Java Code Examples for sun.security.util.ManifestEntryVerifier#setEntry()

The following examples show how to use sun.security.util.ManifestEntryVerifier#setEntry() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: JarVerifier.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 2
Source File: JarVerifier.java    From j2objc with Apache License 2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            /* J2ObjC modified: platform-specific implementation to avoid importing JarIndex */
            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 3
Source File: JarVerifier.java    From jdk8u-dev-jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 4
Source File: JarVerifier.java    From jdk-1.7-annotated with Apache License 2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 5
Source File: JarVerifier.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 6
Source File: JarVerifier.java    From jdk8u_jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 7
Source File: JarVerifier.java    From openjdk-8 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 8
Source File: JarVerifier.java    From openjdk-8-source with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 9
Source File: JarVerifier.java    From hottub with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 10
Source File: JarVerifier.java    From Java8CN with Apache License 2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 11
Source File: JarVerifier.java    From jdk1.8-source-analysis with Apache License 2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 12
Source File: JarVerifier.java    From openjdk-jdk9 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 13
Source File: JarVerifier.java    From Bytecoder with Apache License 2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 14
Source File: JarVerifier.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 15
Source File: JarVerifier.java    From openjdk-jdk8u with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 16
Source File: JarVerifier.java    From JDKSourceCode1.8 with MIT License 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 17
Source File: JarVerifier.java    From jdk8u60 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (sigFileSigners.get(name) != null ||
            verifiedSigners.get(name) != null) {
        mev.setEntry(name, je);
        return;
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 18
Source File: JarVerifier.java    From TencentKona-8 with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}
 
Example 19
Source File: JarVerifier.java    From dragonwell8_jdk with GNU General Public License v2.0 4 votes vote down vote up
/**
 * This method scans to see which entry we're parsing and
 * keeps various state information depending on what type of
 * file is being parsed.
 */
public void beginEntry(JarEntry je, ManifestEntryVerifier mev)
    throws IOException
{
    if (je == null)
        return;

    if (debug != null) {
        debug.println("beginEntry "+je.getName());
    }

    String name = je.getName();

    /*
     * Assumptions:
     * 1. The manifest should be the first entry in the META-INF directory.
     * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
     * 3. Any of the following will throw a SecurityException:
     *    a. digest mismatch between a manifest section and
     *       the SF section.
     *    b. digest mismatch between the actual jar entry and the manifest
     */

    if (parsingMeta) {
        String uname = name.toUpperCase(Locale.ENGLISH);
        if ((uname.startsWith("META-INF/") ||
             uname.startsWith("/META-INF/"))) {

            if (je.isDirectory()) {
                mev.setEntry(null, je);
                return;
            }

            if (uname.equals(JarFile.MANIFEST_NAME) ||
                    uname.equals(JarIndex.INDEX_NAME)) {
                return;
            }

            if (SignatureFileVerifier.isBlockOrSF(uname)) {
                /* We parse only DSA, RSA or EC PKCS7 blocks. */
                parsingBlockOrSF = true;
                baos.reset();
                mev.setEntry(null, je);
                return;
            }

            // If a META-INF entry is not MF or block or SF, they should
            // be normal entries. According to 2 above, no more block or
            // SF will appear. Let's doneWithMeta.
        }
    }

    if (parsingMeta) {
        doneWithMeta();
    }

    if (je.isDirectory()) {
        mev.setEntry(null, je);
        return;
    }

    // be liberal in what you accept. If the name starts with ./, remove
    // it as we internally canonicalize it with out the ./.
    if (name.startsWith("./"))
        name = name.substring(2);

    // be liberal in what you accept. If the name starts with /, remove
    // it as we internally canonicalize it with out the /.
    if (name.startsWith("/"))
        name = name.substring(1);

    // only set the jev object for entries that have a signature
    // (either verified or not)
    if (!name.equals(JarFile.MANIFEST_NAME)) {
        if (sigFileSigners.get(name) != null ||
                verifiedSigners.get(name) != null) {
            mev.setEntry(name, je);
            return;
        }
    }

    // don't compute the digest for this entry
    mev.setEntry(null, je);

    return;
}