Class JarInputStream
- All Implemented Interfaces:
Closeable
,AutoCloseable
JarInputStream
class, which extends ZipInputStream
,
is used to read the contents of a JAR file from an input stream.
It provides support for reading an optional
Manifest
entry. The Manifest
can be used to store
meta-information about the JAR file and its entries.
Unless otherwise noted, passing a null
argument to a constructor
or method in this class will cause a NullPointerException
to be
thrown.
Accessing the Manifest
The getManifest
method is used to return the
Manifest
from the entry META-INF/MANIFEST.MF
when it is the first entry
in the stream (or the second entry if the first entry in the stream is
META-INF/
and the second entry is META-INF/MANIFEST.MF
).
The getNextJarEntry()
and getNextEntry()
methods are
used to read JAR file entries from the stream. These methods skip over the
Manifest (META-INF/MANIFEST.MF
) when it is at the beginning of the
stream. In other words, these methods do not return an entry for the Manifest
when the Manifest is the first entry in the stream. If the first entry is
META-INF/
and the second entry is the Manifest then both are skipped
over by these methods. Whether these methods skip over the Manifest when it
appears later in the stream is not specified.
Signed JAR Files
AJarInputStream
verifies the signatures of entries in a
Signed JAR file
when:
-
The
Manifest
is the first entry in the stream (or the second entry if the first entry in the stream isMETA-INF/
and the second entry isMETA-INF/MANIFEST.MF
). -
All signature-related entries immediately follow the
Manifest
Once the JarEntry
has been completely verified, which is done by
reading until the end of the entry's input stream,
JarEntry.getCertificates()
may be called to obtain the certificates
for this entry and JarEntry.getCodeSigners()
may be called to obtain
the signers.
It is important to note that the verification process does not include validating
the signer's certificate. A caller should inspect the return value of
JarEntry.getCodeSigners()
to further determine if the signature
can be trusted.
- API Note:
- If a
JarEntry
is modified after the JAR file is signed, aSecurityException
will be thrown when the entry is read. - Since:
- 1.2
- See Also:
-
Field Summary
Modifier and TypeFieldDescriptionstatic final int
Central directory (CEN) header internal file attributes field offset.static final int
Central directory (CEN) header external file attributes field offset.static final int
Central directory (CEN) header comment length field offset.static final int
Central directory (CEN) header uncompressed file crc-32 value field offset.static final int
Central directory (CEN) header disk number start field offset.static final int
Central directory (CEN) header extra field length field offset.static final int
Central directory (CEN) header encrypt, decrypt flags field offset.static final int
Central directory (CEN) header size in bytes (including signature).static final int
Central directory (CEN) header compression method field offset.static final int
Central directory (CEN) header uncompressed size field offset.static final int
Central directory (CEN) header filename length field offset.static final int
Central directory (CEN) header LOC header offset field offset.static final long
Central directory (CEN) header signature.static final int
Central directory (CEN) header compressed size field offset.static final int
Central directory (CEN) header modification time field offset.static final int
Central directory (CEN) header version made by field offset.static final int
Central directory (CEN) header version needed to extract field offset.static final int
End of central directory (END) header ZIP file comment length field offset.static final int
End of central directory (END) header size in bytes (including signature).static final int
End of central directory (END) header offset for the first CEN header field offset.static final long
End of central directory (END) header signature.static final int
End of central directory (END) header central directory size in bytes field offset.static final int
End of central directory (END) header number of entries on this disk field offset.static final int
End of central directory (END) header total number of entries field offset.static final int
Extra local (EXT) header uncompressed file crc-32 value field offset.static final int
Extra local (EXT) header size in bytes (including signature).static final int
Extra local (EXT) header uncompressed size field offset.static final long
Extra local (EXT) header signature.static final int
Extra local (EXT) header compressed size field offset.static final int
Local file (LOC) header uncompressed file crc-32 value field offset.static final int
Local file (LOC) header extra field length field offset.static final int
Local file (LOC) header general purpose bit flag field offset.static final int
Local file (LOC) header size in bytes (including signature).static final int
Local file (LOC) header compression method field offset.static final int
Local file (LOC) header uncompressed size field offset.static final int
Local file (LOC) header filename length field offset.static final long
Local file (LOC) header signature.static final int
Local file (LOC) header compressed size field offset.static final int
Local file (LOC) header modification time field offset.static final int
Local file (LOC) header version needed to extract field offset.Fields inherited from class java.util.zip.InflaterInputStream
buf, inf, len
Fields inherited from class java.io.FilterInputStream
in
-
Constructor Summary
ConstructorDescriptionCreates a newJarInputStream
and reads the optional manifest.JarInputStream
(InputStream in, boolean verify) Creates a newJarInputStream
and reads the optional manifest. -
Method Summary
Modifier and TypeMethodDescriptionprotected ZipEntry
createZipEntry
(String name) Creates a newJarEntry
(ZipEntry
) for the specified JAR file entry name.Returns theManifest
for this JAR file when it is the first entry in the stream (or the second entry if the first entry in the stream isMETA-INF/
and the second entry isMETA-INF/MANIFEST.MF
), ornull
otherwise.Reads the next ZIP file entry and positions the stream at the beginning of the entry data.Reads the next JAR file entry and positions the stream at the beginning of the entry data.int
read
(byte[] b, int off, int len) Reads from the current JAR entry into an array of bytes, returning the number of inflated bytes.Methods inherited from class java.util.zip.ZipInputStream
available, close, closeEntry, read, readAllBytes, readNBytes, readNBytes, skip, skipNBytes, transferTo
Methods inherited from class java.util.zip.InflaterInputStream
fill, mark, markSupported, reset
Methods inherited from class java.io.FilterInputStream
read
Methods inherited from class java.io.InputStream
nullInputStream
-
Field Details
-
LOCSIG
static final long LOCSIGLocal file (LOC) header signature.- See Also:
-
EXTSIG
static final long EXTSIGExtra local (EXT) header signature.- See Also:
-
CENSIG
static final long CENSIGCentral directory (CEN) header signature.- See Also:
-
ENDSIG
static final long ENDSIGEnd of central directory (END) header signature.- See Also:
-
LOCHDR
static final int LOCHDRLocal file (LOC) header size in bytes (including signature).- See Also:
-
EXTHDR
static final int EXTHDRExtra local (EXT) header size in bytes (including signature).- See Also:
-
CENHDR
static final int CENHDRCentral directory (CEN) header size in bytes (including signature).- See Also:
-
ENDHDR
static final int ENDHDREnd of central directory (END) header size in bytes (including signature).- See Also:
-
LOCVER
static final int LOCVERLocal file (LOC) header version needed to extract field offset.- See Also:
-
LOCFLG
static final int LOCFLGLocal file (LOC) header general purpose bit flag field offset.- See Also:
-
LOCHOW
static final int LOCHOWLocal file (LOC) header compression method field offset.- See Also:
-
LOCTIM
static final int LOCTIMLocal file (LOC) header modification time field offset.- See Also:
-
LOCCRC
static final int LOCCRCLocal file (LOC) header uncompressed file crc-32 value field offset.- See Also:
-
LOCSIZ
static final int LOCSIZLocal file (LOC) header compressed size field offset.- See Also:
-
LOCLEN
static final int LOCLENLocal file (LOC) header uncompressed size field offset.- See Also:
-
LOCNAM
static final int LOCNAMLocal file (LOC) header filename length field offset.- See Also:
-
LOCEXT
static final int LOCEXTLocal file (LOC) header extra field length field offset.- See Also:
-
EXTCRC
static final int EXTCRCExtra local (EXT) header uncompressed file crc-32 value field offset.- See Also:
-
EXTSIZ
static final int EXTSIZExtra local (EXT) header compressed size field offset.- See Also:
-
EXTLEN
static final int EXTLENExtra local (EXT) header uncompressed size field offset.- See Also:
-
CENVEM
static final int CENVEMCentral directory (CEN) header version made by field offset.- See Also:
-
CENVER
static final int CENVERCentral directory (CEN) header version needed to extract field offset.- See Also:
-
CENFLG
static final int CENFLGCentral directory (CEN) header encrypt, decrypt flags field offset.- See Also:
-
CENHOW
static final int CENHOWCentral directory (CEN) header compression method field offset.- See Also:
-
CENTIM
static final int CENTIMCentral directory (CEN) header modification time field offset.- See Also:
-
CENCRC
static final int CENCRCCentral directory (CEN) header uncompressed file crc-32 value field offset.- See Also:
-
CENSIZ
static final int CENSIZCentral directory (CEN) header compressed size field offset.- See Also:
-
CENLEN
static final int CENLENCentral directory (CEN) header uncompressed size field offset.- See Also:
-
CENNAM
static final int CENNAMCentral directory (CEN) header filename length field offset.- See Also:
-
CENEXT
static final int CENEXTCentral directory (CEN) header extra field length field offset.- See Also:
-
CENCOM
static final int CENCOMCentral directory (CEN) header comment length field offset.- See Also:
-
CENDSK
static final int CENDSKCentral directory (CEN) header disk number start field offset.- See Also:
-
CENATT
static final int CENATTCentral directory (CEN) header internal file attributes field offset.- See Also:
-
CENATX
static final int CENATXCentral directory (CEN) header external file attributes field offset.- See Also:
-
CENOFF
static final int CENOFFCentral directory (CEN) header LOC header offset field offset.- See Also:
-
ENDSUB
static final int ENDSUBEnd of central directory (END) header number of entries on this disk field offset.- See Also:
-
ENDTOT
static final int ENDTOTEnd of central directory (END) header total number of entries field offset.- See Also:
-
ENDSIZ
static final int ENDSIZEnd of central directory (END) header central directory size in bytes field offset.- See Also:
-
ENDOFF
static final int ENDOFFEnd of central directory (END) header offset for the first CEN header field offset.- See Also:
-
ENDCOM
static final int ENDCOMEnd of central directory (END) header ZIP file comment length field offset.- See Also:
-
-
Constructor Details
-
JarInputStream
Creates a newJarInputStream
and reads the optional manifest. If a manifest is present, also attempts to verify the signatures if the JarInputStream is signed.- Parameters:
in
- the actual input stream- Throws:
IOException
- if an I/O error has occurred
-
JarInputStream
Creates a newJarInputStream
and reads the optional manifest. If a manifest is present and verify is true, also attempts to verify the signatures if the JarInputStream is signed.- Parameters:
in
- the actual input streamverify
- whether or not to verify the JarInputStream if it is signed.- Throws:
IOException
- if an I/O error has occurred
-
-
Method Details
-
getManifest
Returns theManifest
for this JAR file when it is the first entry in the stream (or the second entry if the first entry in the stream isMETA-INF/
and the second entry isMETA-INF/MANIFEST.MF
), ornull
otherwise.- Returns:
- the
Manifest
for this JAR file, ornull
otherwise.
-
getNextEntry
Reads the next ZIP file entry and positions the stream at the beginning of the entry data. If verification has been enabled, any invalid signature detected while positioning the stream for the next entry will result in an exception.- Overrides:
getNextEntry
in classZipInputStream
- Returns:
- the next ZIP file entry, or null if there are no more entries
- Throws:
ZipException
- if a ZIP file error has occurredIOException
- if an I/O error has occurredSecurityException
- if any of the jar file entries are incorrectly signed.
-
getNextJarEntry
Reads the next JAR file entry and positions the stream at the beginning of the entry data. If verification has been enabled, any invalid signature detected while positioning the stream for the next entry will result in an exception.- Returns:
- the next JAR file entry, or null if there are no more entries
- Throws:
ZipException
- if a ZIP file error has occurredIOException
- if an I/O error has occurredSecurityException
- if any of the jar file entries are incorrectly signed.
-
read
Reads from the current JAR entry into an array of bytes, returning the number of inflated bytes. Iflen
is not zero, the method blocks until some input is available; otherwise, no bytes are read and0
is returned.If the current entry is compressed and this method returns a nonzero integer n then
buf[off]
throughbuf[off+
n-1]
contain the uncompressed data. The content of elementsbuf[off+
n]
throughbuf[off+
len-1]
is undefined, contrary to the specification of theInputStream
superclass, so an implementation is free to modify these elements during the inflate operation. If this method returns-1
or throws an exception then the content ofbuf[off]
throughbuf[off+
len-1]
is undefined.If verification has been enabled, any invalid signature on the current entry will be reported at some point before the end of the entry is reached.
- Overrides:
read
in classZipInputStream
- Parameters:
b
- the buffer into which the data is readoff
- the start offset in the destination arrayb
len
- the maximum number of bytes to read- Returns:
- the actual number of bytes read, or -1 if the end of the entry is reached
- Throws:
IndexOutOfBoundsException
- Ifoff
is negative,len
is negative, orlen
is greater thanb.length - off
ZipException
- if a ZIP file error has occurredIOException
- if an I/O error has occurredSecurityException
- if any of the jar file entries are incorrectly signed.- See Also:
-
createZipEntry
Creates a newJarEntry
(ZipEntry
) for the specified JAR file entry name. The manifest attributes of the specified JAR file entry name will be copied to the newJarEntry
.- Overrides:
createZipEntry
in classZipInputStream
- Parameters:
name
- the name of the JAR/ZIP file entry- Returns:
- the
JarEntry
object just created
-