0N/A/*
3990N/A * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
0N/A *
0N/A * This code is free software; you can redistribute it and/or modify it
0N/A * under the terms of the GNU General Public License version 2 only, as
2362N/A * published by the Free Software Foundation. Oracle designates this
0N/A * particular file as subject to the "Classpath" exception as provided
2362N/A * by Oracle in the LICENSE file that accompanied this code.
0N/A *
0N/A * This code is distributed in the hope that it will be useful, but WITHOUT
0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
0N/A * version 2 for more details (a copy is included in the LICENSE file that
0N/A * accompanied this code).
0N/A *
0N/A * You should have received a copy of the GNU General Public License version
0N/A * 2 along with this work; if not, write to the Free Software Foundation,
0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
0N/A *
2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
2362N/A * or visit www.oracle.com if you need additional information or have any
2362N/A * questions.
0N/A */
0N/A
0N/Apackage sun.security.util;
0N/A
0N/Aimport java.security.*;
0N/Aimport java.io.*;
0N/Aimport java.security.CodeSigner;
0N/Aimport java.util.*;
0N/Aimport java.util.jar.*;
0N/A
0N/Aimport sun.misc.BASE64Decoder;
0N/A
0N/Aimport sun.security.jca.Providers;
0N/A
0N/A/**
0N/A * This class is used to verify each entry in a jar file with its
0N/A * manifest value.
0N/A */
0N/A
0N/Apublic class ManifestEntryVerifier {
0N/A
0N/A private static final Debug debug = Debug.getInstance("jar");
0N/A
3224N/A /**
3224N/A * Holder class to lazily load Sun provider. NOTE: if
3224N/A * Providers.getSunProvider returned a cached provider, we could avoid the
3224N/A * need for caching the provider with this holder class; we should try to
3224N/A * revisit this in JDK 8.
3224N/A */
3224N/A private static class SunProviderHolder {
3224N/A private static final Provider instance = Providers.getSunProvider();
3224N/A }
3224N/A
0N/A /** the created digest objects */
0N/A HashMap<String, MessageDigest> createdDigests;
0N/A
0N/A /** the digests in use for a given entry*/
0N/A ArrayList<MessageDigest> digests;
0N/A
0N/A /** the manifest hashes for the digests in use */
0N/A ArrayList<byte[]> manifestHashes;
0N/A
0N/A private BASE64Decoder decoder = null;
0N/A private String name = null;
0N/A private Manifest man;
0N/A
0N/A private boolean skip = true;
0N/A
0N/A private JarEntry entry;
0N/A
0N/A private CodeSigner[] signers = null;
0N/A
0N/A /**
0N/A * Create a new ManifestEntryVerifier object.
0N/A */
0N/A public ManifestEntryVerifier(Manifest man)
0N/A {
0N/A createdDigests = new HashMap<String, MessageDigest>(11);
0N/A digests = new ArrayList<MessageDigest>();
0N/A manifestHashes = new ArrayList<byte[]>();
0N/A decoder = new BASE64Decoder();
0N/A this.man = man;
0N/A }
0N/A
0N/A /**
0N/A * Find the hashes in the
0N/A * manifest for this entry, save them, and set the MessageDigest
0N/A * objects to calculate the hashes on the fly. If name is
0N/A * null it signifies that update/verify should ignore this entry.
0N/A */
0N/A public void setEntry(String name, JarEntry entry)
0N/A throws IOException
0N/A {
0N/A digests.clear();
0N/A manifestHashes.clear();
0N/A this.name = name;
0N/A this.entry = entry;
0N/A
0N/A skip = true;
0N/A signers = null;
0N/A
0N/A if (man == null || name == null) {
0N/A return;
0N/A }
0N/A
0N/A /* get the headers from the manifest for this entry */
0N/A /* if there aren't any, we can't verify any digests for this entry */
0N/A
0N/A Attributes attr = man.getAttributes(name);
0N/A if (attr == null) {
0N/A // ugh. we should be able to remove this at some point.
0N/A // there are broken jars floating around with ./name and /name
0N/A // in the manifest, and "name" in the zip/jar file.
0N/A attr = man.getAttributes("./"+name);
0N/A if (attr == null) {
0N/A attr = man.getAttributes("/"+name);
0N/A if (attr == null)
0N/A return;
0N/A }
0N/A }
0N/A
0N/A for (Map.Entry<Object,Object> se : attr.entrySet()) {
0N/A String key = se.getKey().toString();
0N/A
0N/A if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST")) {
0N/A // 7 is length of "-Digest"
0N/A String algorithm = key.substring(0, key.length()-7);
0N/A
0N/A MessageDigest digest = createdDigests.get(algorithm);
0N/A
0N/A if (digest == null) {
0N/A try {
0N/A
0N/A digest = MessageDigest.getInstance
3224N/A (algorithm, SunProviderHolder.instance);
0N/A createdDigests.put(algorithm, digest);
0N/A } catch (NoSuchAlgorithmException nsae) {
0N/A // ignore
0N/A }
0N/A }
0N/A
0N/A if (digest != null) {
0N/A skip = false;
0N/A digest.reset();
0N/A digests.add(digest);
0N/A manifestHashes.add(
0N/A decoder.decodeBuffer((String)se.getValue()));
0N/A }
0N/A }
0N/A }
0N/A }
0N/A
0N/A /**
0N/A * update the digests for the digests we are interested in
0N/A */
0N/A public void update(byte buffer) {
0N/A if (skip) return;
0N/A
0N/A for (int i=0; i < digests.size(); i++) {
0N/A digests.get(i).update(buffer);
0N/A }
0N/A }
0N/A
0N/A /**
0N/A * update the digests for the digests we are interested in
0N/A */
0N/A public void update(byte buffer[], int off, int len) {
0N/A if (skip) return;
0N/A
0N/A for (int i=0; i < digests.size(); i++) {
0N/A digests.get(i).update(buffer, off, len);
0N/A }
0N/A }
0N/A
0N/A /**
0N/A * get the JarEntry for this object
0N/A */
0N/A public JarEntry getEntry()
0N/A {
0N/A return entry;
0N/A }
0N/A
0N/A /**
0N/A * go through all the digests, calculating the final digest
0N/A * and comparing it to the one in the manifest. If this is
0N/A * the first time we have verified this object, remove its
0N/A * code signers from sigFileSigners and place in verifiedSigners.
0N/A *
0N/A *
0N/A */
4046N/A public CodeSigner[] verify(Hashtable<String, CodeSigner[]> verifiedSigners,
4046N/A Hashtable<String, CodeSigner[]> sigFileSigners)
0N/A throws JarException
0N/A {
3875N/A if (skip) {
3209N/A return null;
3209N/A }
0N/A
0N/A if (signers != null)
0N/A return signers;
0N/A
0N/A for (int i=0; i < digests.size(); i++) {
0N/A
0N/A MessageDigest digest = digests.get(i);
0N/A byte [] manHash = manifestHashes.get(i);
0N/A byte [] theHash = digest.digest();
0N/A
0N/A if (debug != null) {
0N/A debug.println("Manifest Entry: " +
0N/A name + " digest=" + digest.getAlgorithm());
0N/A debug.println(" manifest " + toHex(manHash));
0N/A debug.println(" computed " + toHex(theHash));
0N/A debug.println();
0N/A }
0N/A
0N/A if (!MessageDigest.isEqual(theHash, manHash))
0N/A throw new SecurityException(digest.getAlgorithm()+
0N/A " digest error for "+name);
0N/A }
0N/A
0N/A // take it out of sigFileSigners and put it in verifiedSigners...
0N/A signers = sigFileSigners.remove(name);
0N/A if (signers != null) {
0N/A verifiedSigners.put(name, signers);
0N/A }
0N/A return signers;
0N/A }
0N/A
0N/A // for the toHex function
0N/A private static final char[] hexc =
0N/A {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
0N/A /**
0N/A * convert a byte array to a hex string for debugging purposes
0N/A * @param data the binary data to be converted to a hex string
0N/A * @return an ASCII hex string
0N/A */
0N/A
0N/A static String toHex(byte[] data) {
0N/A
0N/A StringBuffer sb = new StringBuffer(data.length*2);
0N/A
0N/A for (int i=0; i<data.length; i++) {
0N/A sb.append(hexc[(data[i] >>4) & 0x0f]);
0N/A sb.append(hexc[data[i] & 0x0f]);
0N/A }
0N/A return sb.toString();
0N/A }
0N/A
0N/A}