Example 1 with SignatureFileVerifier
use of sun.security.util.SignatureFileVerifier in project jdk8u_jdk by JetBrains.
the class JarVerifier method processEntry.
/**
* called when we reach the end of entry in one of the read() methods.
*/
private void processEntry(ManifestEntryVerifier mev) throws IOException {
if (!parsingBlockOrSF) {
JarEntry je = mev.getEntry();
if ((je != null) && (je.signers == null)) {
je.signers = mev.verify(verifiedSigners, sigFileSigners);
je.certs = mapSignersToCertArray(je.signers);
}
} else {
try {
parsingBlockOrSF = false;
if (debug != null) {
debug.println("processEntry: processing block");
}
String uname = mev.getEntry().getName().toUpperCase(Locale.ENGLISH);
if (uname.endsWith(".SF")) {
String key = uname.substring(0, uname.length() - 3);
byte[] bytes = baos.toByteArray();
// add to sigFileData in case future blocks need it
sigFileData.put(key, bytes);
// check pending blocks, we can now process
// anyone waiting for this .SF file
Iterator<SignatureFileVerifier> it = pendingBlocks.iterator();
while (it.hasNext()) {
SignatureFileVerifier sfv = it.next();
if (sfv.needSignatureFile(key)) {
if (debug != null) {
debug.println("processEntry: processing pending block");
}
sfv.setSignatureFile(bytes);
sfv.process(sigFileSigners, manifestDigests);
}
}
return;
}
// now we are parsing a signature block file
String key = uname.substring(0, uname.lastIndexOf("."));
if (signerCache == null)
signerCache = new ArrayList<>();
if (manDig == null) {
synchronized (manifestRawBytes) {
if (manDig == null) {
manDig = new ManifestDigester(manifestRawBytes);
manifestRawBytes = null;
}
}
}
SignatureFileVerifier sfv = new SignatureFileVerifier(signerCache, manDig, uname, baos.toByteArray());
if (sfv.needSignatureFileBytes()) {
// see if we have already parsed an external .SF file
byte[] bytes = sigFileData.get(key);
if (bytes == null) {
// (uname, block);
if (debug != null) {
debug.println("adding pending block");
}
pendingBlocks.add(sfv);
return;
} else {
sfv.setSignatureFile(bytes);
}
}
sfv.process(sigFileSigners, manifestDigests);
} catch (IOException ioe) {
// e.g. sun.security.pkcs.ParsingException
if (debug != null)
debug.println("processEntry caught: " + ioe);
// ignore and treat as unsigned
} catch (SignatureException se) {
if (debug != null)
debug.println("processEntry caught: " + se);
// ignore and treat as unsigned
} catch (NoSuchAlgorithmException nsae) {
if (debug != null)
debug.println("processEntry caught: " + nsae);
// ignore and treat as unsigned
} catch (CertificateException ce) {
if (debug != null)
debug.println("processEntry caught: " + ce);
// ignore and treat as unsigned
}
}
}
Also used :
SignatureFileVerifier(sun.security.util.SignatureFileVerifier)
ManifestDigester(sun.security.util.ManifestDigester)
CertificateException(java.security.cert.CertificateException)
Aggregations
CertificateException (java.security.cert.CertificateException)1
ManifestDigester (sun.security.util.ManifestDigester)1
SignatureFileVerifier (sun.security.util.SignatureFileVerifier)1
