (man == null) { 392 393 JarEntry manEntry = getManEntry(); 394 395 // If found then load the manifest 396 if (manEntry != null) { 397 if (verify) { 398 byte[] b = getBytes(manEntry); 399 man = new Manifest(new ByteArrayInputStream(b)); 400 if (!jvInitialized) { 401 jv = new JarVerifier(b); 402 } 403 } else { 404 man = new Manifest(super.getInputStream(manEntry)); 405 } 406 manRef = new SoftReference<>(man); 407 } 408 } 409 return man; 410 } 411 412 private String[] getMetaInfEntryNames() { 413 return jdk.internal.misc.SharedSecrets.getJavaUtilZipFileAccess() 414 .getMetaInfEntryNames((ZipFile)this); 415 } 416 417 /** 418 * Returns the {@code JarEntry} for the given base entry name or 419 * {@code null} if not found. 420 * 421 * <p>If this {@code JarFile} is a multi-release jar file and is configured 422 * to be processed as such, then a search is performed to find and return 423 * a {@code JarEntry} that is the latest versioned entry associated with the 424 * given entry name. The returned {@code JarEntry} is the versioned entry 425 * corresponding to the given base entry name prefixed with the string 426 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for 427 * which an entry exists. If such a versioned entry does not exist, then 428 * the {@code JarEntry} for the base entry is returned, otherwise 429 * {@code null} is returned if no entries are found. The initial value for 430 * the version {@code n} is the maximum version as returned by the method 431 * {@link JarFile#getVersion()}. 432 * 433 * @param name the jar file entry name 434 * @return the {@code JarEntry} for the given entry name, or 435 * the versioned entry name, or {@code null} if not found 436 * 437 * @throws IllegalStateException 438 * may be thrown if the jar file has been closed 439 * 440 * @see java.util.jar.JarEntry 441 * 442 * @implSpec 443 * <div class="block"> 444 * This implementation invokes {@link JarFile#getEntry(String)}. 445 * </div> 446 */ 447 public JarEntry getJarEntry(String name) { 448 return (JarEntry)getEntry(name); 449 } 450 451 /** 452 * Returns the {@code ZipEntry} for the given base entry name or 453 * {@code null} if not found. 454 * 455 * <p>If this {@code JarFile} is a multi-release jar file and is configured 456 * to be processed as such, then a search is performed to find and return 457 * a {@code ZipEntry} that is the latest versioned entry associated with the 458 * given entry name. The returned {@code ZipEntry} is the versioned entry 459 * corresponding to the given base entry name prefixed with the string 460 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for 461 * which an entry exists. If such a versioned entry does not exist, then 462 * the {@code ZipEntry} for the base entry is returned, otherwise 463 * {@code null} is returned if no entries are found. The initial value for 464 * the version {@code n} is the maximum version as returned by the method 465 * {@link JarFile#getVersion()}. 466 * 467 * @param name the jar file entry name 468 * @return the {@code ZipEntry} for the given entry name or 469 * the versioned entry name or {@code null} if not found 470 * 471 * @throws IllegalStateException 472 * may be thrown if the jar file has been closed 473 * 474 * @see java.util.zip.ZipEntry 475 * 476 * @implSpec 477 * <div class="block"> 478 * This implementation may return a versioned entry for the requested name 479 * even if there is not a corresponding base entry. This can occur 480 * if there is a private or package-private versioned entry that matches. 481 * If a subclass overrides this method, assure that the override method 482 * invokes {@code super.getEntry(name)} to obtain all versioned entries. 483 * </div> 484 */ 485 public ZipEntry getEntry(String name) { 486 ZipEntry ze = super.getEntry(name); 487 if (ze != null) { 488 return new JarFileEntry(ze); 489 } 490 // no matching base entry, but maybe there is a versioned entry, 491 // like a new private class 492 if (isMultiRelease()) { 493 ze = new ZipEntry(name); 494 ZipEntry vze = getVersionedEntry(ze); 495 if (ze != vze) { 496 return new JarFileEntry(name, vze); 497 } 498 } 499 return null; 500 } 501 502 private class JarEntryIterator implements Enumeration<JarEntry>, 503 Iterator<JarEntry> 504 { 505 final Enumeration<? extends ZipEntry> e = JarFile.super.entries(); 506 507 public boolean hasNext() { 508 return e.hasMoreElements(); 509 } 510 511 public JarEntry next() { 512 ZipEntry ze = e.nextElement(); 513 return new JarFileEntry(ze.getName(), ze); 514 } 515 516 public boolean hasMoreElements() { 517 return hasNext(); 518 } 519 520 public JarEntry nextElement() { 521 return next(); 522 } 523 524 public Iterator<JarEntry> asIterator() { 525 return this; 526 } 527 } 528 529 /** 530 * Returns an enumeration of the jar file entries. 531 * 532 * @return an enumeration of the jar file entries 533 * @throws IllegalStateException 534 * may be thrown if the jar file has been closed 535 */ 536 public Enumeration<JarEntry> entries() { 537 return new JarEntryIterator(); 538 } 539 540 /** 541 * Returns an ordered {@code Stream} over the jar file entries. 542 * Entries appear in the {@code Stream} in the order they appear in 543 * the central directory of the jar file. 544 * 545 * @return an ordered {@code Stream} of entries in this jar file 546 * @throws IllegalStateException if the jar file has been closed 547 * @since 1.8 548 */ 549 public Stream<JarEntry> stream() { 550 return StreamSupport.stream(Spliterators.spliterator( 551 new JarEntryIterator(), size(), 552 Spliterator.ORDERED | Spliterator.DISTINCT | 553 Spliterator.IMMUTABLE | Spliterator.NONNULL), false); 554 } 555 556 private ZipEntry searchForVersionedEntry(final int version, String name) { 557 ZipEntry vze = null; 558 String sname = "/" + name; 559 int i = version; 560 while (i > BASE_VERSION_MAJOR) { 561 vze = super.getEntry(META_INF_VERSIONS + i + sname); 562 if (vze != null) break; 563 i--; 564 } 565 return vze; 566 } 567 568 private ZipEntry getVersionedEntry(ZipEntry ze) { 569 ZipEntry vze = null; 570 if (BASE_VERSION_MAJOR < versionMajor) { 571 String name = ze.getName(); 572 if (!name.startsWith(META_INF)) { 573 vze = searchForVersionedEntry(versionMajor, name); 574 } 575 } 576 return vze == null ? ze : vze; 577 } 578 579 /** 580 * Returns the real name of a {@code JarEntry}. If this {@code JarFile} is 581 * a multi-release jar file and is configured to be processed as such, the 582 * name returned by this method is the path name of the versioned entry 583 * that the {@code JarEntry} represents, rather than the path name of the 584 * base entry that {@link JarEntry#getName()} returns. If the 585 * {@code JarEntry} does not represent a versioned entry, or the 586 * jar file is not a multi-release jar file or {@code JarFile} is not 587 * configured for processing a multi-release jar file, this method returns 588 * the same name that {@link JarEntry#getName()} returns. 589 * 590 * @param entry the JarEntry 591 * @return the real name of the JarEntry 592 * @since 9 593 */ 594 String getRealName(JarEntry entry) { 595 if (entry instanceof JarFileEntry) { 596 return ((JarFileEntry)entry).realName(); 597 } 598 return entry.getName(); 599 } 600 601 private class JarFileEntry extends JarEntry { 602 final private String name; 603 604 JarFileEntry(ZipEntry ze) { 605 super(isMultiRelease() ? getVersionedEntry(ze) : ze); 606 this.name = ze.getName(); 607 } 608 JarFileEntry(String name, ZipEntry vze) { 609 super(vze); 610 this.name = name; 611 } 612 public Attributes getAttributes() throws IOException { 613 Manifest man = JarFile.this.getManifest(); 614 if (man != null) { 615 return man.getAttributes(super.getName()); 616 } else { 617 return null; 618 } 619 } 620 public Certificate[] getCertificates() { 621 try { 622 maybeInstantiateVerifier(); 623 } catch (IOException e) { 624 throw new RuntimeException(e); 625 } 626 if (certs == null && jv != null) { 627 certs = jv.getCerts(JarFile.this, realEntry()); 628 } 629 return certs == null ? null : certs.clone(); 630 } 631 public CodeSigner[] getCodeSigners() { 632 try { 633 maybeInstantiateVerifier(); 634 } catch (IOException e) { 635 throw new RuntimeException(e); 636 } 637 if (signers == null && jv != null) { 638 signers = jv.getCodeSigners(JarFile.this, realEntry()); 639 } 640 return signers == null ? null : signers.clone(); 641 } 642 JarFileEntry realEntry() { 643 if (isMultiRelease() && versionMajor != BASE_VERSION_MAJOR) { 644 String entryName = super.getName(); 645 return entryName.equals(this.name) ? this : new JarFileEntry(entryName, this); 646 } 647 return this; 648 } 649 String realName() { 650 return super.getName(); 651 } 652 653 @Override 654 public String getName() { 655 return name; 656 } 657 } 658 659 /* 660 * Ensures that the JarVerifier has been created if one is 661 * necessary (i.e., the jar appears to be signed.) This is done as 662 * a quick check to avoid processing of the manifest for unsigned 663 * jars. 664 */ 665 private void maybeInstantiateVerifier() throws IOException { 666 if (jv != null) { 667 return; 668 } 669 670 if (verify) { 671 String[] names = getMetaInfEntryNames(); 672 if (names != null) { 673 for (String nameLower : names) { 674 String name = nameLower.toUpperCase(Locale.ENGLISH); 675 if (name.endsWith(".DSA") || 676 name.endsWith(".RSA") || 677 name.endsWith(".EC") || 678 name.endsWith(".SF")) { 679 // Assume since we found a signature-related file 680 // that the jar is signed and that we therefore 681 // need a JarVerifier and Manifest 682 getManifest(); 683 return; 684 } 685 } 686 } 687 // No signature-related files; don't instantiate a 688 // verifier 689 verify = false; 690 } 691 } 692 693 694 /* 695 * Initializes the verifier object by reading all the manifest 696 * entries and passing them to the verifier. 697 */ 698 private void initializeVerifier() { 699 ManifestEntryVerifier mev = null; 700 701 // Verify "META-INF/" entries... 702 try { 703 String[] names = getMetaInfEntryNames(); 704 if (names != null) { 705 for (String name : names) { 706 String uname = name.toUpperCase(Locale.ENGLISH); 707 if (MANIFEST_NAME.equals(uname) 708 || SignatureFileVerifier.isBlockOrSF(uname)) { 709 JarEntry e = getJarEntry(name); 710 if (e == null) { 711 throw new JarException("corrupted jar file"); 712 } 713 if (mev == null) { 714 mev = new ManifestEntryVerifier 715 (getManifestFromReference()); 716 } 717 byte[] b = getBytes(e); 718 if (b != null && b.length > 0) { 719 jv.beginEntry(e, mev); 720 jv.update(b.length, b, 0, b.length, mev); 721 jv.update(-1, null, 0, 0, mev); 722 } 723 } 724 } 725 } 726 } catch (IOException ex) { 727 // if we had an error parsing any blocks, just 728 // treat the jar file as being unsigned 729 jv = null; 730 verify = false; 731 if (JarVerifier.debug != null) { 732 JarVerifier.debug.println("jarfile parsing error!"); 733 ex.printStackTrace(); 734 } 735 } 736 737 // if after initializing the verifier we have nothing 738 // signed, we null it out. 739 740 if (jv != null) { 741 742 jv.doneWithMeta(); 743 if (JarVerifier.debug != null) { 744 JarVerifier.debug.println("done with meta!"); 745 } 746 747 if (jv.nothingToVerify()) { 748 if (JarVerifier.debug != null) { 749 JarVerifier.debug.println("nothing to verify!"); 750 } 751 jv = null; 752 verify = false; 753 } 754 } 755 } 756 757 /* 758 * Reads all the bytes for a given entry. Used to process the 759 * META-INF files. 760 */ 761 private byte[] getBytes(ZipEntry ze) throws IOException { 762 try (InputStream is = super.getInputStream(ze)) { 763 int len = (int)ze.getSize(); 764 int bytesRead; 765 byte[] b; 766 // trust specified entry sizes when reasonably small 767 if (len != -1 && len <= 65535) { 768 b = new byte[len]; 769 bytesRead = is.readNBytes(b, 0, len); 770 } else { 771 b = is.readAllBytes(); 772 bytesRead = b.length; 773 } 774 if (len != -1 && len != bytesRead) { 775 throw new EOFException("Expected:" + len + ", read:" + bytesRead); 776 } 777 return b; 778 } 779 } 780 781 /** 782 * Returns an input stream for reading the contents of the specified 783 * zip file entry. 784 * @param ze the zip file entry 785 * @return an input stream for reading the contents of the specified 786 * zip file entry 787 * @throws ZipException if a zip file format error has occurred 788 * @throws IOException if an I/O error has occurred 789 * @throws SecurityException if any of the jar file entries 790 * are incorrectly signed. 791 * @throws IllegalStateException 792 * may be thrown if the jar file has been closed 793 */ 794 public synchronized InputStream getInputStream(ZipEntry ze) 795 throws IOException 796 { 797 maybeInstantiateVerifier(); 798 if (jv == null) { 799 return super.getInputStream(ze); 800 } 801 if (!jvInitialized) { 802 initializeVerifier(); 803 jvInitialized = true; 804 // could be set to null after a call to 805 // initializeVerifier if we have nothing to 806 // verify 807 if (jv == null) 808 return super.getInputStream(ze); 809 } 810 811 // wrap a verifier stream around the real stream 812 return new JarVerifier.VerifierStream( 813 getManifestFromReference(), 814 verifiableEntry(ze), 815 super.getInputStream(ze), 816 jv); 817 } 818 819 private JarEntry verifiableEntry(ZipEntry ze) { 820 if (ze instanceof JarFileEntry) { 821 // assure the name and entry match for verification 822 return ((JarFileEntry)ze).realEntry(); 823 } 824 ze = getJarEntry(ze.getName()); 825 if (ze instanceof JarFileEntry) { 826 return ((JarFileEntry)ze).realEntry(); 827 } 828 return (JarEntry)ze; 829 } 830 831 private JarEntry getManEntry() { 832 if (manEntry == null) { 833 // First look up manifest entry using standard name 834 ZipEntry manEntry = super.getEntry(MANIFEST_NAME); 835 if (manEntry == null) { 836 // If not found, then iterate through all the "META-INF/" 837 // entries to find a match. 838 String[] names = getMetaInfEntryNames(); 839 if (names != null) { 840 for (String name : names) { 841 if (MANIFEST_NAME.equals(name.toUpperCase(Locale.ENGLISH))) { 842 manEntry = super.getEntry(name); 843 break; 844 } 845 } 846 } 847 } 848 this.manEntry = (manEntry == null) 849 ? null 850 : new JarFileEntry(manEntry.getName(), manEntry); 851 } 852 return manEntry; 853 } 854 855 /** 856 * Returns {@code true} iff this JAR file has a manifest with the 857 * Class-Path attribute 858 */ 859 boolean hasClassPathAttribute() throws IOException { 860 checkForSpecialAttributes(); 861 return hasClassPathAttribute; 862 } 863 864 865 /** 866 * On first invocation, check if the JAR file has the Class-Path 867 * and the Multi-Release attribute. A no-op on subsequent calls. 868 */ 869 private void checkForSpecialAttributes() throws IOException { 870 if (hasCheckedSpecialAttributes) { 871 return; 872 } 873 synchronized (this) { 874 if (hasCheckedSpecialAttributes) { 875 return; 876 } 877 JarEntry manEntry = getManEntry(); 878 if (manEntry != null) { 879 byte[] b = getBytes(manEntry); 880 hasClassPathAttribute = JarAttributes.hasClassPathAttribute(b); 881 // is this a multi-release jar file 882 if (MULTI_RELEASE_ENABLED) { 883 isMultiRelease = JarAttributes.isMultiRelease(b); 884 } 885 } 886 hasCheckedSpecialAttributes = true; 887 } 888 } 889 890 private synchronized void ensureInitialization() { 891 try { 892 maybeInstantiateVerifier(); 893 } catch (IOException e) { 894 throw new RuntimeException(e); 895 } 896 if (jv != null && !jvInitialized) { 897 initializeVerifier(); 898 jvInitialized = true; 899 } 900 } 901 902 JarEntry newEntry(ZipEntry ze) { 903 return new JarFileEntry(ze); 904 } 905 906 Enumeration<String> entryNames(CodeSource[] cs) { 907 ensureInitialization(); 908 if (jv != null) { 909 return jv.entryNames(this, cs); 910 } 911 912 /* 913 * JAR file has no signed content. Is there a non-signing 914 * code source? 915 */ 916 boolean includeUnsigned = false; 917 for (CodeSource c : cs) { 918 if (c.getCodeSigners() == null) { 919 includeUnsigned = true; 920 break; 921 } 922 } 923 if (includeUnsigned) { 924 return unsignedEntryNames(); 925 } else { 926 return new Enumeration<>() { 927 928 public boolean hasMoreElements() { 929 return false; 930 } 931 932 public String nextElement() { 933 throw new NoSuchElementException(); 934 } 935 }; 936 } 937 } 938 939 /** 940 * Returns an enumeration of the zip file entries 941 * excluding internal JAR mechanism entries and including 942 * signed entries missing from the ZIP directory. 943 */ 944 Enumeration<JarEntry> entries2() { 945 ensureInitialization(); 946 if (jv != null) { 947 return jv.entries2(this, super.entries()); 948 } 949 950 // screen out entries which are never signed 951 final Enumeration<? extends ZipEntry> enum_ = super.entries(); 952 return new Enumeration<>() { 953 954 ZipEntry entry; 955 956 public boolean hasMoreElements() { 957 if (entry != null) { 958 return true; 959 } 960 while (enum_.hasMoreElements()) { 961 ZipEntry ze = enum_.nextElement(); 962 if (JarVerifier.isSigningRelated(ze.getName())) { 963 continue; 964 } 965 entry = ze; 966 return true; 967 } 968 return false; 969 } 970 971 public JarFileEntry nextElement() { 972 if (hasMoreElements()) { 973 ZipEntry ze = entry; 974 entry = null; 975 return new JarFileEntry(ze); 976 } 977 throw new NoSuchElementException(); 978 } 979 }; 980 } 981 982 CodeSource[] getCodeSources(URL url) { 983 ensureInitialization(); 984 if (jv != null) { 985 return jv.getCodeSources(this, url); 986 } 987 988 /* 989 * JAR file has no signed content. Is there a non-signing 990 * code source? 991 */ 992 Enumeration<String> unsigned = unsignedEntryNames(); 993 if (unsigned.hasMoreElements()) { 994 return new CodeSource[]{JarVerifier.getUnsignedCS(url)}; 995 } else { 996 return null; 997 } 998 } 999 1000 private Enumeration<String> unsignedEntryNames() { 1001 final Enumeration<JarEntry> entries = entries(); 1002 return new Enumeration<>() { 1003 1004 String name; 1005 1006 /* 1007 * Grab entries from ZIP directory but screen out 1008 * metadata. 1009 */ 1010 public boolean hasMoreElements() { 1011 if (name != null) { 1012 return true; 1013 } 1014 while (entries.hasMoreElements()) { 1015 String value; 1016 ZipEntry e = entries.nextElement(); 1017 value = e.getName(); 1018 if (e.isDirectory() || JarVerifier.isSigningRelated(value)) { 1019 continue; 1020 } 1021 name = value; 1022 return true; 1023 } 1024 return false; 1025 } 1026 1027 public String nextElement() { 1028 if (hasMoreElements()) { 1029 String value = name; 1030 name = null; 1031 return value; 1032 } 1033 throw new NoSuchElementException(); 1034 } 1035 }; 1036 } 1037 1038 CodeSource getCodeSource(URL url, String name) { 1039 ensureInitialization(); 1040 if (jv != null) { 1041 if (jv.eagerValidation) { 1042 CodeSource cs = null; 1043 JarEntry je = getJarEntry(name); 1044 if (je != null) { 1045 cs = jv.getCodeSource(url, this, je); 1046 } else { 1047 cs = jv.getCodeSource(url, name); 1048 } 1049 return cs; 1050 } else { 1051 return jv.getCodeSource(url, name); 1052 } 1053 } 1054 1055 return JarVerifier.getUnsignedCS(url); 1056 } 1057 1058 void setEagerValidation(boolean eager) { 1059 try { 1060 maybeInstantiateVerifier(); 1061 } catch (IOException e) { 1062 throw new RuntimeException(e); 1063 } 1064 if (jv != null) { 1065 jv.setEagerValidation(eager); 1066 } 1067 } 1068 1069 List<Object> getManifestDigests() { 1070 ensureInitialization(); 1071 if (jv != null) { 1072 return jv.getManifestDigests(); 1073 } 1074 return new ArrayList<>(); 1075 } 1076 }