1 /*
   2  * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package java.util.jar;
  27 
  28 import jdk.internal.access.SharedSecrets;
  29 import jdk.internal.access.JavaUtilZipFileAccess;
  30 import jdk.internal.misc.Gate;
  31 import sun.security.action.GetPropertyAction;
  32 import sun.security.util.ManifestEntryVerifier;
  33 
  34 import java.io.ByteArrayInputStream;
  35 import java.io.EOFException;
  36 import java.io.File;
  37 import java.io.IOException;
  38 import java.io.InputStream;
  39 import java.lang.ref.SoftReference;
  40 import java.net.URL;
  41 import java.security.CodeSigner;
  42 import java.security.CodeSource;
  43 import java.security.cert.Certificate;
  44 import java.util.ArrayList;
  45 import java.util.Collections;
  46 import java.util.Enumeration;
  47 import java.util.List;
  48 import java.util.Locale;
  49 import java.util.NoSuchElementException;
  50 import java.util.Objects;
  51 import java.util.function.Function;
  52 import java.util.stream.Stream;
  53 import java.util.zip.ZipEntry;
  54 import java.util.zip.ZipException;
  55 import java.util.zip.ZipFile;
  56 
  57 /**
  58  * The {@code JarFile} class is used to read the contents of a jar file
  59  * from any file that can be opened with {@code java.io.RandomAccessFile}.
  60  * It extends the class {@code java.util.zip.ZipFile} with support
  61  * for reading an optional {@code Manifest} entry, and support for
  62  * processing multi-release jar files.  The {@code Manifest} can be used
  63  * to specify meta-information about the jar file and its entries.
  64  *
  65  * <p><a id="multirelease">A multi-release jar file</a> is a jar file that
  66  * contains a manifest with a main attribute named "Multi-Release",
  67  * a set of "base" entries, some of which are public classes with public
  68  * or protected methods that comprise the public interface of the jar file,
  69  * and a set of "versioned" entries contained in subdirectories of the
  70  * "META-INF/versions" directory.  The versioned entries are partitioned by the
  71  * major version of the Java platform.  A versioned entry, with a version
  72  * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides
  73  * the base entry as well as any entry with a version number {@code i} where
  74  * {@code 8 < i < n}.
  75  *
  76  * <p>By default, a {@code JarFile} for a multi-release jar file is configured
  77  * to process the multi-release jar file as if it were a plain (unversioned) jar
  78  * file, and as such an entry name is associated with at most one base entry.
  79  * The {@code JarFile} may be configured to process a multi-release jar file by
  80  * creating the {@code JarFile} with the
  81  * {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} constructor.  The
  82  * {@code Runtime.Version} object sets a maximum version used when searching for
  83  * versioned entries.  When so configured, an entry name
  84  * can correspond with at most one base entry and zero or more versioned
  85  * entries. A search is required to associate the entry name with the latest
  86  * versioned entry whose version is less than or equal to the maximum version
  87  * (see {@link #getEntry(String)}).
  88  *
  89  * <p>Class loaders that utilize {@code JarFile} to load classes from the
  90  * contents of {@code JarFile} entries should construct the {@code JarFile}
  91  * by invoking the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
  92  * constructor with the value {@code Runtime.version()} assigned to the last
  93  * argument.  This assures that classes compatible with the major
  94  * version of the running JVM are loaded from multi-release jar files.
  95  *
  96  * <p> If the {@code verify} flag is on when opening a signed jar file, the content
  97  * of the jar entry is verified against the signature embedded inside the manifest
  98  * that is associated with its {@link JarEntry#getRealName() path name}. For a
  99  * multi-release jar file, the content of a versioned entry is verfieid against
 100  * its own signature and {@link JarEntry#getCodeSigners()} returns its own signers.
 101  *
 102  * Please note that the verification process does not include validating the
 103  * signer's certificate. A caller should inspect the return value of
 104  * {@link JarEntry#getCodeSigners()} to further determine if the signature
 105  * can be trusted.
 106  *
 107  * <p> Unless otherwise noted, passing a {@code null} argument to a constructor
 108  * or method in this class will cause a {@link NullPointerException} to be
 109  * thrown.
 110  *
 111  * @implNote
 112  * <div class="block">
 113  * If the API can not be used to configure a {@code JarFile} (e.g. to override
 114  * the configuration of a compiled application or library), two {@code System}
 115  * properties are available.
 116  * <ul>
 117  * <li>
 118  * {@code jdk.util.jar.version} can be assigned a value that is the
 119  * {@code String} representation of a non-negative integer
 120  * {@code <= Runtime.version().feature()}.  The value is used to set the effective
 121  * runtime version to something other than the default value obtained by
 122  * evaluating {@code Runtime.version().feature()}. The effective runtime version
 123  * is the version that the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
 124  * constructor uses when the value of the last argument is
 125  * {@code JarFile.runtimeVersion()}.
 126  * </li>
 127  * <li>
 128  * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three
 129  * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>.  The
 130  * value <em>true</em>, the default value, enables multi-release jar file
 131  * processing.  The value <em>false</em> disables multi-release jar processing,
 132  * ignoring the "Multi-Release" manifest attribute, and the versioned
 133  * directories in a multi-release jar file if they exist.  Furthermore,
 134  * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value
 135  * <em>force</em> causes the {@code JarFile} to be initialized to runtime
 136  * versioning after construction.  It effectively does the same as this code:
 137  * {@code (new JarFile(File, boolean, int, JarFile.runtimeVersion())}.
 138  * </li>
 139  * </ul>
 140  * </div>
 141  *
 142  * @author  David Connelly
 143  * @see     Manifest
 144  * @see     java.util.zip.ZipFile
 145  * @see     java.util.jar.JarEntry
 146  * @since   1.2
 147  */
 148 public class JarFile extends ZipFile {
 149     private static final Runtime.Version BASE_VERSION;
 150     private static final int BASE_VERSION_FEATURE;
 151     private static final Runtime.Version RUNTIME_VERSION;
 152     private static final boolean MULTI_RELEASE_ENABLED;
 153     private static final boolean MULTI_RELEASE_FORCED;
 154     private static final Gate INITIALIZING_GATE = Gate.create();
 155     // The maximum size of array to allocate. Some VMs reserve some header words in an array.
 156     private static final int MAX_ARRAY_SIZE = Integer.MAX_VALUE - 8;
 157 
 158     private SoftReference<Manifest> manRef;
 159     private JarEntry manEntry;
 160     private JarVerifier jv;
 161     private boolean jvInitialized;
 162     private boolean verify;
 163     private final Runtime.Version version;  // current version
 164     private final int versionFeature;       // version.feature()
 165     private boolean isMultiRelease;         // is jar multi-release?
 166 
 167     // indicates if Class-Path attribute present
 168     private boolean hasClassPathAttribute;
 169     // true if manifest checked for special attributes
 170     private volatile boolean hasCheckedSpecialAttributes;
 171 
 172     private static final JavaUtilZipFileAccess JUZFA;
 173 
 174     static {
 175         // Set up JavaUtilJarAccess in SharedSecrets
 176         SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl());
 177         // Get JavaUtilZipFileAccess from SharedSecrets
 178         JUZFA = SharedSecrets.getJavaUtilZipFileAccess();
 179         // multi-release jar file versions >= 9
 180         BASE_VERSION = Runtime.Version.parse(Integer.toString(8));
 181         BASE_VERSION_FEATURE = BASE_VERSION.feature();
 182         String jarVersion = GetPropertyAction.privilegedGetProperty("jdk.util.jar.version");
 183         int runtimeVersion = Runtime.version().feature();
 184         if (jarVersion != null) {
 185             int jarVer = Integer.parseInt(jarVersion);
 186             runtimeVersion = (jarVer > runtimeVersion)
 187                     ? runtimeVersion
 188                     : Math.max(jarVer, BASE_VERSION_FEATURE);
 189         }
 190         RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion));
 191         String enableMultiRelease = GetPropertyAction
 192                 .privilegedGetProperty("jdk.util.jar.enableMultiRelease", "true");
 193         switch (enableMultiRelease) {
 194             case "false" -> {
 195                 MULTI_RELEASE_ENABLED = false;
 196                 MULTI_RELEASE_FORCED = false;
 197             }
 198             case "force" -> {
 199                 MULTI_RELEASE_ENABLED = true;
 200                 MULTI_RELEASE_FORCED = true;
 201             }
 202             default -> {
 203                 MULTI_RELEASE_ENABLED = true;
 204                 MULTI_RELEASE_FORCED = false;
 205             }
 206         }
 207     }
 208 
 209     private static final String META_INF = "META-INF/";
 210 
 211     private static final String META_INF_VERSIONS = META_INF + "versions/";
 212 
 213     /**
 214      * The JAR manifest file name.
 215      */
 216     public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF";
 217 
 218     /**
 219      * Returns the version that represents the unversioned configuration of a
 220      * multi-release jar file.
 221      *
 222      * @return the version that represents the unversioned configuration
 223      *
 224      * @since 9
 225      */
 226     public static Runtime.Version baseVersion() {
 227         return BASE_VERSION;
 228     }
 229 
 230     /**
 231      * Returns the version that represents the effective runtime versioned
 232      * configuration of a multi-release jar file.
 233      * <p>
 234      * By default the feature version number of the returned {@code Version} will
 235      * be equal to the feature version number of {@code Runtime.version()}.
 236      * However, if the {@code jdk.util.jar.version} property is set, the
 237      * returned {@code Version} is derived from that property and feature version
 238      * numbers may not be equal.
 239      *
 240      * @return the version that represents the runtime versioned configuration
 241      *
 242      * @since 9
 243      */
 244     public static Runtime.Version runtimeVersion() {
 245         return RUNTIME_VERSION;
 246     }
 247 
 248     /**
 249      * Creates a new {@code JarFile} to read from the specified
 250      * file {@code name}. The {@code JarFile} will be verified if
 251      * it is signed.
 252      * @param name the name of the jar file to be opened for reading
 253      * @throws IOException if an I/O error has occurred
 254      * @throws SecurityException if access to the file is denied
 255      *         by the SecurityManager
 256      */
 257     public JarFile(String name) throws IOException {
 258         this(new File(name), true, ZipFile.OPEN_READ);
 259     }
 260 
 261     /**
 262      * Creates a new {@code JarFile} to read from the specified
 263      * file {@code name}.
 264      * @param name the name of the jar file to be opened for reading
 265      * @param verify whether or not to verify the jar file if
 266      * it is signed.
 267      * @throws IOException if an I/O error has occurred
 268      * @throws SecurityException if access to the file is denied
 269      *         by the SecurityManager
 270      */
 271     public JarFile(String name, boolean verify) throws IOException {
 272         this(new File(name), verify, ZipFile.OPEN_READ);
 273     }
 274 
 275     /**
 276      * Creates a new {@code JarFile} to read from the specified
 277      * {@code File} object. The {@code JarFile} will be verified if
 278      * it is signed.
 279      * @param file the jar file to be opened for reading
 280      * @throws IOException if an I/O error has occurred
 281      * @throws SecurityException if access to the file is denied
 282      *         by the SecurityManager
 283      */
 284     public JarFile(File file) throws IOException {
 285         this(file, true, ZipFile.OPEN_READ);
 286     }
 287 
 288     /**
 289      * Creates a new {@code JarFile} to read from the specified
 290      * {@code File} object.
 291      * @param file the jar file to be opened for reading
 292      * @param verify whether or not to verify the jar file if
 293      * it is signed.
 294      * @throws IOException if an I/O error has occurred
 295      * @throws SecurityException if access to the file is denied
 296      *         by the SecurityManager.
 297      */
 298     public JarFile(File file, boolean verify) throws IOException {
 299         this(file, verify, ZipFile.OPEN_READ);
 300     }
 301 
 302     /**
 303      * Creates a new {@code JarFile} to read from the specified
 304      * {@code File} object in the specified mode.  The mode argument
 305      * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
 306      *
 307      * @param file the jar file to be opened for reading
 308      * @param verify whether or not to verify the jar file if
 309      * it is signed.
 310      * @param mode the mode in which the file is to be opened
 311      * @throws IOException if an I/O error has occurred
 312      * @throws IllegalArgumentException
 313      *         if the {@code mode} argument is invalid
 314      * @throws SecurityException if access to the file is denied
 315      *         by the SecurityManager
 316      * @since 1.3
 317      */
 318     public JarFile(File file, boolean verify, int mode) throws IOException {
 319         this(file, verify, mode, BASE_VERSION);
 320     }
 321 
 322     /**
 323      * Creates a new {@code JarFile} to read from the specified
 324      * {@code File} object in the specified mode.  The mode argument
 325      * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
 326      * The version argument, after being converted to a canonical form, is
 327      * used to configure the {@code JarFile} for processing
 328      * multi-release jar files.
 329      * <p>
 330      * The canonical form derived from the version parameter is
 331      * {@code Runtime.Version.parse(Integer.toString(n))} where {@code n} is
 332      * {@code Math.max(version.feature(), JarFile.baseVersion().feature())}.
 333      *
 334      * @param file the jar file to be opened for reading
 335      * @param verify whether or not to verify the jar file if
 336      * it is signed.
 337      * @param mode the mode in which the file is to be opened
 338      * @param version specifies the release version for a multi-release jar file
 339      * @throws IOException if an I/O error has occurred
 340      * @throws IllegalArgumentException
 341      *         if the {@code mode} argument is invalid
 342      * @throws SecurityException if access to the file is denied
 343      *         by the SecurityManager
 344      * @throws NullPointerException if {@code version} is {@code null}
 345      * @since 9
 346      */
 347     public JarFile(File file, boolean verify, int mode, Runtime.Version version) throws IOException {
 348         super(file, mode);
 349         this.verify = verify;
 350         Objects.requireNonNull(version);
 351         if (MULTI_RELEASE_FORCED || version.feature() == RUNTIME_VERSION.feature()) {
 352             // This deals with the common case where the value from JarFile.runtimeVersion() is passed
 353             this.version = RUNTIME_VERSION;
 354         } else if (version.feature() <= BASE_VERSION_FEATURE) {
 355             // This also deals with the common case where the value from JarFile.baseVersion() is passed
 356             this.version = BASE_VERSION;
 357         } else {
 358             // Canonicalize
 359             this.version = Runtime.Version.parse(Integer.toString(version.feature()));
 360         }
 361         this.versionFeature = this.version.feature();
 362     }
 363 
 364     /**
 365      * Returns the maximum version used when searching for versioned entries.
 366      * <p>
 367      * If this {@code JarFile} is not a multi-release jar file or is not
 368      * configured to be processed as such, then the version returned will be the
 369      * same as that returned from {@link #baseVersion()}.
 370      *
 371      * @return the maximum version
 372      * @since 9
 373      */
 374     public final Runtime.Version getVersion() {
 375         return isMultiRelease() ? this.version : BASE_VERSION;
 376     }
 377 
 378     /**
 379      * Indicates whether or not this jar file is a multi-release jar file.
 380      *
 381      * @return true if this JarFile is a multi-release jar file
 382      * @since 9
 383      */
 384     public final boolean isMultiRelease() {
 385         if (isMultiRelease) {
 386             return true;
 387         }
 388         if (MULTI_RELEASE_ENABLED) {
 389             try {
 390                 checkForSpecialAttributes();
 391             } catch (IOException io) {
 392                 isMultiRelease = false;
 393             }
 394         }
 395         return isMultiRelease;
 396     }
 397 
 398     /**
 399      * Returns the jar file manifest, or {@code null} if none.
 400      *
 401      * @return the jar file manifest, or {@code null} if none
 402      *
 403      * @throws IllegalStateException
 404      *         may be thrown if the jar file has been closed
 405      * @throws IOException  if an I/O error has occurred
 406      */
 407     public Manifest getManifest() throws IOException {
 408         return getManifestFromReference();
 409     }
 410 
 411     private Manifest getManifestFromReference() throws IOException {
 412         Manifest man = manRef != null ? manRef.get() : null;
 413 
 414         if (man == null) {
 415 
 416             JarEntry manEntry = getManEntry();
 417 
 418             // If found then load the manifest
 419             if (manEntry != null) {
 420                 if (verify) {
 421                     byte[] b = getBytes(manEntry);
 422                     if (!jvInitialized) {
 423                         if (JUZFA.getManifestNum(this) == 1) {
 424                             jv = new JarVerifier(manEntry.getName(), b);
 425                         } else {
 426                             if (JarVerifier.debug != null) {
 427                                 JarVerifier.debug.println("Multiple MANIFEST.MF found. Treat JAR file as unsigned");
 428                             }
 429                         }
 430                     }
 431                     man = new Manifest(jv, new ByteArrayInputStream(b), getName());
 432                 } else {
 433                     try (InputStream is = super.getInputStream(manEntry)) {
 434                         man = new Manifest(is, getName());
 435                     }
 436                 }
 437                 manRef = new SoftReference<>(man);
 438             }
 439         }
 440         return man;
 441     }
 442 
 443     /**
 444      * Returns the {@code JarEntry} for the given base entry name or
 445      * {@code null} if not found.
 446      *
 447      * <p>If this {@code JarFile} is a multi-release jar file and is configured
 448      * to be processed as such, then a search is performed to find and return
 449      * a {@code JarEntry} that is the latest versioned entry associated with the
 450      * given entry name.  The returned {@code JarEntry} is the versioned entry
 451      * corresponding to the given base entry name prefixed with the string
 452      * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
 453      * which an entry exists.  If such a versioned entry does not exist, then
 454      * the {@code JarEntry} for the base entry is returned, otherwise
 455      * {@code null} is returned if no entries are found.  The initial value for
 456      * the version {@code n} is the maximum version as returned by the method
 457      * {@link JarFile#getVersion()}.
 458      *
 459      * @param name the jar file entry name
 460      * @return the {@code JarEntry} for the given entry name, or
 461      *         the versioned entry name, or {@code null} if not found
 462      *
 463      * @throws IllegalStateException
 464      *         may be thrown if the jar file has been closed
 465      *
 466      * @see java.util.jar.JarEntry
 467      *
 468      * @implSpec
 469      * <div class="block">
 470      * This implementation invokes {@link JarFile#getEntry(String)}.
 471      * </div>
 472      */
 473     public JarEntry getJarEntry(String name) {
 474         return (JarEntry)getEntry(name);
 475     }
 476 
 477     /**
 478      * Returns the {@code ZipEntry} for the given base entry name or
 479      * {@code null} if not found.
 480      *
 481      * <p>If this {@code JarFile} is a multi-release jar file and is configured
 482      * to be processed as such, then a search is performed to find and return
 483      * a {@code ZipEntry} that is the latest versioned entry associated with the
 484      * given entry name.  The returned {@code ZipEntry} is the versioned entry
 485      * corresponding to the given base entry name prefixed with the string
 486      * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
 487      * which an entry exists.  If such a versioned entry does not exist, then
 488      * the {@code ZipEntry} for the base entry is returned, otherwise
 489      * {@code null} is returned if no entries are found.  The initial value for
 490      * the version {@code n} is the maximum version as returned by the method
 491      * {@link JarFile#getVersion()}.
 492      *
 493      * @param name the jar file entry name
 494      * @return the {@code ZipEntry} for the given entry name or
 495      *         the versioned entry name or {@code null} if not found
 496      *
 497      * @throws IllegalStateException
 498      *         may be thrown if the jar file has been closed
 499      *
 500      * @see java.util.zip.ZipEntry
 501      *
 502      * @implSpec
 503      * <div class="block">
 504      * This implementation may return a versioned entry for the requested name
 505      * even if there is not a corresponding base entry.  This can occur
 506      * if there is a private or package-private versioned entry that matches.
 507      * If a subclass overrides this method, assure that the override method
 508      * invokes {@code super.getEntry(name)} to obtain all versioned entries.
 509      * </div>
 510      */
 511     public ZipEntry getEntry(String name) {
 512         if (isMultiRelease()) {
 513             JarEntry je = getVersionedEntry(name, null);
 514             if (je == null) {
 515                 je = (JarEntry)super.getEntry(name);
 516             }
 517             return je;
 518         } else {
 519             return super.getEntry(name);
 520         }
 521     }
 522 
 523     /**
 524      * Returns an enumeration of the jar file entries.
 525      *
 526      * @return an enumeration of the jar file entries
 527      * @throws IllegalStateException
 528      *         may be thrown if the jar file has been closed
 529      */
 530     public Enumeration<JarEntry> entries() {
 531         return JUZFA.entries(this);
 532     }
 533 
 534     /**
 535      * Returns an ordered {@code Stream} over the jar file entries.
 536      * Entries appear in the {@code Stream} in the order they appear in
 537      * the central directory of the jar file.
 538      *
 539      * @return an ordered {@code Stream} of entries in this jar file
 540      * @throws IllegalStateException if the jar file has been closed
 541      * @since 1.8
 542      */
 543     public Stream<JarEntry> stream() {
 544         return JUZFA.stream(this);
 545     }
 546 
 547     /**
 548      * Returns a {@code Stream} of the versioned jar file entries.
 549      *
 550      * <p>If this {@code JarFile} is a multi-release jar file and is configured to
 551      * be processed as such, then an entry in the stream is the latest versioned entry
 552      * associated with the corresponding base entry name. The maximum version of the
 553      * latest versioned entry is the version returned by {@link #getVersion()}.
 554      * The returned stream may include an entry that only exists as a versioned entry.
 555      *
 556      * If the jar file is not a multi-release jar file or the {@code JarFile} is not
 557      * configured for processing a multi-release jar file, this method returns the
 558      * same stream that {@link #stream()} returns.
 559      *
 560      * @return stream of versioned entries
 561      * @since 10
 562      */
 563     public Stream<JarEntry> versionedStream() {
 564 
 565         if (isMultiRelease()) {
 566             return JUZFA.entryNameStream(this).map(this::getBasename)
 567                                               .filter(Objects::nonNull)
 568                                               .distinct()
 569                                               .map(this::getJarEntry)
 570                                               .filter(Objects::nonNull);
 571         }
 572         return stream();
 573     }
 574 
 575     /**
 576      * Creates a ZipEntry suitable for the given ZipFile.
 577      */
 578     JarEntry entryFor(String name) {
 579         return new JarFileEntry(name);
 580     }
 581 
 582     private String getBasename(String name) {
 583         if (name.startsWith(META_INF_VERSIONS)) {
 584             int off = META_INF_VERSIONS.length();
 585             int index = name.indexOf('/', off);
 586             try {
 587                 // filter out dir META-INF/versions/ and META-INF/versions/*/
 588                 // and any entry with version > 'version'
 589                 if (index == -1 || index == (name.length() - 1) ||
 590                     Integer.parseInt(name, off, index, 10) > versionFeature) {
 591                     return null;
 592                 }
 593             } catch (NumberFormatException x) {
 594                 return null; // remove malformed entries silently
 595             }
 596             // map to its base name
 597             return name.substring(index + 1);
 598         }
 599         return name;
 600     }
 601 
 602     private JarEntry getVersionedEntry(String name, JarEntry defaultEntry) {
 603         if (!name.startsWith(META_INF)) {
 604             int[] versions = JUZFA.getMetaInfVersions(this);
 605             if (BASE_VERSION_FEATURE < versionFeature && versions.length > 0) {
 606                 // search for versioned entry
 607                 for (int i = versions.length - 1; i >= 0; i--) {
 608                     int version = versions[i];
 609                     // skip versions above versionFeature
 610                     if (version > versionFeature) {
 611                         continue;
 612                     }
 613                     // skip versions below base version
 614                     if (version < BASE_VERSION_FEATURE) {
 615                         break;
 616                     }
 617                     JarFileEntry vje = (JarFileEntry)super.getEntry(
 618                             META_INF_VERSIONS + version + "/" + name);
 619                     if (vje != null) {
 620                         return vje.withBasename(name);
 621                     }
 622                 }
 623             }
 624         }
 625         return defaultEntry;
 626     }
 627 
 628     // placeholder for now
 629     String getRealName(JarEntry entry) {
 630         return entry.getRealName();
 631     }
 632 
 633     private class JarFileEntry extends JarEntry {
 634         private String basename;
 635 
 636         JarFileEntry(String name) {
 637             super(name);
 638             this.basename = name;
 639         }
 640 
 641         JarFileEntry(String name, ZipEntry vze) {
 642             super(vze);
 643             this.basename = name;
 644         }
 645 
 646         @Override
 647         public Attributes getAttributes() throws IOException {
 648             Manifest man = JarFile.this.getManifest();
 649             if (man != null) {
 650                 return man.getAttributes(super.getName());
 651             } else {
 652                 return null;
 653             }
 654         }
 655 
 656         @Override
 657         public Certificate[] getCertificates() {
 658             try {
 659                 maybeInstantiateVerifier();
 660             } catch (IOException e) {
 661                 throw new RuntimeException(e);
 662             }
 663             if (certs == null && jv != null) {
 664                 certs = jv.getCerts(JarFile.this, realEntry());
 665             }
 666             return certs == null ? null : certs.clone();
 667         }
 668 
 669         @Override
 670         public CodeSigner[] getCodeSigners() {
 671             try {
 672                 maybeInstantiateVerifier();
 673             } catch (IOException e) {
 674                 throw new RuntimeException(e);
 675             }
 676             if (signers == null && jv != null) {
 677                 signers = jv.getCodeSigners(JarFile.this, realEntry());
 678             }
 679             return signers == null ? null : signers.clone();
 680         }
 681 
 682         @Override
 683         public String getRealName() {
 684             return super.getName();
 685         }
 686 
 687         @Override
 688         public String getName() {
 689             return basename;
 690         }
 691 
 692         JarFileEntry realEntry() {
 693             if (isMultiRelease() && versionFeature != BASE_VERSION_FEATURE) {
 694                 String entryName = super.getName();
 695                 return entryName == basename || entryName.equals(basename) ?
 696                         this : new JarFileEntry(entryName, this);
 697             }
 698             return this;
 699         }
 700 
 701         // changes the basename, returns "this"
 702         JarFileEntry withBasename(String name) {
 703             basename = name;
 704             return this;
 705         }
 706     }
 707 
 708     /*
 709      * Ensures that the JarVerifier has been created if one is
 710      * necessary (i.e., the jar appears to be signed.) This is done as
 711      * a quick check to avoid processing of the manifest for unsigned
 712      * jars.
 713      */
 714     private void maybeInstantiateVerifier() throws IOException {
 715         if (jv != null) {
 716             return;
 717         }
 718 
 719         if (verify) {
 720             // Gets the manifest name, but only if there are
 721             // signature-related files. If so we can assume
 722             // that the jar is signed and that we therefore
 723             // need a JarVerifier and Manifest
 724             String name = JUZFA.getManifestName(this, true);
 725             if (name != null) {
 726                 getManifest();
 727                 return;
 728             }
 729             // No signature-related files; don't instantiate a
 730             // verifier
 731             verify = false;
 732         }
 733     }
 734 
 735     /*
 736      * Initializes the verifier object by reading all the manifest
 737      * entries and passing them to the verifier.
 738      */
 739     private void initializeVerifier() {
 740         ManifestEntryVerifier mev = null;
 741 
 742         // Verify "META-INF/" entries...
 743         try {
 744             List<String> names = JUZFA.getManifestAndSignatureRelatedFiles(this);
 745             for (String name : names) {
 746                 JarEntry e = getJarEntry(name);
 747                 byte[] b;
 748                 if (e == null) {
 749                     throw new JarException("corrupted jar file");
 750                 }
 751                 if (mev == null) {
 752                     mev = new ManifestEntryVerifier
 753                         (getManifestFromReference(), jv.manifestName);
 754                 }
 755                 if (name.equalsIgnoreCase(MANIFEST_NAME)) {
 756                     b = jv.manifestRawBytes;
 757                 } else {
 758                     b = getBytes(e);
 759                 }
 760                 if (b != null && b.length > 0) {
 761                     jv.beginEntry(e, mev);
 762                     jv.update(b.length, b, 0, b.length, mev);
 763                     jv.update(-1, null, 0, 0, mev);
 764                 }
 765             }
 766         } catch (IOException | IllegalArgumentException ex) {
 767             // if we had an error parsing any blocks, just
 768             // treat the jar file as being unsigned
 769             jv = null;
 770             verify = false;
 771             if (JarVerifier.debug != null) {
 772                 JarVerifier.debug.println("jarfile parsing error!");
 773                 ex.printStackTrace();
 774             }
 775         }
 776 
 777         // if after initializing the verifier we have nothing
 778         // signed, we null it out.
 779 
 780         if (jv != null) {
 781 
 782             jv.doneWithMeta();
 783             if (JarVerifier.debug != null) {
 784                 JarVerifier.debug.println("done with meta!");
 785             }
 786 
 787             if (jv.nothingToVerify()) {
 788                 if (JarVerifier.debug != null) {
 789                     JarVerifier.debug.println("nothing to verify!");
 790                 }
 791                 jv = null;
 792                 verify = false;
 793             }
 794         }
 795     }
 796 
 797     /*
 798      * Reads all the bytes for a given entry. Used to process the
 799      * META-INF files.
 800      */
 801     private byte[] getBytes(ZipEntry ze) throws IOException {
 802         try (InputStream is = super.getInputStream(ze)) {
 803             long uncompressedSize = ze.getSize();
 804             if (uncompressedSize > MAX_ARRAY_SIZE) {
 805                 throw new IOException("Unsupported size: " + uncompressedSize);
 806             }
 807             int len = (int)uncompressedSize;
 808             int bytesRead;
 809             byte[] b;
 810             // trust specified entry sizes when reasonably small
 811             if (len != -1 && len <= 65535) {
 812                 b = new byte[len];
 813                 bytesRead = is.readNBytes(b, 0, len);
 814             } else {
 815                 b = is.readAllBytes();
 816                 bytesRead = b.length;
 817             }
 818             if (len != -1 && len != bytesRead) {
 819                 throw new EOFException("Expected:" + len + ", read:" + bytesRead);
 820             }
 821             return b;
 822         }
 823     }
 824 
 825     /**
 826      * Returns an input stream for reading the contents of the specified
 827      * zip file entry.
 828      * @param ze the zip file entry
 829      * @return an input stream for reading the contents of the specified
 830      *         zip file entry
 831      * @throws ZipException if a zip file format error has occurred
 832      * @throws IOException if an I/O error has occurred
 833      * @throws SecurityException if any of the jar file entries
 834      *         are incorrectly signed.
 835      * @throws IllegalStateException
 836      *         may be thrown if the jar file has been closed
 837      */
 838     public synchronized InputStream getInputStream(ZipEntry ze)
 839         throws IOException
 840     {
 841         maybeInstantiateVerifier();
 842         if (jv == null) {
 843             return super.getInputStream(ze);
 844         }
 845         if (!jvInitialized) {
 846             initializeVerifier();
 847             jvInitialized = true;
 848             // could be set to null after a call to
 849             // initializeVerifier if we have nothing to
 850             // verify
 851             if (jv == null)
 852                 return super.getInputStream(ze);
 853         }
 854 
 855         // wrap a verifier stream around the real stream
 856         return new JarVerifier.VerifierStream(
 857             getManifestFromReference(),
 858             verifiableEntry(ze),
 859             super.getInputStream(ze),
 860             jv);
 861     }
 862 
 863     private JarEntry verifiableEntry(ZipEntry ze) {
 864         if (ze instanceof JarFileEntry) {
 865             // assure the name and entry match for verification
 866             return ((JarFileEntry)ze).realEntry();
 867         }
 868         ze = getJarEntry(ze.getName());
 869         if (ze instanceof JarFileEntry) {
 870             return ((JarFileEntry)ze).realEntry();
 871         }
 872         return (JarEntry)ze;
 873     }
 874 
 875     // Statics for hand-coded Boyer-Moore search
 876     private static final byte[] CLASSPATH_CHARS =
 877             {'C','L','A','S','S','-','P','A','T','H', ':', ' '};
 878 
 879     // The bad character shift for "class-path: "
 880     private static final byte[] CLASSPATH_LASTOCC;
 881 
 882     // The good suffix shift for "class-path: "
 883     private static final byte[] CLASSPATH_OPTOSFT;
 884 
 885     private static final byte[] MULTIRELEASE_CHARS =
 886             {'M','U','L','T','I','-','R','E','L','E', 'A', 'S', 'E', ':',
 887                     ' ', 'T', 'R', 'U', 'E'};
 888 
 889     // The bad character shift for "multi-release: true"
 890     private static final byte[] MULTIRELEASE_LASTOCC;
 891 
 892     // The good suffix shift for "multi-release: true"
 893     private static final byte[] MULTIRELEASE_OPTOSFT;
 894 
 895     static {
 896         CLASSPATH_LASTOCC = new byte[65];
 897         CLASSPATH_OPTOSFT = new byte[12];
 898         CLASSPATH_LASTOCC[(int)'C' - 32] = 1;
 899         CLASSPATH_LASTOCC[(int)'L' - 32] = 2;
 900         CLASSPATH_LASTOCC[(int)'S' - 32] = 5;
 901         CLASSPATH_LASTOCC[(int)'-' - 32] = 6;
 902         CLASSPATH_LASTOCC[(int)'P' - 32] = 7;
 903         CLASSPATH_LASTOCC[(int)'A' - 32] = 8;
 904         CLASSPATH_LASTOCC[(int)'T' - 32] = 9;
 905         CLASSPATH_LASTOCC[(int)'H' - 32] = 10;
 906         CLASSPATH_LASTOCC[(int)':' - 32] = 11;
 907         CLASSPATH_LASTOCC[(int)' ' - 32] = 12;
 908         for (int i = 0; i < 11; i++) {
 909             CLASSPATH_OPTOSFT[i] = 12;
 910         }
 911         CLASSPATH_OPTOSFT[11] = 1;
 912 
 913         MULTIRELEASE_LASTOCC = new byte[65];
 914         MULTIRELEASE_OPTOSFT = new byte[19];
 915         MULTIRELEASE_LASTOCC[(int)'M' - 32] = 1;
 916         MULTIRELEASE_LASTOCC[(int)'I' - 32] = 5;
 917         MULTIRELEASE_LASTOCC[(int)'-' - 32] = 6;
 918         MULTIRELEASE_LASTOCC[(int)'L' - 32] = 9;
 919         MULTIRELEASE_LASTOCC[(int)'A' - 32] = 11;
 920         MULTIRELEASE_LASTOCC[(int)'S' - 32] = 12;
 921         MULTIRELEASE_LASTOCC[(int)':' - 32] = 14;
 922         MULTIRELEASE_LASTOCC[(int)' ' - 32] = 15;
 923         MULTIRELEASE_LASTOCC[(int)'T' - 32] = 16;
 924         MULTIRELEASE_LASTOCC[(int)'R' - 32] = 17;
 925         MULTIRELEASE_LASTOCC[(int)'U' - 32] = 18;
 926         MULTIRELEASE_LASTOCC[(int)'E' - 32] = 19;
 927         for (int i = 0; i < 17; i++) {
 928             MULTIRELEASE_OPTOSFT[i] = 19;
 929         }
 930         MULTIRELEASE_OPTOSFT[17] = 6;
 931         MULTIRELEASE_OPTOSFT[18] = 1;
 932     }
 933 
 934     private JarEntry getManEntry() {
 935         if (manEntry == null) {
 936             // The manifest entry position is resolved during
 937             // initialization
 938             String name = JUZFA.getManifestName(this, false);
 939             if (name != null) {
 940                 this.manEntry = (JarEntry)super.getEntry(name);
 941             }
 942         }
 943         return manEntry;
 944     }
 945 
 946    /**
 947     * Returns {@code true} iff this JAR file has a manifest with the
 948     * Class-Path attribute
 949     */
 950     boolean hasClassPathAttribute() throws IOException {
 951         checkForSpecialAttributes();
 952         return hasClassPathAttribute;
 953     }
 954 
 955     /**
 956      * Returns true if the pattern {@code src} is found in {@code b}.
 957      * The {@code lastOcc} array is the precomputed bad character shifts.
 958      * Since there are no repeated substring in our search strings,
 959      * the good suffix shifts can be replaced with a comparison.
 960      */
 961     private int match(byte[] src, byte[] b, byte[] lastOcc, byte[] optoSft) {
 962         int len = src.length;
 963         int last = b.length - len;
 964         int i = 0;
 965         next:
 966         while (i <= last) {
 967             for (int j = (len - 1); j >= 0; j--) {
 968                 byte c = b[i + j];
 969                 if (c >= ' ' && c <= 'z') {
 970                     if (c >= 'a') c -= 32; // Canonicalize
 971 
 972                     if (c != src[j]) {
 973                         // no match
 974                         int badShift = lastOcc[c - 32];
 975                         i += Math.max(j + 1 - badShift, optoSft[j]);
 976                         continue next;
 977                     }
 978                 } else {
 979                     // no match, character not valid for name
 980                     i += len;
 981                     continue next;
 982                 }
 983             }
 984             return i;
 985         }
 986         return -1;
 987     }
 988 
 989     /**
 990      * On first invocation, check if the JAR file has the Class-Path
 991      * and the Multi-Release attribute. A no-op on subsequent calls.
 992      */
 993     private void checkForSpecialAttributes() throws IOException {
 994         if (hasCheckedSpecialAttributes) {
 995             return;
 996         }
 997         synchronized (this) {
 998             if (hasCheckedSpecialAttributes) {
 999                 return;
1000             }
1001             JarEntry manEntry = getManEntry();
1002             if (manEntry != null) {
1003                 byte[] b = getBytes(manEntry);
1004                 hasClassPathAttribute = match(CLASSPATH_CHARS, b,
1005                         CLASSPATH_LASTOCC, CLASSPATH_OPTOSFT) != -1;
1006                 // is this a multi-release jar file
1007                 if (MULTI_RELEASE_ENABLED) {
1008                     int i = match(MULTIRELEASE_CHARS, b, MULTIRELEASE_LASTOCC,
1009                             MULTIRELEASE_OPTOSFT);
1010                     if (i != -1) {
1011                         // Read the main attributes of the manifest
1012                         byte[] lbuf = new byte[512];
1013                         Attributes attr = new Attributes();
1014                         attr.read(new Manifest.FastInputStream(
1015                                 new ByteArrayInputStream(b)), lbuf);
1016                         isMultiRelease = Boolean.parseBoolean(
1017                             attr.getValue(Attributes.Name.MULTI_RELEASE));
1018                     }
1019                 }
1020             }
1021             hasCheckedSpecialAttributes = true;
1022         }
1023     }
1024 
1025     synchronized void ensureInitialization() {
1026         try {
1027             maybeInstantiateVerifier();
1028         } catch (IOException e) {
1029             throw new RuntimeException(e);
1030         }
1031         if (jv != null && !jvInitialized) {
1032             INITIALIZING_GATE.enter();
1033             try {
1034                 initializeVerifier();
1035                 jvInitialized = true;
1036             } finally {
1037                 INITIALIZING_GATE.exit();
1038             }
1039         }
1040     }
1041 
1042     static boolean isInitializing() {
1043         return INITIALIZING_GATE.inside();

1044     }
1045 
1046     /*
1047      * Returns a versioned {@code JarFileEntry} for the given entry,
1048      * if there is one. Otherwise returns the original entry. This
1049      * is invoked by the {@code entries2} for verifier.
1050      */
1051     JarEntry newEntry(JarEntry je) {
1052         if (isMultiRelease()) {
1053             return getVersionedEntry(je.getName(), je);
1054         }
1055         return je;
1056     }
1057 
1058     /*
1059      * Returns a versioned {@code JarFileEntry} for the given entry
1060      * name, if there is one. Otherwise returns a {@code JarFileEntry}
1061      * with the given name. It is invoked from JarVerifier's entries2
1062      * for {@code singers}.
1063      */
1064     JarEntry newEntry(String name) {
1065         if (isMultiRelease()) {
1066             JarEntry vje = getVersionedEntry(name, null);
1067             if (vje != null) {
1068                 return vje;
1069             }
1070         }
1071         return new JarFileEntry(name);
1072     }
1073 
1074     Enumeration<String> entryNames(CodeSource[] cs) {
1075         ensureInitialization();
1076         if (jv != null) {
1077             return jv.entryNames(this, cs);
1078         }
1079 
1080         /*
1081          * JAR file has no signed content. Is there a non-signing
1082          * code source?
1083          */
1084         boolean includeUnsigned = false;
1085         for (CodeSource c : cs) {
1086             if (c.getCodeSigners() == null) {
1087                 includeUnsigned = true;
1088                 break;
1089             }
1090         }
1091         if (includeUnsigned) {
1092             return unsignedEntryNames();
1093         } else {
1094             return Collections.emptyEnumeration();
1095         }
1096     }
1097 
1098     /**
1099      * Returns an enumeration of the zip file entries
1100      * excluding internal JAR mechanism entries and including
1101      * signed entries missing from the ZIP directory.
1102      */
1103     Enumeration<JarEntry> entries2() {
1104         ensureInitialization();
1105         if (jv != null) {
1106             return jv.entries2(this, JUZFA.entries(JarFile.this));
1107         }
1108 
1109         // screen out entries which are never signed
1110         final var unfilteredEntries = JUZFA.entries(JarFile.this);
1111 
1112         return new Enumeration<>() {
1113 
1114             JarEntry entry;
1115 
1116             public boolean hasMoreElements() {
1117                 if (entry != null) {
1118                     return true;
1119                 }
1120                 while (unfilteredEntries.hasMoreElements()) {
1121                     JarEntry je = unfilteredEntries.nextElement();
1122                     if (JarVerifier.isSigningRelated(je.getName())) {
1123                         continue;
1124                     }
1125                     entry = je;
1126                     return true;
1127                 }
1128                 return false;
1129             }
1130 
1131             public JarEntry nextElement() {
1132                 if (hasMoreElements()) {
1133                     JarEntry je = entry;
1134                     entry = null;
1135                     return newEntry(je);
1136                 }
1137                 throw new NoSuchElementException();
1138             }
1139         };
1140     }
1141 
1142     CodeSource[] getCodeSources(URL url) {
1143         ensureInitialization();
1144         if (jv != null) {
1145             return jv.getCodeSources(this, url);
1146         }
1147 
1148         /*
1149          * JAR file has no signed content. Is there a non-signing
1150          * code source?
1151          */
1152         Enumeration<String> unsigned = unsignedEntryNames();
1153         if (unsigned.hasMoreElements()) {
1154             return new CodeSource[]{JarVerifier.getUnsignedCS(url)};
1155         } else {
1156             return null;
1157         }
1158     }
1159 
1160     private Enumeration<String> unsignedEntryNames() {
1161         final Enumeration<JarEntry> entries = entries();
1162         return new Enumeration<>() {
1163 
1164             String name;
1165 
1166             /*
1167              * Grab entries from ZIP directory but screen out
1168              * metadata.
1169              */
1170             public boolean hasMoreElements() {
1171                 if (name != null) {
1172                     return true;
1173                 }
1174                 while (entries.hasMoreElements()) {
1175                     String value;
1176                     ZipEntry e = entries.nextElement();
1177                     value = e.getName();
1178                     if (e.isDirectory() || JarVerifier.isSigningRelated(value)) {
1179                         continue;
1180                     }
1181                     name = value;
1182                     return true;
1183                 }
1184                 return false;
1185             }
1186 
1187             public String nextElement() {
1188                 if (hasMoreElements()) {
1189                     String value = name;
1190                     name = null;
1191                     return value;
1192                 }
1193                 throw new NoSuchElementException();
1194             }
1195         };
1196     }
1197 
1198     CodeSource getCodeSource(URL url, String name) {
1199         ensureInitialization();
1200         if (jv != null) {
1201             if (jv.eagerValidation) {
1202                 CodeSource cs;
1203                 JarEntry je = getJarEntry(name);
1204                 if (je != null) {
1205                     cs = jv.getCodeSource(url, this, je);
1206                 } else {
1207                     cs = jv.getCodeSource(url, name);
1208                 }
1209                 return cs;
1210             } else {
1211                 return jv.getCodeSource(url, name);
1212             }
1213         }
1214 
1215         return JarVerifier.getUnsignedCS(url);
1216     }
1217 
1218     void setEagerValidation(boolean eager) {
1219         try {
1220             maybeInstantiateVerifier();
1221         } catch (IOException e) {
1222             throw new RuntimeException(e);
1223         }
1224         if (jv != null) {
1225             jv.setEagerValidation(eager);
1226         }
1227     }
1228 
1229     List<Object> getManifestDigests() {
1230         ensureInitialization();
1231         if (jv != null) {
1232             return jv.getManifestDigests();
1233         }
1234         return new ArrayList<>();
1235     }
1236 }
--- EOF ---