Path: blob/master/src/jdk.jartool/share/classes/jdk/security/jarsigner/JarSigner.java
66646 views
/*1* Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package jdk.security.jarsigner;2627import com.sun.jarsigner.ContentSigner;28import com.sun.jarsigner.ContentSignerParameters;29import jdk.internal.access.JavaUtilZipFileAccess;30import jdk.internal.access.SharedSecrets;31import sun.security.pkcs.PKCS7;32import sun.security.pkcs.PKCS9Attribute;33import sun.security.pkcs.PKCS9Attributes;34import sun.security.timestamp.HttpTimestamper;35import sun.security.tools.PathList;36import sun.security.util.Event;37import sun.security.util.ManifestDigester;38import sun.security.util.SignatureFileVerifier;39import sun.security.util.SignatureUtil;40import sun.security.x509.AlgorithmId;4142import java.io.*;43import java.lang.reflect.InvocationTargetException;44import java.net.SocketTimeoutException;45import java.net.URI;46import java.net.URL;47import java.net.URLClassLoader;48import java.security.*;49import java.security.cert.CertPath;50import java.security.cert.Certificate;51import java.security.cert.CertificateException;52import java.security.cert.X509Certificate;53import java.security.spec.InvalidParameterSpecException;54import java.util.*;55import java.util.function.BiConsumer;56import java.util.function.Function;57import java.util.jar.Attributes;58import java.util.jar.JarEntry;59import java.util.jar.JarFile;60import java.util.jar.Manifest;61import java.util.zip.ZipEntry;62import java.util.zip.ZipFile;63import java.util.zip.ZipOutputStream;6465/**66* An immutable utility class to sign a jar file.67* <p>68* A caller creates a {@code JarSigner.Builder} object, (optionally) sets69* some parameters, and calls {@link JarSigner.Builder#build build} to create70* a {@code JarSigner} object. This {@code JarSigner} object can then71* be used to sign a jar file.72* <p>73* Unless otherwise stated, calling a method of {@code JarSigner} or74* {@code JarSigner.Builder} with a null argument will throw75* a {@link NullPointerException}.76* <p>77* Example:78* <pre>79* JarSigner signer = new JarSigner.Builder(key, certPath)80* .digestAlgorithm("SHA-1")81* .signatureAlgorithm("SHA1withDSA")82* .build();83* try (ZipFile in = new ZipFile(inputFile);84* FileOutputStream out = new FileOutputStream(outputFile)) {85* signer.sign(in, out);86* }87* </pre>88*89* @since 990*/91public final class JarSigner {9293static final JavaUtilZipFileAccess JUZFA = SharedSecrets.getJavaUtilZipFileAccess();9495/**96* A mutable builder class that can create an immutable {@code JarSigner}97* from various signing-related parameters.98*99* @since 9100*/101public static class Builder {102103// Signer materials:104final PrivateKey privateKey;105final X509Certificate[] certChain;106107// JarSigner options:108// Support multiple digestalg internally. Can be null, but not empty109String[] digestalg;110String sigalg;111// Precisely should be one provider for each digestalg, maybe later112Provider digestProvider;113Provider sigProvider;114URI tsaUrl;115String signerName;116BiConsumer<String,String> handler;117118// Implementation-specific properties:119String tSAPolicyID;120String tSADigestAlg;121boolean sectionsonly = false;122boolean internalsf = false;123String altSignerPath;124String altSigner;125126/**127* Creates a {@code JarSigner.Builder} object with128* a {@link KeyStore.PrivateKeyEntry} object.129*130* @param entry the {@link KeyStore.PrivateKeyEntry} of the signer.131*/132public Builder(KeyStore.PrivateKeyEntry entry) {133this.privateKey = entry.getPrivateKey();134try {135// called internally, no need to clone136Certificate[] certs = entry.getCertificateChain();137this.certChain = Arrays.copyOf(certs, certs.length,138X509Certificate[].class);139} catch (ArrayStoreException ase) {140// Wrong type, not X509Certificate. Won't document.141throw new IllegalArgumentException(142"Entry does not contain X509Certificate");143}144}145146/**147* Creates a {@code JarSigner.Builder} object with a private key and148* a certification path.149*150* @param privateKey the private key of the signer.151* @param certPath the certification path of the signer.152* @throws IllegalArgumentException if {@code certPath} is empty, or153* the {@code privateKey} algorithm does not match the algorithm154* of the {@code PublicKey} in the end entity certificate155* (the first certificate in {@code certPath}).156*/157public Builder(PrivateKey privateKey, CertPath certPath) {158List<? extends Certificate> certs = certPath.getCertificates();159if (certs.isEmpty()) {160throw new IllegalArgumentException("certPath cannot be empty");161}162if (!privateKey.getAlgorithm().equals163(certs.get(0).getPublicKey().getAlgorithm())) {164throw new IllegalArgumentException165("private key algorithm does not match " +166"algorithm of public key in end entity " +167"certificate (the 1st in certPath)");168}169this.privateKey = privateKey;170try {171this.certChain = certs.toArray(new X509Certificate[certs.size()]);172} catch (ArrayStoreException ase) {173// Wrong type, not X509Certificate.174throw new IllegalArgumentException(175"Entry does not contain X509Certificate");176}177}178179/**180* Sets the digest algorithm. If no digest algorithm is specified,181* the default algorithm returned by {@link #getDefaultDigestAlgorithm}182* will be used.183*184* @param algorithm the standard name of the algorithm. See185* the {@code MessageDigest} section in the <a href=186* "{@docRoot}/../specs/security/standard-names.html#messagedigest-algorithms">187* Java Cryptography Architecture Standard Algorithm Name188* Documentation</a> for information about standard algorithm names.189* @return the {@code JarSigner.Builder} itself.190* @throws NoSuchAlgorithmException if {@code algorithm} is not available.191*/192public Builder digestAlgorithm(String algorithm) throws NoSuchAlgorithmException {193MessageDigest.getInstance(Objects.requireNonNull(algorithm));194this.digestalg = new String[]{algorithm};195this.digestProvider = null;196return this;197}198199/**200* Sets the digest algorithm from the specified provider.201* If no digest algorithm is specified, the default algorithm202* returned by {@link #getDefaultDigestAlgorithm} will be used.203*204* @param algorithm the standard name of the algorithm. See205* the {@code MessageDigest} section in the <a href=206* "{@docRoot}/../specs/security/standard-names.html#messagedigest-algorithms">207* Java Cryptography Architecture Standard Algorithm Name208* Documentation</a> for information about standard algorithm names.209* @param provider the provider.210* @return the {@code JarSigner.Builder} itself.211* @throws NoSuchAlgorithmException if {@code algorithm} is not212* available in the specified provider.213*/214public Builder digestAlgorithm(String algorithm, Provider provider)215throws NoSuchAlgorithmException {216MessageDigest.getInstance(217Objects.requireNonNull(algorithm),218Objects.requireNonNull(provider));219this.digestalg = new String[]{algorithm};220this.digestProvider = provider;221return this;222}223224/**225* Sets the signature algorithm. If no signature algorithm226* is specified, the default signature algorithm returned by227* {@link #getDefaultSignatureAlgorithm} for the private key228* will be used.229*230* @param algorithm the standard name of the algorithm. See231* the {@code Signature} section in the <a href=232* "{@docRoot}/../specs/security/standard-names.html#signature-algorithms">233* Java Cryptography Architecture Standard Algorithm Name234* Documentation</a> for information about standard algorithm names.235* @return the {@code JarSigner.Builder} itself.236* @throws NoSuchAlgorithmException if {@code algorithm} is not available.237* @throws IllegalArgumentException if {@code algorithm} is not238* compatible with the algorithm of the signer's private key.239*/240public Builder signatureAlgorithm(String algorithm)241throws NoSuchAlgorithmException {242// Check availability243Signature.getInstance(Objects.requireNonNull(algorithm));244SignatureUtil.checkKeyAndSigAlgMatch(privateKey, algorithm);245this.sigalg = algorithm;246this.sigProvider = null;247return this;248}249250/**251* Sets the signature algorithm from the specified provider. If no252* signature algorithm is specified, the default signature algorithm253* returned by {@link #getDefaultSignatureAlgorithm} for the private254* key will be used.255*256* @param algorithm the standard name of the algorithm. See257* the {@code Signature} section in the <a href=258* "{@docRoot}/../specs/security/standard-names.html#signature-algorithms">259* Java Cryptography Architecture Standard Algorithm Name260* Documentation</a> for information about standard algorithm names.261* @param provider the provider.262* @return the {@code JarSigner.Builder} itself.263* @throws NoSuchAlgorithmException if {@code algorithm} is not264* available in the specified provider.265* @throws IllegalArgumentException if {@code algorithm} is not266* compatible with the algorithm of the signer's private key.267*/268public Builder signatureAlgorithm(String algorithm, Provider provider)269throws NoSuchAlgorithmException {270// Check availability271Signature.getInstance(272Objects.requireNonNull(algorithm),273Objects.requireNonNull(provider));274SignatureUtil.checkKeyAndSigAlgMatch(privateKey, algorithm);275this.sigalg = algorithm;276this.sigProvider = provider;277return this;278}279280/**281* Sets the URI of the Time Stamping Authority (TSA).282*283* @param uri the URI.284* @return the {@code JarSigner.Builder} itself.285*/286public Builder tsa(URI uri) {287this.tsaUrl = Objects.requireNonNull(uri);288return this;289}290291/**292* Sets the signer name. The name will be used as the base name for293* the signature files. All lowercase characters will be converted to294* uppercase for signature file names. If a signer name is not295* specified, the string "SIGNER" will be used.296*297* @param name the signer name.298* @return the {@code JarSigner.Builder} itself.299* @throws IllegalArgumentException if {@code name} is empty or has300* a size bigger than 8, or it contains characters not from the301* set "a-zA-Z0-9_-".302*/303public Builder signerName(String name) {304if (name.isEmpty() || name.length() > 8) {305throw new IllegalArgumentException("Name too long");306}307308name = name.toUpperCase(Locale.ENGLISH);309310for (int j = 0; j < name.length(); j++) {311char c = name.charAt(j);312if (!313((c >= 'A' && c <= 'Z') ||314(c >= '0' && c <= '9') ||315(c == '-') ||316(c == '_'))) {317throw new IllegalArgumentException(318"Invalid characters in name");319}320}321this.signerName = name;322return this;323}324325/**326* Sets en event handler that will be triggered when a {@link JarEntry}327* is to be added, signed, or updated during the signing process.328* <p>329* The handler can be used to display signing progress. The first330* argument of the handler can be "adding", "signing", or "updating",331* and the second argument is the name of the {@link JarEntry}332* being processed.333*334* @param handler the event handler.335* @return the {@code JarSigner.Builder} itself.336*/337public Builder eventHandler(BiConsumer<String,String> handler) {338this.handler = Objects.requireNonNull(handler);339return this;340}341342/**343* Sets an additional implementation-specific property indicated by344* the specified key.345*346* @implNote This implementation supports the following properties:347* <ul>348* <li>"tsaDigestAlg": algorithm of digest data in the timestamping349* request. The default value is the same as the result of350* {@link #getDefaultDigestAlgorithm}.351* <li>"tsaPolicyId": TSAPolicyID for Timestamping Authority.352* No default value.353* <li>"internalsf": "true" if the .SF file is included inside the354* signature block, "false" otherwise. Default "false".355* <li>"sectionsonly": "true" if the .SF file only contains the hash356* value for each section of the manifest and not for the whole357* manifest, "false" otherwise. Default "false".358* </ul>359* All property names are case-insensitive.360*361* @param key the name of the property.362* @param value the value of the property.363* @return the {@code JarSigner.Builder} itself.364* @throws UnsupportedOperationException if the key is not supported365* by this implementation.366* @throws IllegalArgumentException if the value is not accepted as367* a legal value for this key.368*/369public Builder setProperty(String key, String value) {370Objects.requireNonNull(key);371Objects.requireNonNull(value);372switch (key.toLowerCase(Locale.US)) {373case "tsadigestalg":374try {375MessageDigest.getInstance(value);376} catch (NoSuchAlgorithmException nsae) {377throw new IllegalArgumentException(378"Invalid tsadigestalg", nsae);379}380this.tSADigestAlg = value;381break;382case "tsapolicyid":383this.tSAPolicyID = value;384break;385case "internalsf":386this.internalsf = parseBoolean("interalsf", value);387break;388case "sectionsonly":389this.sectionsonly = parseBoolean("sectionsonly", value);390break;391case "altsignerpath":392altSignerPath = value;393break;394case "altsigner":395altSigner = value;396break;397default:398throw new UnsupportedOperationException(399"Unsupported key " + key);400}401return this;402}403404private static boolean parseBoolean(String name, String value) {405switch (value) {406case "true":407return true;408case "false":409return false;410default:411throw new IllegalArgumentException(412"Invalid " + name + " value");413}414}415416/**417* Gets the default digest algorithm.418*419* @implNote This implementation returns "SHA-256". The value may420* change in the future.421*422* @return the default digest algorithm.423*/424public static String getDefaultDigestAlgorithm() {425return "SHA-256";426}427428/**429* Gets the default signature algorithm for a private key.430* For example, SHA256withRSA for a 2048-bit RSA key, and431* SHA384withECDSA for a 384-bit EC key.432*433* @implNote This implementation makes use of comparable strengths434* as defined in Tables 2 and 3 of NIST SP 800-57 Part 1-Rev.4.435* Specifically, if a DSA or RSA key with a key size greater than 7680436* bits, or an EC key with a key size greater than or equal to 512 bits,437* SHA-512 will be used as the hash function for the signature.438* If a DSA or RSA key has a key size greater than 3072 bits, or an439* EC key has a key size greater than or equal to 384 bits, SHA-384 will440* be used. Otherwise, SHA-256 will be used. The value may441* change in the future.442*443* @param key the private key.444* @return the default signature algorithm. Returns null if a default445* signature algorithm cannot be found. In this case,446* {@link #signatureAlgorithm} must be called to specify a447* signature algorithm. Otherwise, the {@link #build} method448* will throw an {@link IllegalArgumentException}.449*/450public static String getDefaultSignatureAlgorithm(PrivateKey key) {451// Attention: sync the spec with SignatureUtil::ecStrength and452// SignatureUtil::ifcFfcStrength.453return SignatureUtil.getDefaultSigAlgForKey(Objects.requireNonNull(key));454}455456/**457* Builds a {@code JarSigner} object from the parameters set by the458* setter methods.459* <p>460* This method does not modify internal state of this {@code Builder}461* object and can be called multiple times to generate multiple462* {@code JarSigner} objects. After this method is called, calling463* any method on this {@code Builder} will have no effect on464* the newly built {@code JarSigner} object.465*466* @return the {@code JarSigner} object.467* @throws IllegalArgumentException if a signature algorithm is not468* set and cannot be derived from the private key using the469* {@link #getDefaultSignatureAlgorithm} method.470*/471public JarSigner build() {472return new JarSigner(this);473}474}475476private static final String META_INF = "META-INF/";477478// All fields in Builder are duplicated here as final. Those not479// provided but has a default value will be filled with default value.480481// Precisely, a final array field can still be modified if only482// reference is copied, no clone is done because we are concerned about483// casual change instead of malicious attack.484485// Signer materials:486private final PrivateKey privateKey;487private final X509Certificate[] certChain;488489// JarSigner options:490private final String[] digestalg;491private final String sigalg;492private final Provider digestProvider;493private final Provider sigProvider;494private final URI tsaUrl;495private final String signerName;496private final BiConsumer<String,String> handler;497498// Implementation-specific properties:499private final String tSAPolicyID;500private final String tSADigestAlg;501private final boolean sectionsonly; // do not "sign" the whole manifest502private final boolean internalsf; // include the .SF inside the PKCS7 block503504@Deprecated(since="16", forRemoval=true)505private final String altSignerPath;506@Deprecated(since="16", forRemoval=true)507private final String altSigner;508private boolean extraAttrsDetected;509510private JarSigner(JarSigner.Builder builder) {511512this.privateKey = builder.privateKey;513this.certChain = builder.certChain;514if (builder.digestalg != null) {515// No need to clone because builder only accepts one alg now516this.digestalg = builder.digestalg;517} else {518this.digestalg = new String[] {519Builder.getDefaultDigestAlgorithm() };520}521this.digestProvider = builder.digestProvider;522if (builder.sigalg != null) {523this.sigalg = builder.sigalg;524} else {525this.sigalg = JarSigner.Builder526.getDefaultSignatureAlgorithm(privateKey);527if (this.sigalg == null) {528throw new IllegalArgumentException(529"No signature alg for " + privateKey.getAlgorithm());530}531}532this.sigProvider = builder.sigProvider;533this.tsaUrl = builder.tsaUrl;534535if (builder.signerName == null) {536this.signerName = "SIGNER";537} else {538this.signerName = builder.signerName;539}540this.handler = builder.handler;541542if (builder.tSADigestAlg != null) {543this.tSADigestAlg = builder.tSADigestAlg;544} else {545this.tSADigestAlg = Builder.getDefaultDigestAlgorithm();546}547this.tSAPolicyID = builder.tSAPolicyID;548this.sectionsonly = builder.sectionsonly;549this.internalsf = builder.internalsf;550this.altSigner = builder.altSigner;551this.altSignerPath = builder.altSignerPath;552553// altSigner cannot support modern algorithms like RSASSA-PSS and EdDSA554if (altSigner != null555&& !sigalg.toUpperCase(Locale.ENGLISH).contains("WITH")) {556throw new IllegalArgumentException(557"Customized ContentSigner is not supported for " + sigalg);558}559}560561/**562* Signs a file into an {@link OutputStream}. This method will not close563* {@code file} or {@code os}.564* <p>565* If an I/O error or signing error occurs during the signing, then it may566* do so after some bytes have been written. Consequently, the output567* stream may be in an inconsistent state. It is strongly recommended that568* it be promptly closed in this case.569*570* @param file the file to sign.571* @param os the output stream.572* @throws JarSignerException if the signing fails.573*/574public void sign(ZipFile file, OutputStream os) {575try {576sign0(Objects.requireNonNull(file),577Objects.requireNonNull(os));578} catch (SocketTimeoutException | CertificateException e) {579// CertificateException is thrown when the received cert from TSA580// has no id-kp-timeStamping in its Extended Key Usages extension.581throw new JarSignerException("Error applying timestamp", e);582} catch (IOException ioe) {583throw new JarSignerException("I/O error", ioe);584} catch (NoSuchAlgorithmException | InvalidKeyException585| InvalidParameterSpecException e) {586throw new JarSignerException("Error in signer materials", e);587} catch (SignatureException se) {588throw new JarSignerException("Error creating signature", se);589}590}591592/**593* Returns the digest algorithm for this {@code JarSigner}.594* <p>595* The return value is never null.596*597* @return the digest algorithm.598*/599public String getDigestAlgorithm() {600return digestalg[0];601}602603/**604* Returns the signature algorithm for this {@code JarSigner}.605* <p>606* The return value is never null.607*608* @return the signature algorithm.609*/610public String getSignatureAlgorithm() {611return sigalg;612}613614/**615* Returns the URI of the Time Stamping Authority (TSA).616*617* @return the URI of the TSA.618*/619public URI getTsa() {620return tsaUrl;621}622623/**624* Returns the signer name of this {@code JarSigner}.625* <p>626* The return value is never null.627*628* @return the signer name.629*/630public String getSignerName() {631return signerName;632}633634/**635* Returns the value of an additional implementation-specific property636* indicated by the specified key. If a property is not set but has a637* default value, the default value will be returned.638*639* @implNote See {@link JarSigner.Builder#setProperty} for a list of640* properties this implementation supports. All property names are641* case-insensitive.642*643* @param key the name of the property.644* @return the value for the property.645* @throws UnsupportedOperationException if the key is not supported646* by this implementation.647*/648public String getProperty(String key) {649Objects.requireNonNull(key);650switch (key.toLowerCase(Locale.US)) {651case "tsadigestalg":652return tSADigestAlg;653case "tsapolicyid":654return tSAPolicyID;655case "internalsf":656return Boolean.toString(internalsf);657case "sectionsonly":658return Boolean.toString(sectionsonly);659case "altsignerpath":660return altSignerPath;661case "altsigner":662return altSigner;663default:664throw new UnsupportedOperationException(665"Unsupported key " + key);666}667}668669private void sign0(ZipFile zipFile, OutputStream os)670throws IOException, CertificateException, NoSuchAlgorithmException,671SignatureException, InvalidKeyException, InvalidParameterSpecException {672MessageDigest[] digests;673try {674digests = new MessageDigest[digestalg.length];675for (int i = 0; i < digestalg.length; i++) {676if (digestProvider == null) {677digests[i] = MessageDigest.getInstance(digestalg[i]);678} else {679digests[i] = MessageDigest.getInstance(680digestalg[i], digestProvider);681}682}683} catch (NoSuchAlgorithmException asae) {684// Should not happen. User provided alg were checked, and default685// alg should always be available.686throw new AssertionError(asae);687}688689ZipOutputStream zos = new ZipOutputStream(os);690691Manifest manifest = new Manifest();692byte[] mfRawBytes = null;693694// Check if manifest exists695ZipEntry mfFile = getManifestFile(zipFile);696boolean mfCreated = mfFile == null;697if (!mfCreated) {698// Manifest exists. Read its raw bytes.699mfRawBytes = zipFile.getInputStream(mfFile).readAllBytes();700manifest.read(new ByteArrayInputStream(mfRawBytes));701} else {702// Create new manifest703Attributes mattr = manifest.getMainAttributes();704mattr.putValue(Attributes.Name.MANIFEST_VERSION.toString(),705"1.0");706String javaVendor = System.getProperty("java.vendor");707String jdkVersion = System.getProperty("java.version");708mattr.putValue("Created-By", jdkVersion + " (" + javaVendor709+ ")");710mfFile = new ZipEntry(JarFile.MANIFEST_NAME);711}712713/*714* For each entry in jar715* (except for signature-related META-INF entries),716* do the following:717*718* - if entry is not contained in manifest, add it to manifest;719* - if entry is contained in manifest, calculate its hash and720* compare it with the one in the manifest; if they are721* different, replace the hash in the manifest with the newly722* generated one. (This may invalidate existing signatures!)723*/724Vector<ZipEntry> mfFiles = new Vector<>();725726boolean wasSigned = false;727728for (Enumeration<? extends ZipEntry> enum_ = zipFile.entries();729enum_.hasMoreElements(); ) {730ZipEntry ze = enum_.nextElement();731732if (ze.getName().startsWith(META_INF)) {733// Store META-INF files in vector, so they can be written734// out first735mfFiles.addElement(ze);736737String zeNameUp = ze.getName().toUpperCase(Locale.ENGLISH);738if (SignatureFileVerifier.isBlockOrSF(zeNameUp)739// no need to preserve binary manifest portions740// if the only existing signature will be replaced741&& !zeNameUp.startsWith(SignatureFile742.getBaseSignatureFilesName(signerName))) {743wasSigned = true;744}745746if (SignatureFileVerifier.isSigningRelated(ze.getName())) {747// ignore signature-related and manifest files748continue;749}750}751752if (manifest.getAttributes(ze.getName()) != null) {753// jar entry is contained in manifest, check and754// possibly update its digest attributes755updateDigests(ze, zipFile, digests, manifest);756} else if (!ze.isDirectory()) {757// Add entry to manifest758Attributes attrs = getDigestAttributes(ze, zipFile, digests);759manifest.getEntries().put(ze.getName(), attrs);760}761}762763/*764* Note:765*766* The Attributes object is based on HashMap and can handle767* continuation lines. Therefore, even if the contents are not changed768* (in a Map view), the bytes that it write() may be different from769* the original bytes that it read() from. Since the signature is770* based on raw bytes, we must retain the exact bytes.771*/772boolean mfModified;773ByteArrayOutputStream baos = new ByteArrayOutputStream();774if (mfCreated || !wasSigned) {775mfModified = true;776manifest.write(baos);777mfRawBytes = baos.toByteArray();778} else {779780// the manifest before updating781Manifest oldManifest = new Manifest(782new ByteArrayInputStream(mfRawBytes));783mfModified = !oldManifest.equals(manifest);784if (!mfModified) {785// leave whole manifest (mfRawBytes) unmodified786} else {787// reproduce the manifest raw bytes for unmodified sections788manifest.write(baos);789byte[] mfNewRawBytes = baos.toByteArray();790baos.reset();791792ManifestDigester oldMd = new ManifestDigester(mfRawBytes);793ManifestDigester newMd = new ManifestDigester(mfNewRawBytes);794795ManifestDigester.Entry oldEntry = oldMd.getMainAttsEntry();796797// main attributes798if (oldEntry != null799&& manifest.getMainAttributes().equals(800oldManifest.getMainAttributes())801&& (manifest.getEntries().isEmpty() ||802oldEntry.isProperlyDelimited())) {803oldEntry.reproduceRaw(baos);804} else {805if (newMd.getMainAttsEntry() == null) {806throw new SignatureException("Error getting new main attribute entry");807}808newMd.getMainAttsEntry().reproduceRaw(baos);809}810811// individual sections812for (Map.Entry<String,Attributes> entry :813manifest.getEntries().entrySet()) {814String sectionName = entry.getKey();815Attributes entryAtts = entry.getValue();816if (entryAtts.equals(oldManifest.getAttributes(sectionName))817&& oldMd.get(sectionName).isProperlyDelimited()) {818oldMd.get(sectionName).reproduceRaw(baos);819} else {820newMd.get(sectionName).reproduceRaw(baos);821}822}823824mfRawBytes = baos.toByteArray();825}826}827828// Write out the manifest829if (mfModified) {830// manifest file has new length831mfFile = new ZipEntry(JarFile.MANIFEST_NAME);832}833if (handler != null) {834if (mfCreated || !mfModified) {835handler.accept("adding", mfFile.getName());836} else {837handler.accept("updating", mfFile.getName());838}839}840zos.putNextEntry(mfFile);841zos.write(mfRawBytes);842843// Calculate SignatureFile (".SF") and SignatureBlockFile844ManifestDigester manDig = new ManifestDigester(mfRawBytes);845SignatureFile sf = new SignatureFile(digests, manifest, manDig,846signerName, sectionsonly);847848byte[] block;849850baos.reset();851sf.write(baos);852byte[] content = baos.toByteArray();853854if (altSigner == null) {855Function<byte[], PKCS9Attributes> timestamper = null;856if (tsaUrl != null) {857timestamper = s -> {858try {859// Timestamp the signature860HttpTimestamper tsa = new HttpTimestamper(tsaUrl);861byte[] tsToken = PKCS7.generateTimestampToken(862tsa, tSAPolicyID, tSADigestAlg, s);863864return new PKCS9Attributes(new PKCS9Attribute[]{865new PKCS9Attribute(866PKCS9Attribute.SIGNATURE_TIMESTAMP_TOKEN_OID,867tsToken)});868} catch (IOException | CertificateException e) {869throw new RuntimeException(e);870}871};872}873// We now create authAttrs in block data, so "direct == false".874block = PKCS7.generateNewSignedData(sigalg, sigProvider, privateKey, certChain,875content, internalsf, false, timestamper);876} else {877Signature signer = SignatureUtil.fromKey(sigalg, privateKey, sigProvider);878signer.update(content);879byte[] signature = signer.sign();880881@SuppressWarnings("removal")882ContentSignerParameters params =883new JarSignerParameters(null, tsaUrl, tSAPolicyID,884tSADigestAlg, signature,885signer.getAlgorithm(), certChain, content, zipFile);886@SuppressWarnings("removal")887ContentSigner signingMechanism = loadSigningMechanism(altSigner, altSignerPath);888block = signingMechanism.generateSignedData(889params,890!internalsf,891params.getTimestampingAuthority() != null892|| params.getTimestampingAuthorityCertificate() != null);893}894895String sfFilename = sf.getMetaName();896String bkFilename = sf.getBlockName(privateKey);897898ZipEntry sfFile = new ZipEntry(sfFilename);899ZipEntry bkFile = new ZipEntry(bkFilename);900901long time = System.currentTimeMillis();902sfFile.setTime(time);903bkFile.setTime(time);904905// signature file906zos.putNextEntry(sfFile);907sf.write(zos);908909if (handler != null) {910if (zipFile.getEntry(sfFilename) != null) {911handler.accept("updating", sfFilename);912} else {913handler.accept("adding", sfFilename);914}915}916917// signature block file918zos.putNextEntry(bkFile);919zos.write(block);920921if (handler != null) {922if (zipFile.getEntry(bkFilename) != null) {923handler.accept("updating", bkFilename);924} else {925handler.accept("adding", bkFilename);926}927}928929// Write out all other META-INF files that we stored in the930// vector931for (int i = 0; i < mfFiles.size(); i++) {932ZipEntry ze = mfFiles.elementAt(i);933if (!ze.getName().equalsIgnoreCase(JarFile.MANIFEST_NAME)934&& !ze.getName().equalsIgnoreCase(sfFilename)935&& !ze.getName().equalsIgnoreCase(bkFilename)) {936if (ze.getName().startsWith(SignatureFile937.getBaseSignatureFilesName(signerName))938&& SignatureFileVerifier.isBlockOrSF(ze.getName())) {939if (handler != null) {940handler.accept("updating", ze.getName());941}942continue;943}944if (handler != null) {945if (manifest.getAttributes(ze.getName()) != null) {946handler.accept("signing", ze.getName());947} else if (!ze.isDirectory()) {948handler.accept("adding", ze.getName());949}950}951writeEntry(zipFile, zos, ze);952}953}954955// Write out all other files956for (Enumeration<? extends ZipEntry> enum_ = zipFile.entries();957enum_.hasMoreElements(); ) {958ZipEntry ze = enum_.nextElement();959960if (!ze.getName().startsWith(META_INF)) {961if (handler != null) {962if (manifest.getAttributes(ze.getName()) != null) {963handler.accept("signing", ze.getName());964} else {965handler.accept("adding", ze.getName());966}967}968writeEntry(zipFile, zos, ze);969}970}971zipFile.close();972zos.close();973}974975private void writeEntry(ZipFile zf, ZipOutputStream os, ZipEntry ze)976throws IOException {977ZipEntry ze2 = new ZipEntry(ze.getName());978ze2.setMethod(ze.getMethod());979ze2.setTime(ze.getTime());980ze2.setComment(ze.getComment());981ze2.setExtra(ze.getExtra());982int extraAttrs = JUZFA.getExtraAttributes(ze);983if (!extraAttrsDetected && extraAttrs != -1) {984extraAttrsDetected = true;985Event.report(Event.ReporterCategory.ZIPFILEATTRS, "detected");986}987JUZFA.setExtraAttributes(ze2, extraAttrs);988if (ze.getMethod() == ZipEntry.STORED) {989ze2.setSize(ze.getSize());990ze2.setCrc(ze.getCrc());991}992os.putNextEntry(ze2);993writeBytes(zf, ze, os);994}995996private void writeBytes997(ZipFile zf, ZipEntry ze, ZipOutputStream os) throws IOException {998try (InputStream is = zf.getInputStream(ze)) {999is.transferTo(os);1000}1001}10021003private void updateDigests(ZipEntry ze, ZipFile zf,1004MessageDigest[] digests,1005Manifest mf) throws IOException {1006Attributes attrs = mf.getAttributes(ze.getName());1007String[] base64Digests = getDigests(ze, zf, digests);10081009for (int i = 0; i < digests.length; i++) {1010// The entry name to be written into attrs1011String name = null;1012try {1013// Find if the digest already exists. An algorithm could have1014// different names. For example, last time it was SHA, and this1015// time it's SHA-1.1016AlgorithmId aid = AlgorithmId.get(digests[i].getAlgorithm());1017for (Object key : attrs.keySet()) {1018if (key instanceof Attributes.Name) {1019String n = key.toString();1020if (n.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST")) {1021String tmp = n.substring(0, n.length() - 7);1022if (AlgorithmId.get(tmp).equals(aid)) {1023name = n;1024break;1025}1026}1027}1028}1029} catch (NoSuchAlgorithmException nsae) {1030// Ignored. Writing new digest entry.1031}10321033if (name == null) {1034name = digests[i].getAlgorithm() + "-Digest";1035}1036attrs.putValue(name, base64Digests[i]);1037}1038}10391040private Attributes getDigestAttributes(1041ZipEntry ze, ZipFile zf, MessageDigest[] digests)1042throws IOException {10431044String[] base64Digests = getDigests(ze, zf, digests);1045Attributes attrs = new Attributes();10461047for (int i = 0; i < digests.length; i++) {1048attrs.putValue(digests[i].getAlgorithm() + "-Digest",1049base64Digests[i]);1050}1051return attrs;1052}10531054/*1055* Returns manifest entry from given jar file, or null if given jar file1056* does not have a manifest entry.1057*/1058private ZipEntry getManifestFile(ZipFile zf) {1059ZipEntry ze = zf.getEntry(JarFile.MANIFEST_NAME);1060if (ze == null) {1061// Check all entries for matching name1062Enumeration<? extends ZipEntry> enum_ = zf.entries();1063while (enum_.hasMoreElements() && ze == null) {1064ze = enum_.nextElement();1065if (!JarFile.MANIFEST_NAME.equalsIgnoreCase1066(ze.getName())) {1067ze = null;1068}1069}1070}1071return ze;1072}10731074private String[] getDigests(1075ZipEntry ze, ZipFile zf, MessageDigest[] digests)1076throws IOException {10771078int n, i;1079try (InputStream is = zf.getInputStream(ze)) {1080long left = ze.getSize();1081byte[] buffer = new byte[8192];1082while ((left > 0)1083&& (n = is.read(buffer, 0, buffer.length)) != -1) {1084for (i = 0; i < digests.length; i++) {1085digests[i].update(buffer, 0, n);1086}1087left -= n;1088}1089}10901091// complete the digests1092String[] base64Digests = new String[digests.length];1093for (i = 0; i < digests.length; i++) {1094base64Digests[i] = Base64.getEncoder()1095.encodeToString(digests[i].digest());1096}1097return base64Digests;1098}10991100/*1101* Try to load the specified signing mechanism.1102* The URL class loader is used.1103*/1104@SuppressWarnings("removal")1105private ContentSigner loadSigningMechanism(String signerClassName,1106String signerClassPath) {11071108// If there is no signerClassPath provided, search from here1109if (signerClassPath == null) {1110signerClassPath = ".";1111}11121113// construct class loader1114String cpString; // make sure env.class.path defaults to dot11151116// do prepends to get correct ordering1117cpString = PathList.appendPath(1118System.getProperty("env.class.path"), null);1119cpString = PathList.appendPath(1120System.getProperty("java.class.path"), cpString);1121cpString = PathList.appendPath(signerClassPath, cpString);1122URL[] urls = PathList.pathToURLs(cpString);1123ClassLoader appClassLoader = new URLClassLoader(urls);11241125try {1126// attempt to find signer1127Class<?> signerClass = appClassLoader.loadClass(signerClassName);1128Object signer = signerClass.getDeclaredConstructor().newInstance();1129return (ContentSigner) signer;1130} catch (ClassNotFoundException|InstantiationException|1131IllegalAccessException|ClassCastException|1132NoSuchMethodException| InvocationTargetException e) {1133throw new IllegalArgumentException(1134"Invalid altSigner or altSignerPath", e);1135}1136}11371138static class SignatureFile {11391140/**1141* SignatureFile1142*/1143Manifest sf;11441145/**1146* .SF base name1147*/1148String baseName;11491150public SignatureFile(MessageDigest digests[],1151Manifest mf,1152ManifestDigester md,1153String baseName,1154boolean sectionsonly) {11551156this.baseName = baseName;11571158String version = System.getProperty("java.version");1159String javaVendor = System.getProperty("java.vendor");11601161sf = new Manifest();1162Attributes mattr = sf.getMainAttributes();11631164mattr.putValue(Attributes.Name.SIGNATURE_VERSION.toString(), "1.0");1165mattr.putValue("Created-By", version + " (" + javaVendor + ")");11661167if (!sectionsonly) {1168for (MessageDigest digest: digests) {1169mattr.putValue(digest.getAlgorithm() + "-Digest-Manifest",1170Base64.getEncoder().encodeToString(1171md.manifestDigest(digest)));1172}1173}11741175// create digest of the manifest main attributes1176ManifestDigester.Entry mde = md.getMainAttsEntry(false);1177if (mde != null) {1178for (MessageDigest digest : digests) {1179mattr.putValue(digest.getAlgorithm() + "-Digest-" +1180ManifestDigester.MF_MAIN_ATTRS,1181Base64.getEncoder().encodeToString(mde.digest(digest)));1182}1183} else {1184throw new IllegalStateException1185("ManifestDigester failed to create " +1186"Manifest-Main-Attribute entry");1187}11881189// go through the manifest entries and create the digests1190Map<String, Attributes> entries = sf.getEntries();1191for (String name: mf.getEntries().keySet()) {1192mde = md.get(name, false);1193if (mde != null) {1194Attributes attr = new Attributes();1195for (MessageDigest digest: digests) {1196attr.putValue(digest.getAlgorithm() + "-Digest",1197Base64.getEncoder().encodeToString(1198mde.digest(digest)));1199}1200entries.put(name, attr);1201}1202}1203}12041205// Write .SF file1206public void write(OutputStream out) throws IOException {1207sf.write(out);1208}12091210private static String getBaseSignatureFilesName(String baseName) {1211return "META-INF/" + baseName + ".";1212}12131214// get .SF file name1215public String getMetaName() {1216return getBaseSignatureFilesName(baseName) + "SF";1217}12181219// get .DSA (or .DSA, .EC) file name1220public String getBlockName(PrivateKey privateKey) {1221String type = SignatureFileVerifier.getBlockExtension(privateKey);1222return getBaseSignatureFilesName(baseName) + type;1223}1224}12251226@SuppressWarnings("removal")1227@Deprecated(since="16", forRemoval=true)1228class JarSignerParameters implements ContentSignerParameters {12291230private String[] args;1231private URI tsa;1232private byte[] signature;1233private String signatureAlgorithm;1234private X509Certificate[] signerCertificateChain;1235private byte[] content;1236private ZipFile source;1237private String tSAPolicyID;1238private String tSADigestAlg;12391240JarSignerParameters(String[] args, URI tsa,1241String tSAPolicyID, String tSADigestAlg,1242byte[] signature, String signatureAlgorithm,1243X509Certificate[] signerCertificateChain,1244byte[] content, ZipFile source) {12451246Objects.requireNonNull(signature);1247Objects.requireNonNull(signatureAlgorithm);1248Objects.requireNonNull(signerCertificateChain);12491250this.args = args;1251this.tsa = tsa;1252this.tSAPolicyID = tSAPolicyID;1253this.tSADigestAlg = tSADigestAlg;1254this.signature = signature;1255this.signatureAlgorithm = signatureAlgorithm;1256this.signerCertificateChain = signerCertificateChain;1257this.content = content;1258this.source = source;1259}12601261public String[] getCommandLine() {1262return args;1263}12641265public URI getTimestampingAuthority() {1266return tsa;1267}12681269public X509Certificate getTimestampingAuthorityCertificate() {1270// We don't use this param. Always provide tsaURI.1271return null;1272}12731274public String getTSAPolicyID() {1275return tSAPolicyID;1276}12771278public String getTSADigestAlg() {1279return tSADigestAlg;1280}12811282public byte[] getSignature() {1283return signature;1284}12851286public String getSignatureAlgorithm() {1287return signatureAlgorithm;1288}12891290public X509Certificate[] getSignerCertificateChain() {1291return signerCertificateChain;1292}12931294public byte[] getContent() {1295return content;1296}12971298public ZipFile getSource() {1299return source;1300}1301}1302}130313041305