author | ascarpino |
Thu, 21 Jul 2016 10:33:56 -0700 | |
changeset 41580 | cc479488428c |
parent 38375 | 5df893ca926c |
child 43701 | fe8c324ba97c |
permissions | -rw-r--r-- |
2 | 1 |
/* |
41580 | 2 |
* Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
package sun.security.util; |
|
27 |
||
41580 | 28 |
import java.io.ByteArrayInputStream; |
29 |
import java.io.IOException; |
|
30 |
import java.security.CodeSigner; |
|
31 |
import java.security.CryptoPrimitive; |
|
32 |
import java.security.MessageDigest; |
|
33 |
import java.security.NoSuchAlgorithmException; |
|
34 |
import java.security.SignatureException; |
|
2 | 35 |
import java.security.cert.CertPath; |
36 |
import java.security.cert.X509Certificate; |
|
37 |
import java.security.cert.CertificateException; |
|
38 |
import java.security.cert.CertificateFactory; |
|
41580 | 39 |
import java.util.ArrayList; |
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
40 |
import java.util.Base64; |
41580 | 41 |
import java.util.Collections; |
42 |
import java.util.EnumSet; |
|
43 |
import java.util.HashMap; |
|
44 |
import java.util.Hashtable; |
|
45 |
import java.util.Iterator; |
|
46 |
import java.util.List; |
|
47 |
import java.util.Locale; |
|
48 |
import java.util.Map; |
|
49 |
import java.util.Set; |
|
50 |
import java.util.jar.Attributes; |
|
51 |
import java.util.jar.JarException; |
|
52 |
import java.util.jar.JarFile; |
|
53 |
import java.util.jar.Manifest; |
|
2 | 54 |
|
55 |
import sun.security.jca.Providers; |
|
41580 | 56 |
import sun.security.pkcs.PKCS7; |
57 |
import sun.security.pkcs.SignerInfo; |
|
2 | 58 |
|
59 |
public class SignatureFileVerifier { |
|
60 |
||
61 |
/* Are we debugging ? */ |
|
62 |
private static final Debug debug = Debug.getInstance("jar"); |
|
63 |
||
41580 | 64 |
private static final Set<CryptoPrimitive> DIGEST_PRIMITIVE_SET = |
65 |
Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.MESSAGE_DIGEST)); |
|
66 |
||
67 |
private static final DisabledAlgorithmConstraints JAR_DISABLED_CHECK = |
|
68 |
new DisabledAlgorithmConstraints( |
|
69 |
DisabledAlgorithmConstraints.PROPERTY_JAR_DISABLED_ALGS); |
|
70 |
||
2 | 71 |
private ArrayList<CodeSigner[]> signerCache; |
72 |
||
73 |
private static final String ATTR_DIGEST = |
|
74 |
("-DIGEST-" + ManifestDigester.MF_MAIN_ATTRS).toUpperCase |
|
75 |
(Locale.ENGLISH); |
|
76 |
||
4152 | 77 |
/** the PKCS7 block for this .DSA/.RSA/.EC file */ |
2 | 78 |
private PKCS7 block; |
79 |
||
9365 | 80 |
/** the raw bytes of the .SF file */ |
31538
0981099a3e54
8130022: Use Java-style array declarations consistently
igerasim
parents:
30374
diff
changeset
|
81 |
private byte[] sfBytes; |
2 | 82 |
|
83 |
/** the name of the signature block file, uppercased and without |
|
4152 | 84 |
* the extension (.DSA/.RSA/.EC) |
2 | 85 |
*/ |
86 |
private String name; |
|
87 |
||
88 |
/** the ManifestDigester */ |
|
89 |
private ManifestDigester md; |
|
90 |
||
91 |
/** cache of created MessageDigest objects */ |
|
92 |
private HashMap<String, MessageDigest> createdDigests; |
|
93 |
||
94 |
/* workaround for parsing Netscape jars */ |
|
95 |
private boolean workaround = false; |
|
96 |
||
97 |
/* for generating certpath objects */ |
|
98 |
private CertificateFactory certificateFactory = null; |
|
99 |
||
100 |
/** |
|
101 |
* Create the named SignatureFileVerifier. |
|
102 |
* |
|
4152 | 103 |
* @param name the name of the signature block file (.DSA/.RSA/.EC) |
2 | 104 |
* |
105 |
* @param rawBytes the raw bytes of the signature block file |
|
106 |
*/ |
|
107 |
public SignatureFileVerifier(ArrayList<CodeSigner[]> signerCache, |
|
108 |
ManifestDigester md, |
|
109 |
String name, |
|
31538
0981099a3e54
8130022: Use Java-style array declarations consistently
igerasim
parents:
30374
diff
changeset
|
110 |
byte[] rawBytes) |
2 | 111 |
throws IOException, CertificateException |
112 |
{ |
|
113 |
// new PKCS7() calls CertificateFactory.getInstance() |
|
114 |
// need to use local providers here, see Providers class |
|
115 |
Object obj = null; |
|
116 |
try { |
|
117 |
obj = Providers.startJarVerification(); |
|
118 |
block = new PKCS7(rawBytes); |
|
9365 | 119 |
sfBytes = block.getContentInfo().getData(); |
2 | 120 |
certificateFactory = CertificateFactory.getInstance("X509"); |
121 |
} finally { |
|
122 |
Providers.stopJarVerification(obj); |
|
123 |
} |
|
24685
215fa91e1b4c
8044461: Cleanup new Boolean and single character strings
rriggs
parents:
23912
diff
changeset
|
124 |
this.name = name.substring(0, name.lastIndexOf('.')) |
2 | 125 |
.toUpperCase(Locale.ENGLISH); |
126 |
this.md = md; |
|
127 |
this.signerCache = signerCache; |
|
128 |
} |
|
129 |
||
130 |
/** |
|
131 |
* returns true if we need the .SF file |
|
132 |
*/ |
|
9365 | 133 |
public boolean needSignatureFileBytes() |
2 | 134 |
{ |
9365 | 135 |
|
136 |
return sfBytes == null; |
|
2 | 137 |
} |
138 |
||
9365 | 139 |
|
140 |
/** |
|
141 |
* returns true if we need this .SF file. |
|
142 |
* |
|
143 |
* @param name the name of the .SF file without the extension |
|
144 |
* |
|
145 |
*/ |
|
146 |
public boolean needSignatureFile(String name) |
|
147 |
{ |
|
148 |
return this.name.equalsIgnoreCase(name); |
|
149 |
} |
|
150 |
||
151 |
/** |
|
152 |
* used to set the raw bytes of the .SF file when it |
|
153 |
* is external to the signature block file. |
|
154 |
*/ |
|
31538
0981099a3e54
8130022: Use Java-style array declarations consistently
igerasim
parents:
30374
diff
changeset
|
155 |
public void setSignatureFile(byte[] sfBytes) |
9365 | 156 |
{ |
157 |
this.sfBytes = sfBytes; |
|
2 | 158 |
} |
159 |
||
160 |
/** |
|
161 |
* Utility method used by JarVerifier and JarSigner |
|
162 |
* to determine the signature file names and PKCS7 block |
|
163 |
* files names that are supported |
|
164 |
* |
|
165 |
* @param s file name |
|
166 |
* @return true if the input file name is a supported |
|
167 |
* Signature File or PKCS7 block file name |
|
168 |
*/ |
|
169 |
public static boolean isBlockOrSF(String s) { |
|
9365 | 170 |
// we currently only support DSA and RSA PKCS7 blocks |
38375 | 171 |
return s.endsWith(".SF") |
172 |
|| s.endsWith(".DSA") |
|
173 |
|| s.endsWith(".RSA") |
|
174 |
|| s.endsWith(".EC"); |
|
2 | 175 |
} |
176 |
||
23912 | 177 |
/** |
178 |
* Yet another utility method used by JarVerifier and JarSigner |
|
179 |
* to determine what files are signature related, which includes |
|
180 |
* the MANIFEST, SF files, known signature block files, and other |
|
181 |
* unknown signature related files (those starting with SIG- with |
|
182 |
* an optional [A-Z0-9]{1,3} extension right inside META-INF). |
|
183 |
* |
|
30374 | 184 |
* @param name file name |
23912 | 185 |
* @return true if the input file name is signature related |
186 |
*/ |
|
187 |
public static boolean isSigningRelated(String name) { |
|
188 |
name = name.toUpperCase(Locale.ENGLISH); |
|
189 |
if (!name.startsWith("META-INF/")) { |
|
190 |
return false; |
|
191 |
} |
|
192 |
name = name.substring(9); |
|
193 |
if (name.indexOf('/') != -1) { |
|
194 |
return false; |
|
195 |
} |
|
196 |
if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) { |
|
197 |
return true; |
|
198 |
} else if (name.startsWith("SIG-")) { |
|
199 |
// check filename extension |
|
200 |
// see http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures |
|
201 |
// for what filename extensions are legal |
|
202 |
int extIndex = name.lastIndexOf('.'); |
|
203 |
if (extIndex != -1) { |
|
204 |
String ext = name.substring(extIndex + 1); |
|
205 |
// validate length first |
|
206 |
if (ext.length() > 3 || ext.length() < 1) { |
|
207 |
return false; |
|
208 |
} |
|
209 |
// then check chars, must be in [a-zA-Z0-9] per the jar spec |
|
210 |
for (int index = 0; index < ext.length(); index++) { |
|
211 |
char cc = ext.charAt(index); |
|
212 |
// chars are promoted to uppercase so skip lowercase checks |
|
213 |
if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) { |
|
214 |
return false; |
|
215 |
} |
|
216 |
} |
|
217 |
} |
|
218 |
return true; // no extension is OK |
|
219 |
} |
|
220 |
return false; |
|
221 |
} |
|
222 |
||
2 | 223 |
/** get digest from cache */ |
224 |
||
41580 | 225 |
private MessageDigest getDigest(String algorithm) throws SignatureException { |
226 |
// check that algorithm is not restricted |
|
227 |
if (!JAR_DISABLED_CHECK.permits(DIGEST_PRIMITIVE_SET, algorithm, null)) { |
|
228 |
SignatureException e = |
|
229 |
new SignatureException("SignatureFile check failed. " + |
|
230 |
"Disabled algorithm used: " + algorithm); |
|
231 |
throw e; |
|
232 |
} |
|
233 |
||
2 | 234 |
if (createdDigests == null) |
30033
b9c86c17164a
8078468: Update security libraries to use diamond with anonymous classes
darcy
parents:
25859
diff
changeset
|
235 |
createdDigests = new HashMap<>(); |
2 | 236 |
|
237 |
MessageDigest digest = createdDigests.get(algorithm); |
|
238 |
||
239 |
if (digest == null) { |
|
240 |
try { |
|
241 |
digest = MessageDigest.getInstance(algorithm); |
|
242 |
createdDigests.put(algorithm, digest); |
|
243 |
} catch (NoSuchAlgorithmException nsae) { |
|
244 |
// ignore |
|
245 |
} |
|
246 |
} |
|
247 |
return digest; |
|
248 |
} |
|
249 |
||
250 |
/** |
|
251 |
* process the signature block file. Goes through the .SF file |
|
252 |
* and adds code signers for each section where the .SF section |
|
253 |
* hash was verified against the Manifest section. |
|
254 |
* |
|
255 |
* |
|
256 |
*/ |
|
9365 | 257 |
public void process(Hashtable<String, CodeSigner[]> signers, |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
9365
diff
changeset
|
258 |
List<Object> manifestDigests) |
2 | 259 |
throws IOException, SignatureException, NoSuchAlgorithmException, |
260 |
JarException, CertificateException |
|
261 |
{ |
|
262 |
// calls Signature.getInstance() and MessageDigest.getInstance() |
|
263 |
// need to use local providers here, see Providers class |
|
264 |
Object obj = null; |
|
265 |
try { |
|
266 |
obj = Providers.startJarVerification(); |
|
8387
f0fa7bbf889e
6742654: Code insertion/replacement attacks against signed jars
weijun
parents:
7524
diff
changeset
|
267 |
processImpl(signers, manifestDigests); |
2 | 268 |
} finally { |
269 |
Providers.stopJarVerification(obj); |
|
270 |
} |
|
271 |
||
272 |
} |
|
273 |
||
9365 | 274 |
private void processImpl(Hashtable<String, CodeSigner[]> signers, |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
9365
diff
changeset
|
275 |
List<Object> manifestDigests) |
2 | 276 |
throws IOException, SignatureException, NoSuchAlgorithmException, |
277 |
JarException, CertificateException |
|
278 |
{ |
|
9365 | 279 |
Manifest sf = new Manifest(); |
280 |
sf.read(new ByteArrayInputStream(sfBytes)); |
|
2 | 281 |
|
9365 | 282 |
String version = |
283 |
sf.getMainAttributes().getValue(Attributes.Name.SIGNATURE_VERSION); |
|
2 | 284 |
|
9365 | 285 |
if ((version == null) || !(version.equalsIgnoreCase("1.0"))) { |
286 |
// XXX: should this be an exception? |
|
287 |
// for now we just ignore this signature file |
|
288 |
return; |
|
2 | 289 |
} |
290 |
||
9365 | 291 |
SignerInfo[] infos = block.verify(sfBytes); |
2 | 292 |
|
9365 | 293 |
if (infos == null) { |
2 | 294 |
throw new SecurityException("cannot verify signature block file " + |
295 |
name); |
|
296 |
} |
|
297 |
||
298 |
||
299 |
CodeSigner[] newSigners = getSigners(infos, block); |
|
300 |
||
301 |
// make sure we have something to do all this work for... |
|
302 |
if (newSigners == null) |
|
303 |
return; |
|
304 |
||
9365 | 305 |
Iterator<Map.Entry<String,Attributes>> entries = |
306 |
sf.getEntries().entrySet().iterator(); |
|
307 |
||
308 |
// see if we can verify the whole manifest first |
|
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
309 |
boolean manifestSigned = verifyManifestHash(sf, md, manifestDigests); |
9365 | 310 |
|
2 | 311 |
// verify manifest main attributes |
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
312 |
if (!manifestSigned && !verifyManifestMainAttrs(sf, md)) { |
2 | 313 |
throw new SecurityException |
314 |
("Invalid signature file digest for Manifest main attributes"); |
|
315 |
} |
|
316 |
||
9365 | 317 |
// go through each section in the signature file |
2 | 318 |
while(entries.hasNext()) { |
319 |
||
320 |
Map.Entry<String,Attributes> e = entries.next(); |
|
321 |
String name = e.getKey(); |
|
322 |
||
323 |
if (manifestSigned || |
|
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
324 |
(verifySection(e.getValue(), name, md))) { |
2 | 325 |
|
326 |
if (name.startsWith("./")) |
|
327 |
name = name.substring(2); |
|
328 |
||
329 |
if (name.startsWith("/")) |
|
330 |
name = name.substring(1); |
|
331 |
||
332 |
updateSigners(newSigners, signers, name); |
|
333 |
||
334 |
if (debug != null) { |
|
335 |
debug.println("processSignature signed name = "+name); |
|
336 |
} |
|
337 |
||
338 |
} else if (debug != null) { |
|
339 |
debug.println("processSignature unsigned name = "+name); |
|
340 |
} |
|
341 |
} |
|
7524
ec12e1e6fa20
7004035: signed jar with only META-INF/* inside is not verifiable
weijun
parents:
5506
diff
changeset
|
342 |
|
ec12e1e6fa20
7004035: signed jar with only META-INF/* inside is not verifiable
weijun
parents:
5506
diff
changeset
|
343 |
// MANIFEST.MF is always regarded as signed |
ec12e1e6fa20
7004035: signed jar with only META-INF/* inside is not verifiable
weijun
parents:
5506
diff
changeset
|
344 |
updateSigners(newSigners, signers, JarFile.MANIFEST_NAME); |
2 | 345 |
} |
346 |
||
347 |
/** |
|
348 |
* See if the whole manifest was signed. |
|
349 |
*/ |
|
350 |
private boolean verifyManifestHash(Manifest sf, |
|
351 |
ManifestDigester md, |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
9365
diff
changeset
|
352 |
List<Object> manifestDigests) |
41580 | 353 |
throws IOException, SignatureException |
2 | 354 |
{ |
355 |
Attributes mattr = sf.getMainAttributes(); |
|
356 |
boolean manifestSigned = false; |
|
357 |
||
358 |
// go through all the attributes and process *-Digest-Manifest entries |
|
359 |
for (Map.Entry<Object,Object> se : mattr.entrySet()) { |
|
360 |
||
361 |
String key = se.getKey().toString(); |
|
362 |
||
363 |
if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST-MANIFEST")) { |
|
364 |
// 16 is length of "-Digest-Manifest" |
|
365 |
String algorithm = key.substring(0, key.length()-16); |
|
366 |
||
8387
f0fa7bbf889e
6742654: Code insertion/replacement attacks against signed jars
weijun
parents:
7524
diff
changeset
|
367 |
manifestDigests.add(key); |
f0fa7bbf889e
6742654: Code insertion/replacement attacks against signed jars
weijun
parents:
7524
diff
changeset
|
368 |
manifestDigests.add(se.getValue()); |
2 | 369 |
MessageDigest digest = getDigest(algorithm); |
370 |
if (digest != null) { |
|
371 |
byte[] computedHash = md.manifestDigest(digest); |
|
372 |
byte[] expectedHash = |
|
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
373 |
Base64.getMimeDecoder().decode((String)se.getValue()); |
2 | 374 |
|
375 |
if (debug != null) { |
|
376 |
debug.println("Signature File: Manifest digest " + |
|
377 |
digest.getAlgorithm()); |
|
378 |
debug.println( " sigfile " + toHex(expectedHash)); |
|
379 |
debug.println( " computed " + toHex(computedHash)); |
|
380 |
debug.println(); |
|
381 |
} |
|
382 |
||
383 |
if (MessageDigest.isEqual(computedHash, |
|
384 |
expectedHash)) { |
|
385 |
manifestSigned = true; |
|
386 |
} else { |
|
387 |
//XXX: we will continue and verify each section |
|
388 |
} |
|
389 |
} |
|
390 |
} |
|
391 |
} |
|
392 |
return manifestSigned; |
|
393 |
} |
|
394 |
||
395 |
private boolean verifyManifestMainAttrs(Manifest sf, |
|
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
396 |
ManifestDigester md) |
41580 | 397 |
throws IOException, SignatureException |
2 | 398 |
{ |
399 |
Attributes mattr = sf.getMainAttributes(); |
|
400 |
boolean attrsVerified = true; |
|
401 |
||
402 |
// go through all the attributes and process |
|
403 |
// digest entries for the manifest main attributes |
|
404 |
for (Map.Entry<Object,Object> se : mattr.entrySet()) { |
|
405 |
String key = se.getKey().toString(); |
|
406 |
||
407 |
if (key.toUpperCase(Locale.ENGLISH).endsWith(ATTR_DIGEST)) { |
|
408 |
String algorithm = |
|
409 |
key.substring(0, key.length() - ATTR_DIGEST.length()); |
|
410 |
||
411 |
MessageDigest digest = getDigest(algorithm); |
|
412 |
if (digest != null) { |
|
413 |
ManifestDigester.Entry mde = |
|
414 |
md.get(ManifestDigester.MF_MAIN_ATTRS, false); |
|
415 |
byte[] computedHash = mde.digest(digest); |
|
416 |
byte[] expectedHash = |
|
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
417 |
Base64.getMimeDecoder().decode((String)se.getValue()); |
2 | 418 |
|
419 |
if (debug != null) { |
|
420 |
debug.println("Signature File: " + |
|
421 |
"Manifest Main Attributes digest " + |
|
422 |
digest.getAlgorithm()); |
|
423 |
debug.println( " sigfile " + toHex(expectedHash)); |
|
424 |
debug.println( " computed " + toHex(computedHash)); |
|
425 |
debug.println(); |
|
426 |
} |
|
427 |
||
428 |
if (MessageDigest.isEqual(computedHash, |
|
429 |
expectedHash)) { |
|
430 |
// good |
|
431 |
} else { |
|
432 |
// we will *not* continue and verify each section |
|
433 |
attrsVerified = false; |
|
434 |
if (debug != null) { |
|
435 |
debug.println("Verification of " + |
|
436 |
"Manifest main attributes failed"); |
|
437 |
debug.println(); |
|
438 |
} |
|
439 |
break; |
|
440 |
} |
|
441 |
} |
|
442 |
} |
|
443 |
} |
|
444 |
||
445 |
// this method returns 'true' if either: |
|
446 |
// . manifest main attributes were not signed, or |
|
447 |
// . manifest main attributes were signed and verified |
|
448 |
return attrsVerified; |
|
449 |
} |
|
450 |
||
451 |
/** |
|
452 |
* given the .SF digest header, and the data from the |
|
453 |
* section in the manifest, see if the hashes match. |
|
454 |
* if not, throw a SecurityException. |
|
455 |
* |
|
456 |
* @return true if all the -Digest headers verified |
|
457 |
* @exception SecurityException if the hash was not equal |
|
458 |
*/ |
|
459 |
||
460 |
private boolean verifySection(Attributes sfAttr, |
|
461 |
String name, |
|
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
462 |
ManifestDigester md) |
41580 | 463 |
throws IOException, SignatureException |
2 | 464 |
{ |
465 |
boolean oneDigestVerified = false; |
|
466 |
ManifestDigester.Entry mde = md.get(name,block.isOldStyle()); |
|
467 |
||
468 |
if (mde == null) { |
|
469 |
throw new SecurityException( |
|
41580 | 470 |
"no manifest section for signature file entry "+name); |
2 | 471 |
} |
472 |
||
473 |
if (sfAttr != null) { |
|
474 |
||
34687
d302ed125dc9
8144995: Move sun.misc.HexDumpEncoder to sun.security.util
chegar
parents:
31538
diff
changeset
|
475 |
//sun.security.util.HexDumpEncoder hex = new sun.security.util.HexDumpEncoder(); |
2 | 476 |
//hex.encodeBuffer(data, System.out); |
477 |
||
478 |
// go through all the attributes and process *-Digest entries |
|
479 |
for (Map.Entry<Object,Object> se : sfAttr.entrySet()) { |
|
480 |
String key = se.getKey().toString(); |
|
481 |
||
482 |
if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST")) { |
|
483 |
// 7 is length of "-Digest" |
|
484 |
String algorithm = key.substring(0, key.length()-7); |
|
485 |
||
486 |
MessageDigest digest = getDigest(algorithm); |
|
487 |
||
488 |
if (digest != null) { |
|
489 |
boolean ok = false; |
|
490 |
||
491 |
byte[] expected = |
|
16020
b57c48f16179
8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
msheppar
parents:
10788
diff
changeset
|
492 |
Base64.getMimeDecoder().decode((String)se.getValue()); |
2 | 493 |
byte[] computed; |
494 |
if (workaround) { |
|
495 |
computed = mde.digestWorkaround(digest); |
|
496 |
} else { |
|
497 |
computed = mde.digest(digest); |
|
498 |
} |
|
499 |
||
500 |
if (debug != null) { |
|
501 |
debug.println("Signature Block File: " + |
|
502 |
name + " digest=" + digest.getAlgorithm()); |
|
503 |
debug.println(" expected " + toHex(expected)); |
|
504 |
debug.println(" computed " + toHex(computed)); |
|
505 |
debug.println(); |
|
506 |
} |
|
507 |
||
508 |
if (MessageDigest.isEqual(computed, expected)) { |
|
509 |
oneDigestVerified = true; |
|
510 |
ok = true; |
|
511 |
} else { |
|
512 |
// attempt to fallback to the workaround |
|
513 |
if (!workaround) { |
|
514 |
computed = mde.digestWorkaround(digest); |
|
515 |
if (MessageDigest.isEqual(computed, expected)) { |
|
516 |
if (debug != null) { |
|
517 |
debug.println(" re-computed " + toHex(computed)); |
|
518 |
debug.println(); |
|
519 |
} |
|
520 |
workaround = true; |
|
521 |
oneDigestVerified = true; |
|
522 |
ok = true; |
|
523 |
} |
|
524 |
} |
|
525 |
} |
|
526 |
if (!ok){ |
|
527 |
throw new SecurityException("invalid " + |
|
528 |
digest.getAlgorithm() + |
|
529 |
" signature file digest for " + name); |
|
530 |
} |
|
531 |
} |
|
532 |
} |
|
533 |
} |
|
534 |
} |
|
535 |
return oneDigestVerified; |
|
536 |
} |
|
537 |
||
538 |
/** |
|
539 |
* Given the PKCS7 block and SignerInfo[], create an array of |
|
540 |
* CodeSigner objects. We do this only *once* for a given |
|
541 |
* signature block file. |
|
542 |
*/ |
|
31538
0981099a3e54
8130022: Use Java-style array declarations consistently
igerasim
parents:
30374
diff
changeset
|
543 |
private CodeSigner[] getSigners(SignerInfo[] infos, PKCS7 block) |
2 | 544 |
throws IOException, NoSuchAlgorithmException, SignatureException, |
545 |
CertificateException { |
|
546 |
||
547 |
ArrayList<CodeSigner> signers = null; |
|
548 |
||
549 |
for (int i = 0; i < infos.length; i++) { |
|
550 |
||
551 |
SignerInfo info = infos[i]; |
|
552 |
ArrayList<X509Certificate> chain = info.getCertificateChain(block); |
|
553 |
CertPath certChain = certificateFactory.generateCertPath(chain); |
|
554 |
if (signers == null) { |
|
30033
b9c86c17164a
8078468: Update security libraries to use diamond with anonymous classes
darcy
parents:
25859
diff
changeset
|
555 |
signers = new ArrayList<>(); |
2 | 556 |
} |
557 |
// Append the new code signer |
|
10788
680a3dbfcaba
7102686: Restructure timestamp code so that jars and modules can more easily share the same code
mullan
parents:
10336
diff
changeset
|
558 |
signers.add(new CodeSigner(certChain, info.getTimestamp())); |
2 | 559 |
|
560 |
if (debug != null) { |
|
561 |
debug.println("Signature Block Certificate: " + |
|
562 |
chain.get(0)); |
|
563 |
} |
|
564 |
} |
|
565 |
||
566 |
if (signers != null) { |
|
567 |
return signers.toArray(new CodeSigner[signers.size()]); |
|
568 |
} else { |
|
569 |
return null; |
|
570 |
} |
|
571 |
} |
|
572 |
||
573 |
// for the toHex function |
|
574 |
private static final char[] hexc = |
|
575 |
{'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'}; |
|
576 |
/** |
|
577 |
* convert a byte array to a hex string for debugging purposes |
|
578 |
* @param data the binary data to be converted to a hex string |
|
579 |
* @return an ASCII hex string |
|
580 |
*/ |
|
581 |
||
582 |
static String toHex(byte[] data) { |
|
583 |
||
24969
afa6934dd8e8
8041679: Replace uses of StringBuffer with StringBuilder within core library classes
psandoz
parents:
24685
diff
changeset
|
584 |
StringBuilder sb = new StringBuilder(data.length*2); |
2 | 585 |
|
586 |
for (int i=0; i<data.length; i++) { |
|
587 |
sb.append(hexc[(data[i] >>4) & 0x0f]); |
|
588 |
sb.append(hexc[data[i] & 0x0f]); |
|
589 |
} |
|
590 |
return sb.toString(); |
|
591 |
} |
|
592 |
||
593 |
// returns true if set contains signer |
|
594 |
static boolean contains(CodeSigner[] set, CodeSigner signer) |
|
595 |
{ |
|
596 |
for (int i = 0; i < set.length; i++) { |
|
597 |
if (set[i].equals(signer)) |
|
598 |
return true; |
|
599 |
} |
|
600 |
return false; |
|
601 |
} |
|
602 |
||
603 |
// returns true if subset is a subset of set |
|
604 |
static boolean isSubSet(CodeSigner[] subset, CodeSigner[] set) |
|
605 |
{ |
|
606 |
// check for the same object |
|
607 |
if (set == subset) |
|
608 |
return true; |
|
609 |
||
9365 | 610 |
boolean match; |
2 | 611 |
for (int i = 0; i < subset.length; i++) { |
612 |
if (!contains(set, subset[i])) |
|
613 |
return false; |
|
614 |
} |
|
615 |
return true; |
|
616 |
} |
|
617 |
||
618 |
/** |
|
619 |
* returns true if signer contains exactly the same code signers as |
|
620 |
* oldSigner and newSigner, false otherwise. oldSigner |
|
621 |
* is allowed to be null. |
|
622 |
*/ |
|
623 |
static boolean matches(CodeSigner[] signers, CodeSigner[] oldSigners, |
|
624 |
CodeSigner[] newSigners) { |
|
625 |
||
626 |
// special case |
|
627 |
if ((oldSigners == null) && (signers == newSigners)) |
|
628 |
return true; |
|
629 |
||
9365 | 630 |
boolean match; |
631 |
||
2 | 632 |
// make sure all oldSigners are in signers |
633 |
if ((oldSigners != null) && !isSubSet(oldSigners, signers)) |
|
634 |
return false; |
|
635 |
||
636 |
// make sure all newSigners are in signers |
|
637 |
if (!isSubSet(newSigners, signers)) { |
|
638 |
return false; |
|
639 |
} |
|
640 |
||
641 |
// now make sure all the code signers in signers are |
|
642 |
// also in oldSigners or newSigners |
|
643 |
||
644 |
for (int i = 0; i < signers.length; i++) { |
|
645 |
boolean found = |
|
646 |
((oldSigners != null) && contains(oldSigners, signers[i])) || |
|
647 |
contains(newSigners, signers[i]); |
|
648 |
if (!found) |
|
649 |
return false; |
|
650 |
} |
|
651 |
return true; |
|
652 |
} |
|
653 |
||
654 |
void updateSigners(CodeSigner[] newSigners, |
|
9365 | 655 |
Hashtable<String, CodeSigner[]> signers, String name) { |
2 | 656 |
|
657 |
CodeSigner[] oldSigners = signers.get(name); |
|
658 |
||
659 |
// search through the cache for a match, go in reverse order |
|
660 |
// as we are more likely to find a match with the last one |
|
661 |
// added to the cache |
|
662 |
||
663 |
CodeSigner[] cachedSigners; |
|
664 |
for (int i = signerCache.size() - 1; i != -1; i--) { |
|
665 |
cachedSigners = signerCache.get(i); |
|
666 |
if (matches(cachedSigners, oldSigners, newSigners)) { |
|
667 |
signers.put(name, cachedSigners); |
|
668 |
return; |
|
669 |
} |
|
670 |
} |
|
671 |
||
672 |
if (oldSigners == null) { |
|
673 |
cachedSigners = newSigners; |
|
674 |
} else { |
|
675 |
cachedSigners = |
|
676 |
new CodeSigner[oldSigners.length + newSigners.length]; |
|
677 |
System.arraycopy(oldSigners, 0, cachedSigners, 0, |
|
678 |
oldSigners.length); |
|
679 |
System.arraycopy(newSigners, 0, cachedSigners, oldSigners.length, |
|
680 |
newSigners.length); |
|
681 |
} |
|
682 |
signerCache.add(cachedSigners); |
|
683 |
signers.put(name, cachedSigners); |
|
684 |
} |
|
685 |
} |