You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@harmony.apache.org by gh...@apache.org on 2006/04/04 14:04:45 UTC
svn commit: r391283 - in /incubator/harmony/enhanced/classlib/trunk:
modules/archive/src/main/java/java/util/jar/
modules/archive/src/test/java/tests/api/java/util/jar/
support/src/test/java/tests/resources/
Author: gharley
Date: Tue Apr 4 05:04:44 2006
New Revision: 391283
URL: http://svn.apache.org/viewcvs?rev=391283&view=rev
Log:
HARMONY-204 : New implementation and test code plus test resource jars. Test cases complete successfully against both 5.0 RI and Harmony.
Added:
incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Created_by_1_4.jar (with props)
incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Inserted_Entry_Manifest.jar (with props)
incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Inserted_Entry_Manifest_with_DigestCode.jar (with props)
incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Integrate.jar (with props)
incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Class.jar (with props)
incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Manifest_EntryAttributes.jar (with props)
incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Manifest_MainAttributes.jar (with props)
incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_SF_EntryAttributes.jar (with props)
Modified:
incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/InitManifest.java
incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarFile.java
incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarVerifier.java
incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/Manifest.java
incubator/harmony/enhanced/classlib/trunk/modules/archive/src/test/java/tests/api/java/util/jar/JarFileTest.java
Modified: incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/InitManifest.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/InitManifest.java?rev=391283&r1=391282&r2=391283&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/InitManifest.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/InitManifest.java Tue Apr 4 05:04:44 2006
@@ -47,6 +47,8 @@
private boolean usingUTF8 = true;
private Map attributeNames = new HashMap();
+
+ private byte[] mainAttributesChunk;
InitManifest(InputStream is, Attributes main, Map entries, Map chunks,
String verString) throws IOException {
@@ -58,7 +60,10 @@
Attributes current = main;
ArrayList list = new ArrayList();
- readLines(is, list);
+
+ //Return the chunk of main attributes in the manifest.
+ mainAttributesChunk = nextChunk(is,list);
+
Iterator it = list.iterator();
while (it.hasNext())
addAttribute((String) it.next(), current);
@@ -87,6 +92,11 @@
list.clear();
}
+ }
+
+ byte[] getMainAttributesChunk()
+ {
+ return mainAttributesChunk;
}
private void addLine(int length, List lines) throws IOException {
Modified: incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarFile.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarFile.java?rev=391283&r1=391282&r2=391283&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarFile.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarFile.java Tue Apr 4 05:04:44 2006
@@ -295,8 +295,11 @@
signed = true;
InputStream is = super.getInputStream(entry);
byte[] buf = new byte[is.available()];
- is.read(buf, 0, buf.length);
- is.close();
+ try {
+ is.read(buf, 0, buf.length);
+ } finally {
+ is.close();
+ }
verifier.addMetaEntry(entryName, buf);
}
}
@@ -319,6 +322,10 @@
getManifest();
if (verifier != null) {
verifier.setManifest(getManifest());
+ if (manifest != null) {
+ verifier.mainAttributesChunk = manifest
+ .getMainAttributesChunk();
+ }
if (verifier.readCertificates()) {
verifier.removeMetaEntries();
if (manifest != null)
Modified: incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarVerifier.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarVerifier.java?rev=391283&r1=391282&r2=391283&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarVerifier.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/JarVerifier.java Tue Apr 4 05:04:44 2006
@@ -68,6 +68,8 @@
private Hashtable verifiedEntries = new Hashtable();
+ byte[] mainAttributesChunk;
+
/**
* TODO Type description
*/
@@ -294,12 +296,29 @@
if (createdByValue != null) {
createdBySigntool = createdByValue.indexOf("signtool") != -1;
}
+
+ // Use .SF to verify the mainAttributes of the manifest
+ // If there is no -Digest-Manifest-Main-Attributes entry in .SF
+ // file, such as those created before java 1.5, then we ignore
+ // such verification.
+ // FIXME: The meaning of createdBySigntool
+ if (this.mainAttributesChunk != null && !createdBySigntool) {
+ String digestAttribute = "-Digest-Manifest-Main-Attributes";
+ if (!verify(attributes, digestAttribute, this.mainAttributesChunk,
+ false, true)) {
+ /* [MSG "K00eb", "{0} failed verification of {1}"] */
+ throw new SecurityException(Msg.getString("K00eb", jarName,
+ signatureFile));
+ }
+ }
+
byte[] manifest = (byte[]) metaEntries.get(JarFile.MANIFEST_NAME);
if (manifest == null)
return;
+ // Use .SF to verify the whole manifest
String digestAttribute = createdBySigntool ? "-Digest"
: "-Digest-Manifest";
- if (!verify(attributes, digestAttribute, manifest, false)) {
+ if (!verify(attributes, digestAttribute, manifest, false,false)) {
Iterator it = hm.entrySet().iterator();
while (it.hasNext()) {
Map.Entry entry = (Map.Entry) it.next();
@@ -307,7 +326,7 @@
if (chunk == null)
return;
if (!verify((Attributes) entry.getValue(), "-Digest", chunk,
- createdBySigntool))
+ createdBySigntool,false))
/* [MSG "K00ec", "{0} has invalid digest for {1} in {2}"] */
throw new SecurityException(Msg.getString("K00ec",
new Object[] { signatureFile, entry.getKey(),
@@ -370,10 +389,10 @@
/*
* @param attributes @param entry @param data @param ignoreSecondEndline
- * @return
+ * @param ignorable @return
*/
private boolean verify(Attributes attributes, String entry, byte[] data,
- boolean ignoreSecondEndline) {
+ boolean ignoreSecondEndline, boolean ignorable) {
String algorithms = attributes.getValue("Digest-Algorithms");
if (algorithms == null)
algorithms = "SHA SHA1";
@@ -405,7 +424,11 @@
}
return MessageDigest.isEqual(b, BASE64Decoder.decode(hashBytes));
}
- return false;
+ if (ignorable) {
+ return true;
+ } else {
+ return false;
+ }
}
/**
Modified: incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/Manifest.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/Manifest.java?rev=391283&r1=391282&r2=391283&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/Manifest.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/archive/src/main/java/java/util/jar/Manifest.java Tue Apr 4 05:04:44 2006
@@ -39,7 +39,10 @@
private HashMap entryAttributes = new HashMap();
private HashMap chunks;
-
+
+ /*The data chunk of Main Attributes in the manifest is needed in verification.*/
+ private byte[] mainAttributesChunk;
+
/**
* Contructs a new Manifest instance.
*/
@@ -270,7 +273,8 @@
* If an error occurs reading the Manifest.
*/
public void read(InputStream is) throws IOException {
- new InitManifest(is, mainAttributes, entryAttributes, chunks, null);
+ InitManifest initManifest = new InitManifest(is, mainAttributes, entryAttributes, chunks, null);
+ mainAttributesChunk = initManifest.getMainAttributesChunk();
}
/**
@@ -308,5 +312,10 @@
void removeChunks() {
chunks = null;
+ }
+
+ byte[] getMainAttributesChunk()
+ {
+ return this.mainAttributesChunk;
}
}
Modified: incubator/harmony/enhanced/classlib/trunk/modules/archive/src/test/java/tests/api/java/util/jar/JarFileTest.java
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/modules/archive/src/test/java/tests/api/java/util/jar/JarFileTest.java?rev=391283&r1=391282&r2=391283&view=diff
==============================================================================
--- incubator/harmony/enhanced/classlib/trunk/modules/archive/src/test/java/tests/api/java/util/jar/JarFileTest.java (original)
+++ incubator/harmony/enhanced/classlib/trunk/modules/archive/src/test/java/tests/api/java/util/jar/JarFileTest.java Tue Apr 4 05:04:44 2006
@@ -386,6 +386,172 @@
assertTrue("Failed to throw SecurityException", exception);
}
+ /*
+ * The jar created by 1.4 which does not provide a
+ * algorithm-Digest-Manifest-Main-Attributes entry in .SF file.
+ */
+ public void test_Jar_created_before_java_5() throws IOException {
+ String modifiedJarName = "Created_by_1_4.jar";
+ Support_Resources.copyFile(resources, null, modifiedJarName);
+ JarFile jarFile = new JarFile(new File(resources, modifiedJarName),
+ true);
+ Enumeration entries = jarFile.entries();
+ while (entries.hasMoreElements()) {
+ ZipEntry zipEntry = (ZipEntry) entries.nextElement();
+ jarFile.getInputStream(zipEntry);
+ }
+ }
+
+ /* The jar is intact, then everything is all right. */
+ public void test_JarFile_Integrate_Jar() throws IOException {
+ String modifiedJarName = "Integrate.jar";
+ Support_Resources.copyFile(resources, null, modifiedJarName);
+ JarFile jarFile = new JarFile(new File(resources, modifiedJarName),
+ true);
+ Enumeration entries = jarFile.entries();
+ while (entries.hasMoreElements()) {
+ ZipEntry zipEntry = (ZipEntry) entries.nextElement();
+ jarFile.getInputStream(zipEntry);
+ }
+ }
+
+ /*
+ * If another entry is inserted into Manifest, no security exception will be
+ * thrown out.
+ */
+ public void test_JarFile_InsertEntry_in_Manifest_Jar() throws IOException {
+ String modifiedJarName = "Inserted_Entry_Manifest.jar";
+ Support_Resources.copyFile(resources, null, modifiedJarName);
+ JarFile jarFile = new JarFile(new File(resources, modifiedJarName),
+ true);
+ Enumeration entries = jarFile.entries();
+ int count = 0;
+ while (entries.hasMoreElements()) {
+
+ ZipEntry zipEntry = (ZipEntry) entries.nextElement();
+ jarFile.getInputStream(zipEntry);
+ count++;
+ }
+ assertEquals(5, count);
+ }
+
+ /*
+ * If another entry is inserted into Manifest, no security exception will be
+ * thrown out.
+ */
+ public void test_Inserted_Entry_Manifest_with_DigestCode()
+ throws IOException {
+ String modifiedJarName = "Inserted_Entry_Manifest_with_DigestCode.jar";
+ Support_Resources.copyFile(resources, null, modifiedJarName);
+ JarFile jarFile = new JarFile(new File(resources, modifiedJarName),
+ true);
+ Enumeration entries = jarFile.entries();
+ int count = 0;
+ while (entries.hasMoreElements()) {
+
+ ZipEntry zipEntry = (ZipEntry) entries.nextElement();
+ jarFile.getInputStream(zipEntry);
+ count++;
+ }
+ assertEquals(5, count);
+ }
+
+ /*
+ * The content of Test.class is modified, jarFile.getInputStream will not
+ * throw security Exception, but it will anytime before the inputStream got
+ * from getInputStream method has been read to end.
+ */
+ public void test_JarFile_Modified_Class() throws IOException {
+ String modifiedJarName = "Modified_Class.jar";
+ Support_Resources.copyFile(resources, null, modifiedJarName);
+ JarFile jarFile = new JarFile(new File(resources, modifiedJarName),
+ true);
+ Enumeration entries = jarFile.entries();
+ while (entries.hasMoreElements()) {
+ ZipEntry zipEntry = (ZipEntry) entries.nextElement();
+ jarFile.getInputStream(zipEntry);
+ }
+ /* The content of Test.class has been tampered. */
+ ZipEntry zipEntry = jarFile.getEntry("Test.class");
+ InputStream in = jarFile.getInputStream(zipEntry);
+ byte[] buffer = new byte[1024];
+ try {
+ while (in.available() > 0) {
+ in.read(buffer);
+ }
+ fail("should throw Security Excetpion");
+ } catch (SecurityException e) {
+ // desired
+ }
+ }
+
+ /*
+ * In the Modified.jar, the main attributes of META-INF/MANIFEST.MF is
+ * tampered manually. Hence the RI 5.0 JarFile.getInputStream of any
+ * JarEntry will throw security exception, but the apache harmony will not.
+ */
+ public void test_JarFile_Modified_Manifest_MainAttributes()
+ throws IOException {
+ String modifiedJarName = "Modified_Manifest_MainAttributes.jar";
+ Support_Resources.copyFile(resources, null, modifiedJarName);
+ JarFile jarFile = new JarFile(new File(resources, modifiedJarName),
+ true);
+ Enumeration entries = jarFile.entries();
+ while (entries.hasMoreElements()) {
+ ZipEntry zipEntry = (ZipEntry) entries.nextElement();
+ try {
+ jarFile.getInputStream(zipEntry);
+ fail("should throw Security Excetpion");
+ } catch (SecurityException e) {
+ // desired
+ }
+ }
+ }
+
+ /*
+ * It is all right in our original JarFile. If the Entry Attributes, for
+ * example Test.class in our jar, the jarFile.getInputStream will throw
+ * Security Exception.
+ */
+ public void test_JarFile_Modified_Manifest_EntryAttributes()
+ throws IOException {
+ String modifiedJarName = "Modified_Manifest_EntryAttributes.jar";
+ Support_Resources.copyFile(resources, null, modifiedJarName);
+ JarFile jarFile = new JarFile(new File(resources, modifiedJarName),
+ true);
+ Enumeration entries = jarFile.entries();
+ while (entries.hasMoreElements()) {
+ ZipEntry zipEntry = (ZipEntry) entries.nextElement();
+ try {
+ jarFile.getInputStream(zipEntry);
+ fail("should throw Security Excetpion");
+ } catch (SecurityException e) {
+ // desired
+ }
+ }
+ }
+
+ /*
+ * If the content of the .SA file is modified, no matter what it resides,
+ * JarFile.getInfputStream of any JarEntry will throw Security Exception.
+ */
+ public void test_JarFile_Modified_SF_EntryAttributes() throws IOException {
+ String modifiedJarName = "Modified_SF_EntryAttributes.jar";
+ Support_Resources.copyFile(resources, null, modifiedJarName);
+ JarFile jarFile = new JarFile(new File(resources, modifiedJarName),
+ true);
+ Enumeration entries = jarFile.entries();
+ while (entries.hasMoreElements()) {
+ ZipEntry zipEntry = (ZipEntry) entries.nextElement();
+ try {
+ jarFile.getInputStream(zipEntry);
+ fail("should throw Security Excetpion");
+ } catch (SecurityException e) {
+ // desired
+ }
+ }
+ }
+
/**
* Sets up the fixture, for example, open a network connection. This method
* is called before a test is executed.
Added: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Created_by_1_4.jar
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Created_by_1_4.jar?rev=391283&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Created_by_1_4.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Inserted_Entry_Manifest.jar
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Inserted_Entry_Manifest.jar?rev=391283&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Inserted_Entry_Manifest.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Inserted_Entry_Manifest_with_DigestCode.jar
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Inserted_Entry_Manifest_with_DigestCode.jar?rev=391283&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Inserted_Entry_Manifest_with_DigestCode.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Integrate.jar
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Integrate.jar?rev=391283&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Integrate.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Class.jar
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Class.jar?rev=391283&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Class.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Manifest_EntryAttributes.jar
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Manifest_EntryAttributes.jar?rev=391283&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Manifest_EntryAttributes.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Manifest_MainAttributes.jar
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Manifest_MainAttributes.jar?rev=391283&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_Manifest_MainAttributes.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_SF_EntryAttributes.jar
URL: http://svn.apache.org/viewcvs/incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_SF_EntryAttributes.jar?rev=391283&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/harmony/enhanced/classlib/trunk/support/src/test/java/tests/resources/Modified_SF_EntryAttributes.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream