/**
* Load the policies from the specified file. Also checks that the policies are correctly signed.
*/
private static void loadPolicies(
File jarPathName, CryptoPermissions defaultPolicy, CryptoPermissions exemptPolicy)
throws Exception {
JarFile jf = new JarFile(jarPathName);
Enumeration<JarEntry> entries = jf.entries();
while (entries.hasMoreElements()) {
JarEntry je = entries.nextElement();
InputStream is = null;
try {
if (je.getName().startsWith("default_")) {
is = jf.getInputStream(je);
defaultPolicy.load(is);
} else if (je.getName().startsWith("exempt_")) {
is = jf.getInputStream(je);
exemptPolicy.load(is);
} else {
continue;
}
} finally {
if (is != null) {
is.close();
}
}
// Enforce the signer restraint, i.e. signer of JCE framework
// jar should also be the signer of the two jurisdiction policy
// jar files.
JarVerifier.verifyPolicySigned(je.getCertificates());
}
// Close and nullify the JarFile reference to help GC.
jf.close();
jf = null;
}
public Set<String> listResources(String subdir) {
try {
Set<String> result = new HashSet<String>();
if (resourceURL != null) {
String protocol = resourceURL.getProtocol();
if (protocol.equals("jar")) {
String resPath = resourceURL.getPath();
int pling = resPath.lastIndexOf("!");
URL jarURL = new URL(resPath.substring(0, pling));
String resDirInJar = resPath.substring(pling + 2);
String prefix = resDirInJar + subdir + "/";
// System.out.printf("BaseMod.listResources: looking for names starting with %s\n",
// prefix);
JarFile jar = new JarFile(new File(jarURL.toURI()));
Enumeration<JarEntry> entries = jar.entries();
while (entries.hasMoreElements()) {
String name = entries.nextElement().getName();
if (name.startsWith(prefix) && !name.endsWith("/") && !name.contains("/.")) {
// System.out.printf("BaseMod.listResources: name = %s\n", name);
result.add(name.substring(prefix.length()));
}
}
} else throw new RuntimeException("Resource URL protocol " + protocol + " not supported");
}
return result;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
private void index() throws IOException {
Enumeration entries = _jar.entries();
_nameToEntryMap = new HashMap();
_crcToEntryMap = new HashMap();
_entries = new ArrayList();
if (_debug) {
System.out.println("indexing: " + _jar.getName());
}
if (entries != null) {
while (entries.hasMoreElements()) {
JarEntry entry = (JarEntry) entries.nextElement();
long crc = entry.getCrc();
Long crcL = new Long(crc);
if (_debug) {
System.out.println("\t" + entry.getName() + " CRC " + crc);
}
_nameToEntryMap.put(entry.getName(), entry);
_entries.add(entry);
// generate the CRC to entries map
if (_crcToEntryMap.containsKey(crcL)) {
// key exist, add the entry to the correcponding
// linked list
// get the linked list
LinkedList ll = (LinkedList) _crcToEntryMap.get(crcL);
// put in the new entry
ll.add(entry);
// put it back in the hash map
_crcToEntryMap.put(crcL, ll);
} else {
// create a new entry in the hashmap for the new key
// first create the linked list and put in the new
// entry
LinkedList ll = new LinkedList();
ll.add(entry);
// create the new entry in the hashmap
_crcToEntryMap.put(crcL, ll);
}
}
}
}
void expand(File jar, File dir) throws IOException {
JarFile jarFile = new JarFile(jar);
try {
Enumeration<JarEntry> entries = jarFile.entries();
while (entries.hasMoreElements()) {
JarEntry je = entries.nextElement();
if (!je.isDirectory()) {
copy(jarFile.getInputStream(je), new File(dir, je.getName()));
}
}
} finally {
jarFile.close();
}
}
/**
* Enumerates the resouces in a give package name. This works even if the resources are loaded
* from a jar file!
*
* <p>Adapted from code by mikewse on the java.sun.com message boards.
* http://forum.java.sun.com/thread.jsp?forum=22&thread=30984
*
* @param packageName The package to enumerate
* @return A Set of Strings for each resouce in the package.
*/
public static Set getResoucesInPackage(String packageName) throws IOException {
String localPackageName;
if (packageName.endsWith("/")) {
localPackageName = packageName;
} else {
localPackageName = packageName + '/';
}
Enumeration dirEnum = ClassLoader.getSystemResources(localPackageName);
Set names = new HashSet();
// Loop CLASSPATH directories
while (dirEnum.hasMoreElements()) {
URL resUrl = (URL) dirEnum.nextElement();
// Pointing to filesystem directory
if (resUrl.getProtocol().equals("file")) {
File dir = new File(resUrl.getFile());
File[] files = dir.listFiles();
if (files != null) {
for (int i = 0; i < files.length; i++) {
File file = files[i];
if (file.isDirectory()) continue;
names.add(localPackageName + file.getName());
}
}
// Pointing to Jar file
} else if (resUrl.getProtocol().equals("jar")) {
JarURLConnection jconn = (JarURLConnection) resUrl.openConnection();
JarFile jfile = jconn.getJarFile();
Enumeration entryEnum = jfile.entries();
while (entryEnum.hasMoreElements()) {
JarEntry entry = (JarEntry) entryEnum.nextElement();
String entryName = entry.getName();
// Exclude our own directory
if (entryName.equals(localPackageName)) continue;
String parentDirName = entryName.substring(0, entryName.lastIndexOf('/') + 1);
if (!parentDirName.equals(localPackageName)) continue;
names.add(entryName);
}
} else {
// Invalid classpath entry
}
}
return names;
}
private static void completePackage(Set seenClasses, JarFile jar, String packageName) {
int len = packageName.length();
Enumeration entries = jar.entries();
while (entries.hasMoreElements()) {
JarEntry entry = (JarEntry) entries.nextElement();
String name = entry.getName();
if (name.startsWith(packageName) && name.endsWith(".class") && name.lastIndexOf('/') == len) {
// Trim ".class" from end
name = name.substring(0, name.length() - 6);
if (seenClasses.add(name)) {
System.out.println(name);
}
}
}
}
public String verify(JarFile jar, String... algorithms) throws IOException {
if (algorithms == null || algorithms.length == 0) algorithms = new String[] {"MD5", "SHA"};
else if (algorithms.length == 1 && algorithms[0].equals("-")) return null;
try {
Manifest m = jar.getManifest();
if (m.getEntries().isEmpty()) return "No name sections";
for (Enumeration<JarEntry> e = jar.entries(); e.hasMoreElements(); ) {
JarEntry je = e.nextElement();
if (MANIFEST_ENTRY.matcher(je.getName()).matches()) continue;
Attributes nameSection = m.getAttributes(je.getName());
if (nameSection == null) return "No name section for " + je.getName();
for (String algorithm : algorithms) {
try {
MessageDigest md = MessageDigest.getInstance(algorithm);
String expected = nameSection.getValue(algorithm + "-Digest");
if (expected != null) {
byte digest[] = Base64.decodeBase64(expected);
copy(jar.getInputStream(je), md);
if (!Arrays.equals(digest, md.digest()))
return "Invalid digest for "
+ je.getName()
+ ", "
+ expected
+ " != "
+ Base64.encodeBase64(md.digest());
} else reporter.error("could not find digest for " + algorithm + "-Digest");
} catch (NoSuchAlgorithmException nsae) {
return "Missing digest algorithm " + algorithm;
}
}
}
} catch (Exception e) {
return "Failed to verify due to exception: " + e.getMessage();
}
return null;
}
private Enumeration<String> unsignedEntryNames(JarFile jar) {
final Map map = signerMap();
final Enumeration entries = jar.entries();
return new Enumeration<String>() {
String name;
/*
* Grab entries from ZIP directory but screen out
* metadata.
*/
public boolean hasMoreElements() {
if (name != null) {
return true;
}
while (entries.hasMoreElements()) {
String value;
ZipEntry e = (ZipEntry) entries.nextElement();
value = e.getName();
if (e.isDirectory() || isSigningRelated(value)) {
continue;
}
if (map.get(value) == null) {
name = value;
return true;
}
}
return false;
}
public String nextElement() {
if (hasMoreElements()) {
String value = name;
name = null;
return value;
}
throw new NoSuchElementException();
}
};
}