jdk-sandbox: comparison jdk/src/java.base/share/classes/sun/security/util/SignatureFileVerifier.java

equal deleted inserted replaced

-:ee6b5bd26bf9
+:fe8c324ba97c
 /*
-* Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved.
+* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 package sun.security.util;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.security.CodeSigner;
-import java.security.CryptoPrimitive;
+import java.security.GeneralSecurityException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.SignatureException;
+import java.security.Timestamp;
 import java.security.cert.CertPath;
 import java.security.cert.X509Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.util.ArrayList;
 import java.util.Base64;
-import java.util.Collections;
-import java.util.EnumSet;
 import java.util.HashMap;
 import java.util.Hashtable;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
-import java.util.Set;
 import java.util.jar.Attributes;
 import java.util.jar.JarException;
 import java.util.jar.JarFile;
 import java.util.jar.Manifest;
 public class SignatureFileVerifier {
 /* Are we debugging ? */
 private static final Debug debug = Debug.getInstance("jar");
-private static final Set<CryptoPrimitive> DIGEST_PRIMITIVE_SET =
-Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.MESSAGE_DIGEST));
 private static final DisabledAlgorithmConstraints JAR_DISABLED_CHECK =
 new DisabledAlgorithmConstraints(
 DisabledAlgorithmConstraints.PROPERTY_JAR_DISABLED_ALGS);
 private ArrayList<CodeSigner[]> signerCache;
 /* workaround for parsing Netscape jars  */
 private boolean workaround = false;
 /* for generating certpath objects */
 private CertificateFactory certificateFactory = null;
+/** Algorithms that have been checked if they are weak. */
+private Map<String, Boolean> permittedAlgs= new HashMap<>();
+/** TSA timestamp of signed jar.  The newest timestamp is used.  If there
+*  was no TSA timestamp used when signed, current time is used ("null").
+*/
+private Timestamp timestamp = null;
 /**
 * Create the named SignatureFileVerifier.
 *
 * @param name the name of the signature block file (.DSA/.RSA/.EC)
 return false;
 }
 /** get digest from cache */
-private MessageDigest getDigest(String algorithm) throws SignatureException {
+private MessageDigest getDigest(String algorithm)
-// check that algorithm is not restricted
+throws SignatureException {
-if (!JAR_DISABLED_CHECK.permits(DIGEST_PRIMITIVE_SET, algorithm, null)) {
-SignatureException e =
-new SignatureException("SignatureFile check failed. " +
-"Disabled algorithm used: " + algorithm);
-throw e;
-}
 if (createdDigests == null)
 createdDigests = new HashMap<>();
 MessageDigest digest = createdDigests.get(algorithm);
 // make sure we have something to do all this work for...
 if (newSigners == null)
 return;
+/*
+* Look for the latest timestamp in the signature block.  If an entry
+* has no timestamp, use current time (aka null).
+*/
+for (CodeSigner s: newSigners) {
+if (debug != null) {
+debug.println("Gathering timestamp for:  " + s.toString());
+}
+if (s.getTimestamp() == null) {
+timestamp = null;
+break;
+} else if (timestamp == null) {
+timestamp = s.getTimestamp();
+} else {
+if (timestamp.getTimestamp().before(
+s.getTimestamp().getTimestamp())) {
+timestamp = s.getTimestamp();
+}
+}
+}
 Iterator<Map.Entry<String,Attributes>> entries =
 sf.getEntries().entrySet().iterator();
 // see if we can verify the whole manifest first
 boolean manifestSigned = verifyManifestHash(sf, md, manifestDigests);
 // MANIFEST.MF is always regarded as signed
 updateSigners(newSigners, signers, JarFile.MANIFEST_NAME);
 }
 /**
+* Check if algorithm is permitted using the permittedAlgs Map.
+* If the algorithm is not in the map, check against disabled algorithms and
+* store the result. If the algorithm is in the map use that result.
+* False is returned for weak algorithm, true for good algorithms.
+*/
+boolean permittedCheck(String key, String algorithm) {
+Boolean permitted = permittedAlgs.get(algorithm);
+if (permitted == null) {
+try {
+JAR_DISABLED_CHECK.permits(algorithm,
+new ConstraintsParameters(timestamp));
+} catch(GeneralSecurityException e) {
+permittedAlgs.put(algorithm, Boolean.FALSE);
+permittedAlgs.put(key.toUpperCase(), Boolean.FALSE);
+if (debug != null) {
+if (e.getMessage() != null) {
+debug.println(key + ":  " + e.getMessage());
+} else {
+debug.println(key + ":  " + algorithm +
+" was disabled, no exception msg given.");
+e.printStackTrace();
+}
+}
+return false;
+}
+permittedAlgs.put(algorithm, Boolean.TRUE);
+return true;
+}
+// Algorithm has already been checked, return the value from map.
+return permitted.booleanValue();
+}
+/**
+* With a given header (*-DIGEST*), return a string that lists all the
+* algorithms associated with the header.
+* If there are none, return "Unknown Algorithm".
+*/
+String getWeakAlgorithms(String header) {
+String w = "";
+try {
+for (String key : permittedAlgs.keySet()) {
+if (key.endsWith(header)) {
+w += key.substring(0, key.length() - header.length()) + " ";
+}
+}
+} catch (RuntimeException e) {
+w = "Unknown Algorithm(s).  Error processing " + header + ".  " +
+e.getMessage();
+}
+// This means we have an error in finding weak algorithms, run in
+// debug mode to see permittedAlgs map's values.
+if (w.length() == 0) {
+return "Unknown Algorithm(s)";
+}
+return w;
+}
+/**
 * See if the whole manifest was signed.
 */
 private boolean verifyManifestHash(Manifest sf,
 ManifestDigester md,
 List<Object> manifestDigests)
 throws IOException, SignatureException
 {
 Attributes mattr = sf.getMainAttributes();
 boolean manifestSigned = false;
+boolean weakAlgs = true;
 // go through all the attributes and process *-Digest-Manifest entries
 for (Map.Entry<Object,Object> se : mattr.entrySet()) {
 String key = se.getKey().toString();
 if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST-MANIFEST")) {
 // 16 is length of "-Digest-Manifest"
 String algorithm = key.substring(0, key.length()-16);
+// Check if this algorithm is permitted, skip if false.
+if (!permittedCheck(key, algorithm)) {
+continue;
+}
+// A non-weak algorithm was used, any weak algorithms found do
+// not need to be reported.
+weakAlgs = false;
 manifestDigests.add(key);
 manifestDigests.add(se.getValue());
 MessageDigest digest = getDigest(algorithm);
 if (digest != null) {
 byte[] computedHash = md.manifestDigest(digest);
 byte[] expectedHash =
 Base64.getMimeDecoder().decode((String)se.getValue());
 if (debug != null) {
 debug.println("Signature File: Manifest digest " +
-digest.getAlgorithm());
+algorithm);
 debug.println( "  sigfile  " + toHex(expectedHash));
 debug.println( "  computed " + toHex(computedHash));
 debug.println();
 }
-if (MessageDigest.isEqual(computedHash,
+if (MessageDigest.isEqual(computedHash, expectedHash)) {
-expectedHash)) {
 manifestSigned = true;
 } else {
 //XXX: we will continue and verify each section
 }
 }
 }
 }
+if (debug != null) {
+debug.println("PermittedAlgs mapping: ");
+for (String key : permittedAlgs.keySet()) {
+debug.println(key + " : " +
+permittedAlgs.get(key).toString());
+}
+}
+// If there were only weak algorithms used, throw an exception.
+if (weakAlgs) {
+String weakAlgorithms = getWeakAlgorithms("-DIGEST-MANIFEST");
+throw new SignatureException("Manifest hash check failed " +
+"(DIGEST-MANIFEST). Disabled algorithm(s) used: " +
+weakAlgorithms);
+}
 return manifestSigned;
 }
-private boolean verifyManifestMainAttrs(Manifest sf,
+private boolean verifyManifestMainAttrs(Manifest sf, ManifestDigester md)
-ManifestDigester md)
 throws IOException, SignatureException
 {
 Attributes mattr = sf.getMainAttributes();
 boolean attrsVerified = true;
+boolean weakAlgs = true;
 // go through all the attributes and process
 // digest entries for the manifest main attributes
 for (Map.Entry<Object,Object> se : mattr.entrySet()) {
 String key = se.getKey().toString();
 if (key.toUpperCase(Locale.ENGLISH).endsWith(ATTR_DIGEST)) {
 String algorithm =
 key.substring(0, key.length() - ATTR_DIGEST.length());
+// Check if this algorithm is permitted, skip if false.
+if (!permittedCheck(key, algorithm)) {
+continue;
+}
+// A non-weak algorithm was used, any weak algorithms found do
+// not need to be reported.
+weakAlgs = false;
 MessageDigest digest = getDigest(algorithm);
 if (digest != null) {
 ManifestDigester.Entry mde =
 md.get(ManifestDigester.MF_MAIN_ATTRS, false);
 debug.println( "  sigfile  " + toHex(expectedHash));
 debug.println( "  computed " + toHex(computedHash));
 debug.println();
 }
-if (MessageDigest.isEqual(computedHash,
+if (MessageDigest.isEqual(computedHash, expectedHash)) {
-expectedHash)) {
 // good
 } else {
 // we will *not* continue and verify each section
 attrsVerified = false;
 if (debug != null) {
 }
 }
 }
 }
+if (debug != null) {
+debug.println("PermittedAlgs mapping: ");
+for (String key : permittedAlgs.keySet()) {
+debug.println(key + " : " +
+permittedAlgs.get(key).toString());
+}
+}
+// If there were only weak algorithms used, throw an exception.
+if (weakAlgs) {
+String weakAlgorithms = getWeakAlgorithms("-DIGEST-" +
+ManifestDigester.MF_MAIN_ATTRS);
+throw new SignatureException("Manifest Main Attribute check " +
+"failed (DIGEST-" + ManifestDigester.MF_MAIN_ATTRS +
+"). " + "Disabled algorithm(s) used: " + weakAlgorithms);
+}
 // this method returns 'true' if either:
 //      . manifest main attributes were not signed, or
 //      . manifest main attributes were signed and verified
 return attrsVerified;
 }
 ManifestDigester md)
 throws IOException, SignatureException
 {
 boolean oneDigestVerified = false;
 ManifestDigester.Entry mde = md.get(name,block.isOldStyle());
+boolean weakAlgs = true;
 if (mde == null) {
 throw new SecurityException(
 "no manifest section for signature file entry "+name);
 }
 if (sfAttr != null) {
 //sun.security.util.HexDumpEncoder hex = new sun.security.util.HexDumpEncoder();
 //hex.encodeBuffer(data, System.out);
 // go through all the attributes and process *-Digest entries
 for (Map.Entry<Object,Object> se : sfAttr.entrySet()) {
 String key = se.getKey().toString();
 if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST")) {
 // 7 is length of "-Digest"
 String algorithm = key.substring(0, key.length()-7);
+// Check if this algorithm is permitted, skip if false.
+if (!permittedCheck(key, algorithm)) {
+continue;
+}
+// A non-weak algorithm was used, any weak algorithms found do
+// not need to be reported.
+weakAlgs = false;
 MessageDigest digest = getDigest(algorithm);
 if (digest != null) {
 boolean ok = false;
 }
 }
 }
 }
 }
+if (debug != null) {
+debug.println("PermittedAlgs mapping: ");
+for (String key : permittedAlgs.keySet()) {
+debug.println(key + " : " +
+permittedAlgs.get(key).toString());
+}
+}
+// If there were only weak algorithms used, throw an exception.
+if (weakAlgs) {
+String weakAlgorithms = getWeakAlgorithms("DIGEST");
+throw new SignatureException("Manifest Main Attribute check " +
+"failed (DIGEST). " + "Disabled algorithm(s) used: " +
+weakAlgorithms);
+}
 return oneDigestVerified;
 }
 /**
 * Given the PKCS7 block and SignerInfo[], create an array of

changeset 43701	fe8c324ba97c
parent 41580	cc479488428c
child 43986	717c0cbb60fd