[official-gcc.git] / libjava / classpath / tools / gnu / classpath / tools / jarsigner / JarVerifier.java
| blob | f80147dfa5e449a1d34c3033434f61986252b9b8 |
1 /* JarVerifier.java -- The verification handler of the gjarsigner tool
2 Copyright (C) 2006 Free Software Foundation, Inc.
4 This file is part of GNU Classpath.
6 GNU Classpath is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2, or (at your option)
9 any later version.
11 GNU Classpath is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Classpath; see the file COPYING. If not, write to the
18 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19 02110-1301 USA.
21 Linking this library statically or dynamically with other modules is
22 making a combined work based on this library. Thus, the terms and
23 conditions of the GNU General Public License cover the whole
24 combination.
26 As a special exception, the copyright holders of this library give you
27 permission to link this library with independent modules to produce an
28 executable, regardless of the license terms of these independent
29 modules, and to copy and distribute the resulting executable under
30 terms of your choice, provided that you also meet, for each linked
31 independent module, the terms and conditions of the license of that
32 module. An independent module is a module which is not derived from
33 or based on this library. If you modify this library, you may extend
34 this exception to your version of the library, but you are not
35 obligated to do so. If you do not wish to do so, delete this
36 exception statement from your version. */
74 /**
75 * The JAR verification handler of the <code>gjarsigner</code> tool.
76 */
77 public class JarVerifier
78 {
80 /** The owner tool of this handler. */
83 /** The JAR file to verify. */
85 /** Map of jar entry names to their hash. */
89 {
93 }
96 {
102 // 1. find all signature (.SF) files
105 {
112 // only interested in .SF files in, and not deeper than, META-INF
120 }
122 // 2. verify each one
125 else
126 {
130 {
134 count++;
135 }
143 else
146 }
149 }
151 /**
152 * @param sigFileName the name of the signature file; i.e. the name to use for
153 * both the .SF and .DSA files.
154 * @return <code>true</code> if the designated file-name (usually a key-store
155 * <i>alias</i> name) has been successfully checked as the signer of the
156 * corresponding <code>.SF</code> file. Returns <code>false</code> otherwise.
157 * @throws IOException
158 * @throws ZipException
159 * @throws CertificateException
160 * @throws CRLException
161 */
164 {
168 // 1. find the corresponding .DSA file for this .SF file
173 sigFileName));
174 // 2. read the .DSA file contents as a PKCS7 SignedData
178 // 4. get the encrypted digest octet string from the first SignerInfo
179 // this octet string is the digital signature of the .SF file contents
189 log.finest("\n" + Util.dumpString(encryptedDigest, "--- signedSFBytes ")); //$NON-NLS-1$ //$NON-NLS-2$
191 // 5. get the signer public key
196 // 6. verify the signature file signature
198 ISignature signatureAlgorithm;
199 ISignatureCodec signatureCodec;
201 {
204 }
205 else
206 {
209 }
217 // 7. verify the signature file contents
233 }
235 /**
236 * This method is called after at least one signer (usually a key-store
237 * <code>alias</code> name) was found to be trusted; i.e. his/her signature
238 * block in the corresponding <code>.DSA</code> file was successfully
239 * verified using his/her public key.
240 * <p>
241 * This method, uses the contents of the corresponding <code>.SF</code> file
242 * to compute and verify the hashes of the manifest entries in the JAR file.
243 *
244 * @param alias the name of the signature file; i.e. the name to use for both
245 * the .SF and .DSA files.
246 * @return <code>true</code> if all the entries in the corresponding
247 * <code>.SF</code> file have the same hash values as their
248 * alter-ego in the <i>manifest</i> file of the JAR file inquestion.
249 * @throws IOException if an I/O related exception occurs during the process.
250 */
252 {
255 // 1. read the signature file
263 // 2. The .SF file by default includes a header containing a hash of the
264 // entire manifest file. When the header is present, then the verification
265 // can check to see whether or not the hash in the header indeed matches
266 // the hash of the manifest file.
272 // A verification is still considered successful if none of the files that
273 // were in the JAR file when the signature was generated have been changed
274 // since then, which is the case if the hashes in the non-header sections
275 // of the .SF file equal the hashes of the corresponding sections in the
276 // manifest file.
277 //
278 // 3. Read each file in the JAR file that has an entry in the .SF file.
279 // While reading, compute the file's digest, and then compare the result
280 // with the digest for this file in the manifest section. The digests
281 // should be the same, or verification fails.
284 {
292 }
297 }
299 /**
300 * @param hash Base-64 encoded form of the manifest's digest.
301 * @return <code>true</code> if our computation of the manifest's hash
302 * matches the given value; <code>false</code> otherwise.
303 * @throws IOException if unable to acquire the JAR's manifest entry.
304 */
306 {
308 }
310 /**
311 * @param name the name of a JAR entry to verify.
312 * @param hash Base-64 encoded form of the designated entry's digest.
313 * @return <code>true</code> if our computation of the JAR entry's hash
314 * matches the given value; <code>false</code> otherwise.
315 * @throws IOException if an exception occurs while returning the entry's
316 * input stream.
317 */
319 {
324 }
327 {
330 {
335 }
338 }
339 }