Blame - jdk/src/share/classes/sun/security/util/ManifestEntryVerifier.java - platform/libcore

blob: c528d95c8b1b181eb81eeb4a4ec9282986c23b0c [file] [log] [blame]

J. Duke	319a3b9	2007-12-01 00:00:00 +0000	[diff] [blame^]	1	/*
				2	* Copyright 1997-2006 Sun Microsystems, Inc. All Rights Reserved.
				3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
				4	*
				5	* This code is free software; you can redistribute it and/or modify it
				6	* under the terms of the GNU General Public License version 2 only, as
				7	* published by the Free Software Foundation. Sun designates this
				8	* particular file as subject to the "Classpath" exception as provided
				9	* by Sun in the LICENSE file that accompanied this code.
				10	*
				11	* This code is distributed in the hope that it will be useful, but WITHOUT
				12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
				13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
				14	* version 2 for more details (a copy is included in the LICENSE file that
				15	* accompanied this code).
				16	*
				17	* You should have received a copy of the GNU General Public License version
				18	* 2 along with this work; if not, write to the Free Software Foundation,
				19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
				20	*
				21	* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
				22	* CA 95054 USA or visit www.sun.com if you need additional information or
				23	* have any questions.
				24	*/
				25
				26	package sun.security.util;
				27
				28	import java.security.*;
				29	import java.io.*;
				30	import java.security.CodeSigner;
				31	import java.util.*;
				32	import java.util.jar.*;
				33
				34	import sun.misc.BASE64Decoder;
				35
				36	import sun.security.jca.Providers;
				37
				38	/**
				39	* This class is used to verify each entry in a jar file with its
				40	* manifest value.
				41	*/
				42
				43	public class ManifestEntryVerifier {
				44
				45	private static final Debug debug = Debug.getInstance("jar");
				46
				47	private static final Provider digestProvider = Providers.getSunProvider();
				48
				49	/** the created digest objects */
				50	HashMap<String, MessageDigest> createdDigests;
				51
				52	/** the digests in use for a given entry*/
				53	ArrayList<MessageDigest> digests;
				54
				55	/** the manifest hashes for the digests in use */
				56	ArrayList<byte[]> manifestHashes;
				57
				58	private BASE64Decoder decoder = null;
				59	private String name = null;
				60	private Manifest man;
				61
				62	private boolean skip = true;
				63
				64	private JarEntry entry;
				65
				66	private CodeSigner[] signers = null;
				67
				68	/**
				69	* Create a new ManifestEntryVerifier object.
				70	*/
				71	public ManifestEntryVerifier(Manifest man)
				72	{
				73	createdDigests = new HashMap<String, MessageDigest>(11);
				74	digests = new ArrayList<MessageDigest>();
				75	manifestHashes = new ArrayList<byte[]>();
				76	decoder = new BASE64Decoder();
				77	this.man = man;
				78	}
				79
				80	/**
				81	* Find the hashes in the
				82	* manifest for this entry, save them, and set the MessageDigest
				83	* objects to calculate the hashes on the fly. If name is
				84	* null it signifies that update/verify should ignore this entry.
				85	*/
				86	public void setEntry(String name, JarEntry entry)
				87	throws IOException
				88	{
				89	digests.clear();
				90	manifestHashes.clear();
				91	this.name = name;
				92	this.entry = entry;
				93
				94	skip = true;
				95	signers = null;
				96
				97	if (man == null \|\| name == null) {
				98	return;
				99	}
				100
				101	/* get the headers from the manifest for this entry */
				102	/* if there aren't any, we can't verify any digests for this entry */
				103
				104	Attributes attr = man.getAttributes(name);
				105	if (attr == null) {
				106	// ugh. we should be able to remove this at some point.
				107	// there are broken jars floating around with ./name and /name
				108	// in the manifest, and "name" in the zip/jar file.
				109	attr = man.getAttributes("./"+name);
				110	if (attr == null) {
				111	attr = man.getAttributes("/"+name);
				112	if (attr == null)
				113	return;
				114	}
				115	}
				116
				117	for (Map.Entry<Object,Object> se : attr.entrySet()) {
				118	String key = se.getKey().toString();
				119
				120	if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST")) {
				121	// 7 is length of "-Digest"
				122	String algorithm = key.substring(0, key.length()-7);
				123
				124	MessageDigest digest = createdDigests.get(algorithm);
				125
				126	if (digest == null) {
				127	try {
				128
				129	digest = MessageDigest.getInstance
				130	(algorithm, digestProvider);
				131	createdDigests.put(algorithm, digest);
				132	} catch (NoSuchAlgorithmException nsae) {
				133	// ignore
				134	}
				135	}
				136
				137	if (digest != null) {
				138	skip = false;
				139	digest.reset();
				140	digests.add(digest);
				141	manifestHashes.add(
				142	decoder.decodeBuffer((String)se.getValue()));
				143	}
				144	}
				145	}
				146	}
				147
				148	/**
				149	* update the digests for the digests we are interested in
				150	*/
				151	public void update(byte buffer) {
				152	if (skip) return;
				153
				154	for (int i=0; i < digests.size(); i++) {
				155	digests.get(i).update(buffer);
				156	}
				157	}
				158
				159	/**
				160	* update the digests for the digests we are interested in
				161	*/
				162	public void update(byte buffer[], int off, int len) {
				163	if (skip) return;
				164
				165	for (int i=0; i < digests.size(); i++) {
				166	digests.get(i).update(buffer, off, len);
				167	}
				168	}
				169
				170	/**
				171	* get the JarEntry for this object
				172	*/
				173	public JarEntry getEntry()
				174	{
				175	return entry;
				176	}
				177
				178	/**
				179	* go through all the digests, calculating the final digest
				180	* and comparing it to the one in the manifest. If this is
				181	* the first time we have verified this object, remove its
				182	* code signers from sigFileSigners and place in verifiedSigners.
				183	*
				184	*
				185	*/
				186	public CodeSigner[] verify(Hashtable<String, CodeSigner[]> verifiedSigners,
				187	Hashtable<String, CodeSigner[]> sigFileSigners)
				188	throws JarException
				189	{
				190	if (skip) return null;
				191
				192	if (signers != null)
				193	return signers;
				194
				195	for (int i=0; i < digests.size(); i++) {
				196
				197	MessageDigest digest = digests.get(i);
				198	byte [] manHash = manifestHashes.get(i);
				199	byte [] theHash = digest.digest();
				200
				201	if (debug != null) {
				202	debug.println("Manifest Entry: " +
				203	name + " digest=" + digest.getAlgorithm());
				204	debug.println(" manifest " + toHex(manHash));
				205	debug.println(" computed " + toHex(theHash));
				206	debug.println();
				207	}
				208
				209	if (!MessageDigest.isEqual(theHash, manHash))
				210	throw new SecurityException(digest.getAlgorithm()+
				211	" digest error for "+name);
				212	}
				213
				214	// take it out of sigFileSigners and put it in verifiedSigners...
				215	signers = sigFileSigners.remove(name);
				216	if (signers != null) {
				217	verifiedSigners.put(name, signers);
				218	}
				219	return signers;
				220	}
				221
				222	// for the toHex function
				223	private static final char[] hexc =
				224	{'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
				225	/**
				226	* convert a byte array to a hex string for debugging purposes
				227	* @param data the binary data to be converted to a hex string
				228	* @return an ASCII hex string
				229	*/
				230
				231	static String toHex(byte[] data) {
				232
				233	StringBuffer sb = new StringBuffer(data.length*2);
				234
				235	for (int i=0; i<data.length; i++) {
				236	sb.append(hexc[(data[i] >>4) & 0x0f]);
				237	sb.append(hexc[data[i] & 0x0f]);
				238	}
				239	return sb.toString();
				240	}
				241
				242	}