1 /*
2 * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.util.jar;
27
28 import jdk.internal.misc.SharedSecrets;
29 import sun.security.action.GetPropertyAction;
30 import sun.security.util.ManifestEntryVerifier;
31 import sun.security.util.SignatureFileVerifier;
32
33 import java.io.ByteArrayInputStream;
34 import java.io.EOFException;
35 import java.io.File;
36 import java.io.IOException;
37 import java.io.InputStream;
38 import java.lang.ref.SoftReference;
39 import java.net.URL;
40 import java.security.CodeSigner;
41 import java.security.CodeSource;
42 import java.security.cert.Certificate;
43 import java.util.ArrayList;
44 import java.util.Enumeration;
45 import java.util.Iterator;
46 import java.util.List;
47 import java.util.Locale;
48 import java.util.NoSuchElementException;
49 import java.util.Objects;
50 import java.util.Spliterator;
51 import java.util.Spliterators;
52 import java.util.stream.Stream;
53 import java.util.stream.StreamSupport;
54 import java.util.zip.ZipEntry;
55 import java.util.zip.ZipException;
56 import java.util.zip.ZipFile;
57
58 /**
59 * The {@code JarFile} class is used to read the contents of a jar file
60 * from any file that can be opened with {@code java.io.RandomAccessFile}.
61 * It extends the class {@code java.util.zip.ZipFile} with support
62 * for reading an optional {@code Manifest} entry, and support for
63 * processing multi-release jar files. The {@code Manifest} can be used
64 * to specify meta-information about the jar file and its entries.
65 *
66 * <p><a id="multirelease">A multi-release jar file</a> is a jar file that
67 * contains a manifest with a main attribute named "Multi-Release",
68 * a set of "base" entries, some of which are public classes with public
69 * or protected methods that comprise the public interface of the jar file,
70 * and a set of "versioned" entries contained in subdirectories of the
71 * "META-INF/versions" directory. The versioned entries are partitioned by the
72 * major version of the Java platform. A versioned entry, with a version
73 * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides
74 * the base entry as well as any entry with a version number {@code i} where
75 * {@code 8 < i < n}.
76 *
77 * <p>By default, a {@code JarFile} for a multi-release jar file is configured
78 * to process the multi-release jar file as if it were a plain (unversioned) jar
79 * file, and as such an entry name is associated with at most one base entry.
80 * The {@code JarFile} may be configured to process a multi-release jar file by
81 * creating the {@code JarFile} with the
82 * {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} constructor. The
83 * {@code Runtime.Version} object sets a maximum version used when searching for
84 * versioned entries. When so configured, an entry name
85 * can correspond with at most one base entry and zero or more versioned
86 * entries. A search is required to associate the entry name with the latest
87 * versioned entry whose version is less than or equal to the maximum version
88 * (see {@link #getEntry(String)}).
89 *
90 * <p>Class loaders that utilize {@code JarFile} to load classes from the
91 * contents of {@code JarFile} entries should construct the {@code JarFile}
92 * by invoking the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
93 * constructor with the value {@code Runtime.version()} assigned to the last
94 * argument. This assures that classes compatible with the major
95 * version of the running JVM are loaded from multi-release jar files.
96 *
97 * <p>If the verify flag is on when opening a signed jar file, the content of
98 * the file is verified against its signature embedded inside the file. Please
99 * note that the verification process does not include validating the signer's
100 * certificate. A caller should inspect the return value of
101 * {@link JarEntry#getCodeSigners()} to further determine if the signature
102 * can be trusted.
103 *
104 * <p> Unless otherwise noted, passing a {@code null} argument to a constructor
105 * or method in this class will cause a {@link NullPointerException} to be
106 * thrown.
107 *
108 * @implNote
109 * <div class="block">
110 * If the API can not be used to configure a {@code JarFile} (e.g. to override
111 * the configuration of a compiled application or library), two {@code System}
112 * properties are available.
113 * <ul>
114 * <li>
115 * {@code jdk.util.jar.version} can be assigned a value that is the
116 * {@code String} representation of a non-negative integer
117 * {@code <= Runtime.version().major()}. The value is used to set the effective
118 * runtime version to something other than the default value obtained by
119 * evaluating {@code Runtime.version().major()}. The effective runtime version
120 * is the version that the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
121 * constructor uses when the value of the last argument is
122 * {@code JarFile.runtimeVersion()}.
123 * </li>
124 * <li>
125 * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three
126 * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>. The
127 * value <em>true</em>, the default value, enables multi-release jar file
128 * processing. The value <em>false</em> disables multi-release jar processing,
129 * ignoring the "Multi-Release" manifest attribute, and the versioned
130 * directories in a multi-release jar file if they exist. Furthermore,
131 * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value
132 * <em>force</em> causes the {@code JarFile} to be initialized to runtime
133 * versioning after construction. It effectively does the same as this code:
134 * {@code (new JarFile(File, boolean, int, JarFile.runtimeVersion())}.
135 * </li>
136 * </ul>
137 * </div>
138 *
139 * @author David Connelly
140 * @see Manifest
141 * @see java.util.zip.ZipFile
142 * @see java.util.jar.JarEntry
143 * @since 1.2
144 */
145 public
146 class JarFile extends ZipFile {
147 private final static Runtime.Version BASE_VERSION;
148 private final static int BASE_VERSION_MAJOR;
149 private final static Runtime.Version RUNTIME_VERSION;
150 private final static boolean MULTI_RELEASE_ENABLED;
151 private final static boolean MULTI_RELEASE_FORCED;
152 private SoftReference<Manifest> manRef;
153 private JarEntry manEntry;
154 private JarVerifier jv;
155 private boolean jvInitialized;
156 private boolean verify;
157 private final Runtime.Version version; // current version
158 private final int versionMajor; // version.major()
159 private boolean isMultiRelease; // is jar multi-release?
160
161 // indicates if Class-Path attribute present
162 private boolean hasClassPathAttribute;
163 // true if manifest checked for special attributes
164 private volatile boolean hasCheckedSpecialAttributes;
165
166 static {
167 // Set up JavaUtilJarAccess in SharedSecrets
168 SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl());
169 // multi-release jar file versions >= 9
170 BASE_VERSION = Runtime.Version.parse(Integer.toString(8));
171 BASE_VERSION_MAJOR = BASE_VERSION.major();
172 String jarVersion = GetPropertyAction.privilegedGetProperty("jdk.util.jar.version");
173 int runtimeVersion = Runtime.version().major();
174 if (jarVersion != null) {
175 int jarVer = Integer.parseInt(jarVersion);
176 runtimeVersion = (jarVer > runtimeVersion)
177 ? runtimeVersion
178 : Math.max(jarVer, BASE_VERSION_MAJOR);
179 }
180 RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion));
181 String enableMultiRelease = GetPropertyAction
182 .privilegedGetProperty("jdk.util.jar.enableMultiRelease", "true");
183 switch (enableMultiRelease) {
184 case "true":
185 default:
186 MULTI_RELEASE_ENABLED = true;
187 MULTI_RELEASE_FORCED = false;
188 break;
189 case "false":
190 MULTI_RELEASE_ENABLED = false;
191 MULTI_RELEASE_FORCED = false;
192 break;
193 case "force":
194 MULTI_RELEASE_ENABLED = true;
195 MULTI_RELEASE_FORCED = true;
196 break;
197 }
198 }
199
200 private static final String META_INF = "META-INF/";
201
202 private static final String META_INF_VERSIONS = META_INF + "versions/";
203
204 /**
205 * The JAR manifest file name.
206 */
207 public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF";
208
209 /**
210 * Returns the version that represents the unversioned configuration of a
211 * multi-release jar file.
212 *
213 * @return the version that represents the unversioned configuration
214 *
215 * @since 9
216 */
217 public static Runtime.Version baseVersion() {
218 return BASE_VERSION;
219 }
220
221 /**
222 * Returns the version that represents the effective runtime versioned
223 * configuration of a multi-release jar file.
224 * <p>
225 * By default the major version number of the returned {@code Version} will
226 * be equal to the major version number of {@code Runtime.version()}.
227 * However, if the {@code jdk.util.jar.version} property is set, the
228 * returned {@code Version} is derived from that property and major version
229 * numbers may not be equal.
230 *
231 * @return the version that represents the runtime versioned configuration
232 *
233 * @since 9
234 */
235 public static Runtime.Version runtimeVersion() {
236 return RUNTIME_VERSION;
237 }
238
239 /**
240 * Creates a new {@code JarFile} to read from the specified
241 * file {@code name}. The {@code JarFile} will be verified if
242 * it is signed.
243 * @param name the name of the jar file to be opened for reading
244 * @throws IOException if an I/O error has occurred
245 * @throws SecurityException if access to the file is denied
246 * by the SecurityManager
247 */
248 public JarFile(String name) throws IOException {
249 this(new File(name), true, ZipFile.OPEN_READ);
250 }
251
252 /**
253 * Creates a new {@code JarFile} to read from the specified
254 * file {@code name}.
255 * @param name the name of the jar file to be opened for reading
256 * @param verify whether or not to verify the jar file if
257 * it is signed.
258 * @throws IOException if an I/O error has occurred
259 * @throws SecurityException if access to the file is denied
260 * by the SecurityManager
261 */
262 public JarFile(String name, boolean verify) throws IOException {
263 this(new File(name), verify, ZipFile.OPEN_READ);
264 }
265
266 /**
267 * Creates a new {@code JarFile} to read from the specified
268 * {@code File} object. The {@code JarFile} will be verified if
269 * it is signed.
270 * @param file the jar file to be opened for reading
271 * @throws IOException if an I/O error has occurred
272 * @throws SecurityException if access to the file is denied
273 * by the SecurityManager
274 */
275 public JarFile(File file) throws IOException {
276 this(file, true, ZipFile.OPEN_READ);
277 }
278
279 /**
280 * Creates a new {@code JarFile} to read from the specified
281 * {@code File} object.
282 * @param file the jar file to be opened for reading
283 * @param verify whether or not to verify the jar file if
284 * it is signed.
285 * @throws IOException if an I/O error has occurred
286 * @throws SecurityException if access to the file is denied
287 * by the SecurityManager.
288 */
289 public JarFile(File file, boolean verify) throws IOException {
290 this(file, verify, ZipFile.OPEN_READ);
291 }
292
293 /**
294 * Creates a new {@code JarFile} to read from the specified
295 * {@code File} object in the specified mode. The mode argument
296 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
297 *
298 * @param file the jar file to be opened for reading
299 * @param verify whether or not to verify the jar file if
300 * it is signed.
301 * @param mode the mode in which the file is to be opened
302 * @throws IOException if an I/O error has occurred
303 * @throws IllegalArgumentException
304 * if the {@code mode} argument is invalid
305 * @throws SecurityException if access to the file is denied
306 * by the SecurityManager
307 * @since 1.3
308 */
309 public JarFile(File file, boolean verify, int mode) throws IOException {
310 this(file, verify, mode, BASE_VERSION);
311 }
312
313 /**
314 * Creates a new {@code JarFile} to read from the specified
315 * {@code File} object in the specified mode. The mode argument
316 * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
317 * The version argument, after being converted to a canonical form, is
318 * used to configure the {@code JarFile} for processing
319 * multi-release jar files.
320 * <p>
321 * The canonical form derived from the version parameter is
322 * {@code Runtime.Version.parse(Integer.toString(n))} where {@code n} is
323 * {@code Math.max(version.major(), JarFile.baseVersion().major())}.
324 *
325 * @param file the jar file to be opened for reading
326 * @param verify whether or not to verify the jar file if
327 * it is signed.
328 * @param mode the mode in which the file is to be opened
329 * @param version specifies the release version for a multi-release jar file
330 * @throws IOException if an I/O error has occurred
331 * @throws IllegalArgumentException
332 * if the {@code mode} argument is invalid
333 * @throws SecurityException if access to the file is denied
334 * by the SecurityManager
335 * @throws NullPointerException if {@code version} is {@code null}
336 * @since 9
337 */
338 public JarFile(File file, boolean verify, int mode, Runtime.Version version) throws IOException {
339 super(file, mode);
340 this.verify = verify;
341 Objects.requireNonNull(version);
342 if (MULTI_RELEASE_FORCED || version.major() == RUNTIME_VERSION.major()) {
343 // This deals with the common case where the value from JarFile.runtimeVersion() is passed
344 this.version = RUNTIME_VERSION;
345 } else if (version.major() <= BASE_VERSION_MAJOR) {
346 // This also deals with the common case where the value from JarFile.baseVersion() is passed
347 this.version = BASE_VERSION;
348 } else {
349 // Canonicalize
350 this.version = Runtime.Version.parse(Integer.toString(version.major()));
351 }
352 this.versionMajor = this.version.major();
353 }
354
355 /**
356 * Returns the maximum version used when searching for versioned entries.
357 * <p>
358 * If this {@code JarFile} is not a multi-release jar file or is not
359 * configured to be processed as such, then the version returned will be the
360 * same as that returned from {@link #baseVersion()}.
361 *
362 * @return the maximum version
363 * @since 9
364 */
365 public final Runtime.Version getVersion() {
366 return isMultiRelease() ? this.version : BASE_VERSION;
367 }
368
369 /**
370 * Indicates whether or not this jar file is a multi-release jar file.
371 *
372 * @return true if this JarFile is a multi-release jar file
373 * @since 9
374 */
375 public final boolean isMultiRelease() {
376 if (isMultiRelease) {
377 return true;
378 }
379 if (MULTI_RELEASE_ENABLED) {
380 try {
381 checkForSpecialAttributes();
382 } catch (IOException io) {
383 isMultiRelease = false;
384 }
385 }
386 return isMultiRelease;
387 }
388
389 /**
390 * Returns the jar file manifest, or {@code null} if none.
391 *
392 * @return the jar file manifest, or {@code null} if none
393 *
394 * @throws IllegalStateException
395 * may be thrown if the jar file has been closed
396 * @throws IOException if an I/O error has occurred
397 */
398 public Manifest getManifest() throws IOException {
399 return getManifestFromReference();
400 }
401
402 private Manifest getManifestFromReference() throws IOException {
403 Manifest man = manRef != null ? manRef.get() : null;
404
405 if (man == null) {
406
407 JarEntry manEntry = getManEntry();
408
409 // If found then load the manifest
410 if (manEntry != null) {
411 if (verify) {
412 byte[] b = getBytes(manEntry);
413 man = new Manifest(new ByteArrayInputStream(b));
414 if (!jvInitialized) {
415 jv = new JarVerifier(b);
416 }
417 } else {
418 man = new Manifest(super.getInputStream(manEntry));
419 }
420 manRef = new SoftReference<>(man);
421 }
422 }
423 return man;
424 }
425
426 private String[] getMetaInfEntryNames() {
427 return jdk.internal.misc.SharedSecrets.getJavaUtilZipFileAccess()
428 .getMetaInfEntryNames((ZipFile)this);
429 }
430
431 /**
432 * Returns the {@code JarEntry} for the given base entry name or
433 * {@code null} if not found.
434 *
435 * <p>If this {@code JarFile} is a multi-release jar file and is configured
436 * to be processed as such, then a search is performed to find and return
437 * a {@code JarEntry} that is the latest versioned entry associated with the
438 * given entry name. The returned {@code JarEntry} is the versioned entry
439 * corresponding to the given base entry name prefixed with the string
440 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
441 * which an entry exists. If such a versioned entry does not exist, then
442 * the {@code JarEntry} for the base entry is returned, otherwise
443 * {@code null} is returned if no entries are found. The initial value for
444 * the version {@code n} is the maximum version as returned by the method
445 * {@link JarFile#getVersion()}.
446 *
447 * @param name the jar file entry name
448 * @return the {@code JarEntry} for the given entry name, or
449 * the versioned entry name, or {@code null} if not found
450 *
451 * @throws IllegalStateException
452 * may be thrown if the jar file has been closed
453 *
454 * @see java.util.jar.JarEntry
455 *
456 * @implSpec
457 * <div class="block">
458 * This implementation invokes {@link JarFile#getEntry(String)}.
459 * </div>
460 */
461 public JarEntry getJarEntry(String name) {
462 return (JarEntry)getEntry(name);
463 }
464
465 /**
466 * Returns the {@code ZipEntry} for the given base entry name or
467 * {@code null} if not found.
468 *
469 * <p>If this {@code JarFile} is a multi-release jar file and is configured
470 * to be processed as such, then a search is performed to find and return
471 * a {@code ZipEntry} that is the latest versioned entry associated with the
472 * given entry name. The returned {@code ZipEntry} is the versioned entry
473 * corresponding to the given base entry name prefixed with the string
474 * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
475 * which an entry exists. If such a versioned entry does not exist, then
476 * the {@code ZipEntry} for the base entry is returned, otherwise
477 * {@code null} is returned if no entries are found. The initial value for
478 * the version {@code n} is the maximum version as returned by the method
479 * {@link JarFile#getVersion()}.
480 *
481 * @param name the jar file entry name
482 * @return the {@code ZipEntry} for the given entry name or
483 * the versioned entry name or {@code null} if not found
484 *
485 * @throws IllegalStateException
486 * may be thrown if the jar file has been closed
487 *
488 * @see java.util.zip.ZipEntry
489 *
490 * @implSpec
491 * <div class="block">
492 * This implementation may return a versioned entry for the requested name
493 * even if there is not a corresponding base entry. This can occur
494 * if there is a private or package-private versioned entry that matches.
495 * If a subclass overrides this method, assure that the override method
496 * invokes {@code super.getEntry(name)} to obtain all versioned entries.
497 * </div>
498 */
499 public ZipEntry getEntry(String name) {
500 ZipEntry ze = super.getEntry(name);
501 if (ze != null) {
502 return new JarFileEntry(ze);
503 }
504 // no matching base entry, but maybe there is a versioned entry,
505 // like a new private class
506 if (isMultiRelease()) {
507 ze = new ZipEntry(name);
508 ZipEntry vze = getVersionedEntry(ze);
509 if (ze != vze) {
510 return new JarFileEntry(name, vze);
511 }
512 }
513 return null;
514 }
515
516 private class JarEntryIterator implements Enumeration<JarEntry>,
517 Iterator<JarEntry>
518 {
519 final Enumeration<? extends ZipEntry> e = JarFile.super.entries();
520
521 public boolean hasNext() {
522 return e.hasMoreElements();
523 }
524
525 public JarEntry next() {
526 ZipEntry ze = e.nextElement();
527 return new JarFileEntry(ze.getName(), ze);
528 }
529
530 public boolean hasMoreElements() {
531 return hasNext();
532 }
533
534 public JarEntry nextElement() {
535 return next();
536 }
537
538 public Iterator<JarEntry> asIterator() {
539 return this;
540 }
541 }
542
543 /**
544 * Returns an enumeration of the jar file entries.
545 *
546 * @return an enumeration of the jar file entries
547 * @throws IllegalStateException
548 * may be thrown if the jar file has been closed
549 */
550 public Enumeration<JarEntry> entries() {
551 return new JarEntryIterator();
552 }
553
554 /**
555 * Returns an ordered {@code Stream} over the jar file entries.
556 * Entries appear in the {@code Stream} in the order they appear in
557 * the central directory of the jar file.
558 *
559 * @return an ordered {@code Stream} of entries in this jar file
560 * @throws IllegalStateException if the jar file has been closed
561 * @since 1.8
562 */
563 public Stream<JarEntry> stream() {
564 return StreamSupport.stream(Spliterators.spliterator(
565 new JarEntryIterator(), size(),
566 Spliterator.ORDERED | Spliterator.DISTINCT |
567 Spliterator.IMMUTABLE | Spliterator.NONNULL), false);
568 }
569
570 private ZipEntry searchForVersionedEntry(final int version, String name) {
571 ZipEntry vze = null;
572 String sname = "/" + name;
573 int i = version;
574 while (i > BASE_VERSION_MAJOR) {
575 vze = super.getEntry(META_INF_VERSIONS + i + sname);
576 if (vze != null) break;
577 i--;
578 }
579 return vze;
580 }
581
582 private ZipEntry getVersionedEntry(ZipEntry ze) {
583 ZipEntry vze = null;
584 if (BASE_VERSION_MAJOR < versionMajor) {
585 String name = ze.getName();
586 if (!name.startsWith(META_INF)) {
587 vze = searchForVersionedEntry(versionMajor, name);
588 }
589 }
590 return vze == null ? ze : vze;
591 }
592
593 /**
594 * Returns the real name of a {@code JarEntry}. If this {@code JarFile} is
595 * a multi-release jar file and is configured to be processed as such, the
596 * name returned by this method is the path name of the versioned entry
597 * that the {@code JarEntry} represents, rather than the path name of the
598 * base entry that {@link JarEntry#getName()} returns. If the
599 * {@code JarEntry} does not represent a versioned entry, or the
600 * jar file is not a multi-release jar file or {@code JarFile} is not
601 * configured for processing a multi-release jar file, this method returns
602 * the same name that {@link JarEntry#getName()} returns.
603 *
604 * @param entry the JarEntry
605 * @return the real name of the JarEntry
606 * @since 9
607 */
608 String getRealName(JarEntry entry) {
609 if (entry instanceof JarFileEntry) {
610 return ((JarFileEntry)entry).realName();
611 }
612 return entry.getName();
613 }
614
615 private class JarFileEntry extends JarEntry {
616 final private String name;
617
618 JarFileEntry(ZipEntry ze) {
619 super(isMultiRelease() ? getVersionedEntry(ze) : ze);
620 this.name = ze.getName();
621 }
622 JarFileEntry(String name, ZipEntry vze) {
623 super(vze);
624 this.name = name;
625 }
626 public Attributes getAttributes() throws IOException {
627 Manifest man = JarFile.this.getManifest();
628 if (man != null) {
629 return man.getAttributes(super.getName());
630 } else {
631 return null;
632 }
633 }
634 public Certificate[] getCertificates() {
635 try {
636 maybeInstantiateVerifier();
637 } catch (IOException e) {
638 throw new RuntimeException(e);
639 }
640 if (certs == null && jv != null) {
641 certs = jv.getCerts(JarFile.this, realEntry());
642 }
643 return certs == null ? null : certs.clone();
644 }
645 public CodeSigner[] getCodeSigners() {
646 try {
647 maybeInstantiateVerifier();
648 } catch (IOException e) {
649 throw new RuntimeException(e);
650 }
651 if (signers == null && jv != null) {
652 signers = jv.getCodeSigners(JarFile.this, realEntry());
653 }
654 return signers == null ? null : signers.clone();
655 }
656 JarFileEntry realEntry() {
657 if (isMultiRelease() && versionMajor != BASE_VERSION_MAJOR) {
658 String entryName = super.getName();
659 return entryName.equals(this.name) ? this : new JarFileEntry(entryName, this);
660 }
661 return this;
662 }
663 String realName() {
664 return super.getName();
665 }
666
667 @Override
668 public String getName() {
669 return name;
670 }
671 }
672
673 /*
674 * Ensures that the JarVerifier has been created if one is
675 * necessary (i.e., the jar appears to be signed.) This is done as
676 * a quick check to avoid processing of the manifest for unsigned
677 * jars.
678 */
679 private void maybeInstantiateVerifier() throws IOException {
680 if (jv != null) {
681 return;
682 }
683
684 if (verify) {
685 String[] names = getMetaInfEntryNames();
686 if (names != null) {
687 for (String nameLower : names) {
688 String name = nameLower.toUpperCase(Locale.ENGLISH);
689 if (name.endsWith(".DSA") ||
690 name.endsWith(".RSA") ||
691 name.endsWith(".EC") ||
692 name.endsWith(".SF")) {
693 // Assume since we found a signature-related file
694 // that the jar is signed and that we therefore
695 // need a JarVerifier and Manifest
696 getManifest();
697 return;
698 }
699 }
700 }
701 // No signature-related files; don't instantiate a
702 // verifier
703 verify = false;
704 }
705 }
706
707
708 /*
709 * Initializes the verifier object by reading all the manifest
710 * entries and passing them to the verifier.
711 */
712 private void initializeVerifier() {
713 ManifestEntryVerifier mev = null;
714
715 // Verify "META-INF/" entries...
716 try {
717 String[] names = getMetaInfEntryNames();
718 if (names != null) {
719 for (String name : names) {
720 String uname = name.toUpperCase(Locale.ENGLISH);
721 if (MANIFEST_NAME.equals(uname)
722 || SignatureFileVerifier.isBlockOrSF(uname)) {
723 JarEntry e = getJarEntry(name);
724 if (e == null) {
725 throw new JarException("corrupted jar file");
726 }
727 if (mev == null) {
728 mev = new ManifestEntryVerifier
729 (getManifestFromReference());
730 }
731 byte[] b = getBytes(e);
732 if (b != null && b.length > 0) {
733 jv.beginEntry(e, mev);
734 jv.update(b.length, b, 0, b.length, mev);
735 jv.update(-1, null, 0, 0, mev);
736 }
737 }
738 }
739 }
740 } catch (IOException ex) {
741 // if we had an error parsing any blocks, just
742 // treat the jar file as being unsigned
743 jv = null;
744 verify = false;
745 if (JarVerifier.debug != null) {
746 JarVerifier.debug.println("jarfile parsing error!");
747 ex.printStackTrace();
748 }
749 }
750
751 // if after initializing the verifier we have nothing
752 // signed, we null it out.
753
754 if (jv != null) {
755
756 jv.doneWithMeta();
757 if (JarVerifier.debug != null) {
758 JarVerifier.debug.println("done with meta!");
759 }
760
761 if (jv.nothingToVerify()) {
762 if (JarVerifier.debug != null) {
763 JarVerifier.debug.println("nothing to verify!");
764 }
765 jv = null;
766 verify = false;
767 }
768 }
769 }
770
771 /*
772 * Reads all the bytes for a given entry. Used to process the
773 * META-INF files.
774 */
775 private byte[] getBytes(ZipEntry ze) throws IOException {
776 try (InputStream is = super.getInputStream(ze)) {
777 int len = (int)ze.getSize();
778 int bytesRead;
779 byte[] b;
780 // trust specified entry sizes when reasonably small
781 if (len != -1 && len <= 65535) {
782 b = new byte[len];
783 bytesRead = is.readNBytes(b, 0, len);
784 } else {
785 b = is.readAllBytes();
786 bytesRead = b.length;
787 }
788 if (len != -1 && len != bytesRead) {
789 throw new EOFException("Expected:" + len + ", read:" + bytesRead);
790 }
791 return b;
792 }
793 }
794
795 /**
796 * Returns an input stream for reading the contents of the specified
797 * zip file entry.
798 * @param ze the zip file entry
799 * @return an input stream for reading the contents of the specified
800 * zip file entry
801 * @throws ZipException if a zip file format error has occurred
802 * @throws IOException if an I/O error has occurred
803 * @throws SecurityException if any of the jar file entries
804 * are incorrectly signed.
805 * @throws IllegalStateException
806 * may be thrown if the jar file has been closed
807 */
808 public synchronized InputStream getInputStream(ZipEntry ze)
809 throws IOException
810 {
811 maybeInstantiateVerifier();
812 if (jv == null) {
813 return super.getInputStream(ze);
814 }
815 if (!jvInitialized) {
816 initializeVerifier();
817 jvInitialized = true;
818 // could be set to null after a call to
819 // initializeVerifier if we have nothing to
820 // verify
821 if (jv == null)
822 return super.getInputStream(ze);
823 }
824
825 // wrap a verifier stream around the real stream
826 return new JarVerifier.VerifierStream(
827 getManifestFromReference(),
828 verifiableEntry(ze),
829 super.getInputStream(ze),
830 jv);
831 }
832
833 private JarEntry verifiableEntry(ZipEntry ze) {
834 if (ze instanceof JarFileEntry) {
835 // assure the name and entry match for verification
836 return ((JarFileEntry)ze).realEntry();
837 }
838 ze = getJarEntry(ze.getName());
839 if (ze instanceof JarFileEntry) {
840 return ((JarFileEntry)ze).realEntry();
841 }
842 return (JarEntry)ze;
843 }
844
845 // Statics for hand-coded Boyer-Moore search
846 private static final byte[] CLASSPATH_CHARS =
847 {'C','L','A','S','S','-','P','A','T','H', ':', ' '};
848
849 // The bad character shift for "class-path: "
850 private static final byte[] CLASSPATH_LASTOCC;
851
852 // The good suffix shift for "class-path: "
853 private static final byte[] CLASSPATH_OPTOSFT;
854
855 private static final byte[] MULTIRELEASE_CHARS =
856 {'M','U','L','T','I','-','R','E','L','E', 'A', 'S', 'E', ':',
857 ' ', 'T', 'R', 'U', 'E'};
858
859 // The bad character shift for "multi-release: true"
860 private static final byte[] MULTIRELEASE_LASTOCC;
861
862 // The good suffix shift for "multi-release: true"
863 private static final byte[] MULTIRELEASE_OPTOSFT;
864
865 static {
866 CLASSPATH_LASTOCC = new byte[65];
867 CLASSPATH_OPTOSFT = new byte[12];
868 CLASSPATH_LASTOCC[(int)'C' - 32] = 1;
869 CLASSPATH_LASTOCC[(int)'L' - 32] = 2;
870 CLASSPATH_LASTOCC[(int)'S' - 32] = 5;
871 CLASSPATH_LASTOCC[(int)'-' - 32] = 6;
872 CLASSPATH_LASTOCC[(int)'P' - 32] = 7;
873 CLASSPATH_LASTOCC[(int)'A' - 32] = 8;
874 CLASSPATH_LASTOCC[(int)'T' - 32] = 9;
875 CLASSPATH_LASTOCC[(int)'H' - 32] = 10;
876 CLASSPATH_LASTOCC[(int)':' - 32] = 11;
877 CLASSPATH_LASTOCC[(int)' ' - 32] = 12;
878 for (int i = 0; i < 11; i++) {
879 CLASSPATH_OPTOSFT[i] = 12;
880 }
881 CLASSPATH_OPTOSFT[11] = 1;
882
883 MULTIRELEASE_LASTOCC = new byte[65];
884 MULTIRELEASE_OPTOSFT = new byte[19];
885 MULTIRELEASE_LASTOCC[(int)'M' - 32] = 1;
886 MULTIRELEASE_LASTOCC[(int)'I' - 32] = 5;
887 MULTIRELEASE_LASTOCC[(int)'-' - 32] = 6;
888 MULTIRELEASE_LASTOCC[(int)'L' - 32] = 9;
889 MULTIRELEASE_LASTOCC[(int)'A' - 32] = 11;
890 MULTIRELEASE_LASTOCC[(int)'S' - 32] = 12;
891 MULTIRELEASE_LASTOCC[(int)':' - 32] = 14;
892 MULTIRELEASE_LASTOCC[(int)' ' - 32] = 15;
893 MULTIRELEASE_LASTOCC[(int)'T' - 32] = 16;
894 MULTIRELEASE_LASTOCC[(int)'R' - 32] = 17;
895 MULTIRELEASE_LASTOCC[(int)'U' - 32] = 18;
896 MULTIRELEASE_LASTOCC[(int)'E' - 32] = 19;
897 for (int i = 0; i < 17; i++) {
898 MULTIRELEASE_OPTOSFT[i] = 19;
899 }
900 MULTIRELEASE_OPTOSFT[17] = 6;
901 MULTIRELEASE_OPTOSFT[18] = 1;
902 }
903
904 private JarEntry getManEntry() {
905 if (manEntry == null) {
906 // First look up manifest entry using standard name
907 ZipEntry manEntry = super.getEntry(MANIFEST_NAME);
908 if (manEntry == null) {
909 // If not found, then iterate through all the "META-INF/"
910 // entries to find a match.
911 String[] names = getMetaInfEntryNames();
912 if (names != null) {
913 for (String name : names) {
914 if (MANIFEST_NAME.equals(name.toUpperCase(Locale.ENGLISH))) {
915 manEntry = super.getEntry(name);
916 break;
917 }
918 }
919 }
920 }
921 this.manEntry = (manEntry == null)
922 ? null
923 : new JarFileEntry(manEntry.getName(), manEntry);
924 }
925 return manEntry;
926 }
927
928 /**
929 * Returns {@code true} iff this JAR file has a manifest with the
930 * Class-Path attribute
931 */
932 boolean hasClassPathAttribute() throws IOException {
933 checkForSpecialAttributes();
934 return hasClassPathAttribute;
935 }
936
937 /**
938 * Returns true if the pattern {@code src} is found in {@code b}.
939 * The {@code lastOcc} array is the precomputed bad character shifts.
940 * Since there are no repeated substring in our search strings,
941 * the good suffix shifts can be replaced with a comparison.
942 */
943 private int match(byte[] src, byte[] b, byte[] lastOcc, byte[] optoSft) {
944 int len = src.length;
945 int last = b.length - len;
946 int i = 0;
947 next:
948 while (i <= last) {
949 for (int j = (len - 1); j >= 0; j--) {
950 byte c = b[i + j];
951 if (c >= ' ' && c <= 'z') {
952 if (c >= 'a') c -= 32; // Canonicalize
953
954 if (c != src[j]) {
955 // no match
956 int badShift = lastOcc[c - 32];
957 i += Math.max(j + 1 - badShift, optoSft[j]);
958 continue next;
959 }
960 } else {
961 // no match, character not valid for name
962 i += len;
963 continue next;
964 }
965 }
966 return i;
967 }
968 return -1;
969 }
970
971 /**
972 * On first invocation, check if the JAR file has the Class-Path
973 * and the Multi-Release attribute. A no-op on subsequent calls.
974 */
975 private void checkForSpecialAttributes() throws IOException {
976 if (hasCheckedSpecialAttributes) {
977 return;
978 }
979 synchronized (this) {
980 if (hasCheckedSpecialAttributes) {
981 return;
982 }
983 JarEntry manEntry = getManEntry();
984 if (manEntry != null) {
985 byte[] b = getBytes(manEntry);
986 hasClassPathAttribute = match(CLASSPATH_CHARS, b,
987 CLASSPATH_LASTOCC, CLASSPATH_OPTOSFT) != -1;
988 // is this a multi-release jar file
989 if (MULTI_RELEASE_ENABLED) {
990 int i = match(MULTIRELEASE_CHARS, b, MULTIRELEASE_LASTOCC,
991 MULTIRELEASE_OPTOSFT);
992 if (i != -1) {
993 i += MULTIRELEASE_CHARS.length;
994 if (i < b.length) {
995 byte c = b[i++];
996 // Check that the value is followed by a newline
997 // and does not have a continuation
998 if (c == '\n' &&
999 (i == b.length || b[i] != ' ')) {
1000 isMultiRelease = true;
1001 } else if (c == '\r') {
1002 if (i == b.length) {
1003 isMultiRelease = true;
1004 } else {
1005 c = b[i++];
1006 if (c == '\n') {
1007 if (i == b.length || b[i] != ' ') {
1008 isMultiRelease = true;
1009 }
1010 } else if (c != ' ') {
1011 isMultiRelease = true;
1012 }
1013 }
1014 }
1015 }
1016 }
1017 }
1018 }
1019 hasCheckedSpecialAttributes = true;
1020 }
1021 }
1022
1023 private synchronized void ensureInitialization() {
1024 try {
1025 maybeInstantiateVerifier();
1026 } catch (IOException e) {
1027 throw new RuntimeException(e);
1028 }
1029 if (jv != null && !jvInitialized) {
1030 initializeVerifier();
1031 jvInitialized = true;
1032 }
1033 }
1034
1035 JarEntry newEntry(ZipEntry ze) {
1036 return new JarFileEntry(ze);
1037 }
1038
1039 Enumeration<String> entryNames(CodeSource[] cs) {
1040 ensureInitialization();
1041 if (jv != null) {
1042 return jv.entryNames(this, cs);
1043 }
1044
1045 /*
1046 * JAR file has no signed content. Is there a non-signing
1047 * code source?
1048 */
1049 boolean includeUnsigned = false;
1050 for (CodeSource c : cs) {
1051 if (c.getCodeSigners() == null) {
1052 includeUnsigned = true;
1053 break;
1054 }
1055 }
1056 if (includeUnsigned) {
1057 return unsignedEntryNames();
1058 } else {
1059 return new Enumeration<>() {
1060
1061 public boolean hasMoreElements() {
1062 return false;
1063 }
1064
1065 public String nextElement() {
1066 throw new NoSuchElementException();
1067 }
1068 };
1069 }
1070 }
1071
1072 /**
1073 * Returns an enumeration of the zip file entries
1074 * excluding internal JAR mechanism entries and including
1075 * signed entries missing from the ZIP directory.
1076 */
1077 Enumeration<JarEntry> entries2() {
1078 ensureInitialization();
1079 if (jv != null) {
1080 return jv.entries2(this, super.entries());
1081 }
1082
1083 // screen out entries which are never signed
1084 final Enumeration<? extends ZipEntry> enum_ = super.entries();
1085 return new Enumeration<>() {
1086
1087 ZipEntry entry;
1088
1089 public boolean hasMoreElements() {
1090 if (entry != null) {
1091 return true;
1092 }
1093 while (enum_.hasMoreElements()) {
1094 ZipEntry ze = enum_.nextElement();
1095 if (JarVerifier.isSigningRelated(ze.getName())) {
1096 continue;
1097 }
1098 entry = ze;
1099 return true;
1100 }
1101 return false;
1102 }
1103
1104 public JarFileEntry nextElement() {
1105 if (hasMoreElements()) {
1106 ZipEntry ze = entry;
1107 entry = null;
1108 return new JarFileEntry(ze);
1109 }
1110 throw new NoSuchElementException();
1111 }
1112 };
1113 }
1114
1115 CodeSource[] getCodeSources(URL url) {
1116 ensureInitialization();
1117 if (jv != null) {
1118 return jv.getCodeSources(this, url);
1119 }
1120
1121 /*
1122 * JAR file has no signed content. Is there a non-signing
1123 * code source?
1124 */
1125 Enumeration<String> unsigned = unsignedEntryNames();
1126 if (unsigned.hasMoreElements()) {
1127 return new CodeSource[]{JarVerifier.getUnsignedCS(url)};
1128 } else {
1129 return null;
1130 }
1131 }
1132
1133 private Enumeration<String> unsignedEntryNames() {
1134 final Enumeration<JarEntry> entries = entries();
1135 return new Enumeration<>() {
1136
1137 String name;
1138
1139 /*
1140 * Grab entries from ZIP directory but screen out
1141 * metadata.
1142 */
1143 public boolean hasMoreElements() {
1144 if (name != null) {
1145 return true;
1146 }
1147 while (entries.hasMoreElements()) {
1148 String value;
1149 ZipEntry e = entries.nextElement();
1150 value = e.getName();
1151 if (e.isDirectory() || JarVerifier.isSigningRelated(value)) {
1152 continue;
1153 }
1154 name = value;
1155 return true;
1156 }
1157 return false;
1158 }
1159
1160 public String nextElement() {
1161 if (hasMoreElements()) {
1162 String value = name;
1163 name = null;
1164 return value;
1165 }
1166 throw new NoSuchElementException();
1167 }
1168 };
1169 }
1170
1171 CodeSource getCodeSource(URL url, String name) {
1172 ensureInitialization();
1173 if (jv != null) {
1174 if (jv.eagerValidation) {
1175 CodeSource cs = null;
1176 JarEntry je = getJarEntry(name);
1177 if (je != null) {
1178 cs = jv.getCodeSource(url, this, je);
1179 } else {
1180 cs = jv.getCodeSource(url, name);
1181 }
1182 return cs;
1183 } else {
1184 return jv.getCodeSource(url, name);
1185 }
1186 }
1187
1188 return JarVerifier.getUnsignedCS(url);
1189 }
1190
1191 void setEagerValidation(boolean eager) {
1192 try {
1193 maybeInstantiateVerifier();
1194 } catch (IOException e) {
1195 throw new RuntimeException(e);
1196 }
1197 if (jv != null) {
1198 jv.setEagerValidation(eager);
1199 }
1200 }
1201
1202 List<Object> getManifestDigests() {
1203 ensureInitialization();
1204 if (jv != null) {
1205 return jv.getManifestDigests();
1206 }
1207 return new ArrayList<>();
1208 }
1209 }