1 /*
   2  * Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package java.util.jar;
  27 
  28 import jdk.internal.access.SharedSecrets;
  29 import jdk.internal.access.JavaUtilZipFileAccess;
  30 import sun.security.action.GetPropertyAction;
  31 import sun.security.util.ManifestEntryVerifier;
  32 import sun.security.util.SignatureFileVerifier;
  33 
  34 import java.io.ByteArrayInputStream;
  35 import java.io.EOFException;
  36 import java.io.File;
  37 import java.io.IOException;
  38 import java.io.InputStream;
  39 import java.lang.ref.SoftReference;
  40 import java.net.URL;
  41 import java.security.CodeSigner;
  42 import java.security.CodeSource;
  43 import java.security.cert.Certificate;
  44 import java.util.ArrayList;
  45 import java.util.Collections;
  46 import java.util.Enumeration;
  47 import java.util.List;
  48 import java.util.Locale;
  49 import java.util.NoSuchElementException;
  50 import java.util.Objects;
  51 import java.util.function.Function;
  52 import java.util.stream.Stream;
  53 import java.util.zip.ZipEntry;
  54 import java.util.zip.ZipException;
  55 import java.util.zip.ZipFile;
  56 
  57 /**
  58  * The {@code JarFile} class is used to read the contents of a jar file
  59  * from any file that can be opened with {@code java.io.RandomAccessFile}.
  60  * It extends the class {@code java.util.zip.ZipFile} with support
  61  * for reading an optional {@code Manifest} entry, and support for
  62  * processing multi-release jar files.  The {@code Manifest} can be used
  63  * to specify meta-information about the jar file and its entries.
  64  *
  65  * <p><a id="multirelease">A multi-release jar file</a> is a jar file that
  66  * contains a manifest with a main attribute named "Multi-Release",
  67  * a set of "base" entries, some of which are public classes with public
  68  * or protected methods that comprise the public interface of the jar file,
  69  * and a set of "versioned" entries contained in subdirectories of the
  70  * "META-INF/versions" directory.  The versioned entries are partitioned by the
  71  * major version of the Java platform.  A versioned entry, with a version
  72  * {@code n}, {@code 8 < n}, in the "META-INF/versions/{n}" directory overrides
  73  * the base entry as well as any entry with a version number {@code i} where
  74  * {@code 8 < i < n}.
  75  *
  76  * <p>By default, a {@code JarFile} for a multi-release jar file is configured
  77  * to process the multi-release jar file as if it were a plain (unversioned) jar
  78  * file, and as such an entry name is associated with at most one base entry.
  79  * The {@code JarFile} may be configured to process a multi-release jar file by
  80  * creating the {@code JarFile} with the
  81  * {@link JarFile#JarFile(File, boolean, int, Runtime.Version)} constructor.  The
  82  * {@code Runtime.Version} object sets a maximum version used when searching for
  83  * versioned entries.  When so configured, an entry name
  84  * can correspond with at most one base entry and zero or more versioned
  85  * entries. A search is required to associate the entry name with the latest
  86  * versioned entry whose version is less than or equal to the maximum version
  87  * (see {@link #getEntry(String)}).
  88  *
  89  * <p>Class loaders that utilize {@code JarFile} to load classes from the
  90  * contents of {@code JarFile} entries should construct the {@code JarFile}
  91  * by invoking the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
  92  * constructor with the value {@code Runtime.version()} assigned to the last
  93  * argument.  This assures that classes compatible with the major
  94  * version of the running JVM are loaded from multi-release jar files.
  95  *
  96  * <p> If the {@code verify} flag is on when opening a signed jar file, the content
  97  * of the jar entry is verified against the signature embedded inside the manifest
  98  * that is associated with its {@link JarEntry#getRealName() path name}. For a
  99  * multi-release jar file, the content of a versioned entry is verfieid against
 100  * its own signature and {@link JarEntry#getCodeSigners()} returns its own signers.
 101  *
 102  * Please note that the verification process does not include validating the
 103  * signer's certificate. A caller should inspect the return value of
 104  * {@link JarEntry#getCodeSigners()} to further determine if the signature
 105  * can be trusted.
 106  *
 107  * <p> Unless otherwise noted, passing a {@code null} argument to a constructor
 108  * or method in this class will cause a {@link NullPointerException} to be
 109  * thrown.
 110  *
 111  * @implNote
 112  * <div class="block">
 113  * If the API can not be used to configure a {@code JarFile} (e.g. to override
 114  * the configuration of a compiled application or library), two {@code System}
 115  * properties are available.
 116  * <ul>
 117  * <li>
 118  * {@code jdk.util.jar.version} can be assigned a value that is the
 119  * {@code String} representation of a non-negative integer
 120  * {@code <= Runtime.version().feature()}.  The value is used to set the effective
 121  * runtime version to something other than the default value obtained by
 122  * evaluating {@code Runtime.version().feature()}. The effective runtime version
 123  * is the version that the {@link JarFile#JarFile(File, boolean, int, Runtime.Version)}
 124  * constructor uses when the value of the last argument is
 125  * {@code JarFile.runtimeVersion()}.
 126  * </li>
 127  * <li>
 128  * {@code jdk.util.jar.enableMultiRelease} can be assigned one of the three
 129  * {@code String} values <em>true</em>, <em>false</em>, or <em>force</em>.  The
 130  * value <em>true</em>, the default value, enables multi-release jar file
 131  * processing.  The value <em>false</em> disables multi-release jar processing,
 132  * ignoring the "Multi-Release" manifest attribute, and the versioned
 133  * directories in a multi-release jar file if they exist.  Furthermore,
 134  * the method {@link JarFile#isMultiRelease()} returns <em>false</em>. The value
 135  * <em>force</em> causes the {@code JarFile} to be initialized to runtime
 136  * versioning after construction.  It effectively does the same as this code:
 137  * {@code (new JarFile(File, boolean, int, JarFile.runtimeVersion())}.
 138  * </li>
 139  * </ul>
 140  * </div>
 141  *
 142  * @author  David Connelly
 143  * @see     Manifest
 144  * @see     java.util.zip.ZipFile
 145  * @see     java.util.jar.JarEntry
 146  * @since   1.2
 147  */
 148 public class JarFile extends ZipFile {
 149     private static final Runtime.Version BASE_VERSION;
 150     private static final int BASE_VERSION_FEATURE;
 151     private static final Runtime.Version RUNTIME_VERSION;
 152     private static final boolean MULTI_RELEASE_ENABLED;
 153     private static final boolean MULTI_RELEASE_FORCED;
 154     private static final ThreadLocal<Boolean> isInitializing = new ThreadLocal<>();
 155 
 156     private SoftReference<Manifest> manRef;
 157     private JarEntry manEntry;
 158     private JarVerifier jv;
 159     private boolean jvInitialized;
 160     private boolean verify;
 161     private final Runtime.Version version;  // current version
 162     private final int versionFeature;       // version.feature()
 163     private boolean isMultiRelease;         // is jar multi-release?
 164 
 165     // indicates if Class-Path attribute present
 166     private boolean hasClassPathAttribute;
 167     // true if manifest checked for special attributes
 168     private volatile boolean hasCheckedSpecialAttributes;
 169 
 170     private static final JavaUtilZipFileAccess JUZFA;
 171 
 172     static {
 173         // Set up JavaUtilJarAccess in SharedSecrets
 174         SharedSecrets.setJavaUtilJarAccess(new JavaUtilJarAccessImpl());
 175         // Get JavaUtilZipFileAccess from SharedSecrets
 176         JUZFA = SharedSecrets.getJavaUtilZipFileAccess();
 177         // multi-release jar file versions >= 9
 178         BASE_VERSION = Runtime.Version.parse(Integer.toString(8));
 179         BASE_VERSION_FEATURE = BASE_VERSION.feature();
 180         String jarVersion = GetPropertyAction.privilegedGetProperty("jdk.util.jar.version");
 181         int runtimeVersion = Runtime.version().feature();
 182         if (jarVersion != null) {
 183             int jarVer = Integer.parseInt(jarVersion);
 184             runtimeVersion = (jarVer > runtimeVersion)
 185                     ? runtimeVersion
 186                     : Math.max(jarVer, BASE_VERSION_FEATURE);
 187         }
 188         RUNTIME_VERSION = Runtime.Version.parse(Integer.toString(runtimeVersion));
 189         String enableMultiRelease = GetPropertyAction
 190                 .privilegedGetProperty("jdk.util.jar.enableMultiRelease", "true");
 191         switch (enableMultiRelease) {
 192             case "true":
 193             default:
 194                 MULTI_RELEASE_ENABLED = true;
 195                 MULTI_RELEASE_FORCED = false;
 196                 break;
 197             case "false":
 198                 MULTI_RELEASE_ENABLED = false;
 199                 MULTI_RELEASE_FORCED = false;
 200                 break;
 201             case "force":
 202                 MULTI_RELEASE_ENABLED = true;
 203                 MULTI_RELEASE_FORCED = true;
 204                 break;
 205         }
 206     }
 207 
 208     private static final String META_INF = "META-INF/";
 209 
 210     private static final String META_INF_VERSIONS = META_INF + "versions/";
 211 
 212     /**
 213      * The JAR manifest file name.
 214      */
 215     public static final String MANIFEST_NAME = META_INF + "MANIFEST.MF";
 216 
 217     /**
 218      * Returns the version that represents the unversioned configuration of a
 219      * multi-release jar file.
 220      *
 221      * @return the version that represents the unversioned configuration
 222      *
 223      * @since 9
 224      */
 225     public static Runtime.Version baseVersion() {
 226         return BASE_VERSION;
 227     }
 228 
 229     /**
 230      * Returns the version that represents the effective runtime versioned
 231      * configuration of a multi-release jar file.
 232      * <p>
 233      * By default the feature version number of the returned {@code Version} will
 234      * be equal to the feature version number of {@code Runtime.version()}.
 235      * However, if the {@code jdk.util.jar.version} property is set, the
 236      * returned {@code Version} is derived from that property and feature version
 237      * numbers may not be equal.
 238      *
 239      * @return the version that represents the runtime versioned configuration
 240      *
 241      * @since 9
 242      */
 243     public static Runtime.Version runtimeVersion() {
 244         return RUNTIME_VERSION;
 245     }
 246 
 247     /**
 248      * Creates a new {@code JarFile} to read from the specified
 249      * file {@code name}. The {@code JarFile} will be verified if
 250      * it is signed.
 251      * @param name the name of the jar file to be opened for reading
 252      * @throws IOException if an I/O error has occurred
 253      * @throws SecurityException if access to the file is denied
 254      *         by the SecurityManager
 255      */
 256     public JarFile(String name) throws IOException {
 257         this(new File(name), true, ZipFile.OPEN_READ);
 258     }
 259 
 260     /**
 261      * Creates a new {@code JarFile} to read from the specified
 262      * file {@code name}.
 263      * @param name the name of the jar file to be opened for reading
 264      * @param verify whether or not to verify the jar file if
 265      * it is signed.
 266      * @throws IOException if an I/O error has occurred
 267      * @throws SecurityException if access to the file is denied
 268      *         by the SecurityManager
 269      */
 270     public JarFile(String name, boolean verify) throws IOException {
 271         this(new File(name), verify, ZipFile.OPEN_READ);
 272     }
 273 
 274     /**
 275      * Creates a new {@code JarFile} to read from the specified
 276      * {@code File} object. The {@code JarFile} will be verified if
 277      * it is signed.
 278      * @param file the jar file to be opened for reading
 279      * @throws IOException if an I/O error has occurred
 280      * @throws SecurityException if access to the file is denied
 281      *         by the SecurityManager
 282      */
 283     public JarFile(File file) throws IOException {
 284         this(file, true, ZipFile.OPEN_READ);
 285     }
 286 
 287     /**
 288      * Creates a new {@code JarFile} to read from the specified
 289      * {@code File} object.
 290      * @param file the jar file to be opened for reading
 291      * @param verify whether or not to verify the jar file if
 292      * it is signed.
 293      * @throws IOException if an I/O error has occurred
 294      * @throws SecurityException if access to the file is denied
 295      *         by the SecurityManager.
 296      */
 297     public JarFile(File file, boolean verify) throws IOException {
 298         this(file, verify, ZipFile.OPEN_READ);
 299     }
 300 
 301     /**
 302      * Creates a new {@code JarFile} to read from the specified
 303      * {@code File} object in the specified mode.  The mode argument
 304      * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
 305      *
 306      * @param file the jar file to be opened for reading
 307      * @param verify whether or not to verify the jar file if
 308      * it is signed.
 309      * @param mode the mode in which the file is to be opened
 310      * @throws IOException if an I/O error has occurred
 311      * @throws IllegalArgumentException
 312      *         if the {@code mode} argument is invalid
 313      * @throws SecurityException if access to the file is denied
 314      *         by the SecurityManager
 315      * @since 1.3
 316      */
 317     public JarFile(File file, boolean verify, int mode) throws IOException {
 318         this(file, verify, mode, BASE_VERSION);
 319     }
 320 
 321     /**
 322      * Creates a new {@code JarFile} to read from the specified
 323      * {@code File} object in the specified mode.  The mode argument
 324      * must be either {@code OPEN_READ} or {@code OPEN_READ | OPEN_DELETE}.
 325      * The version argument, after being converted to a canonical form, is
 326      * used to configure the {@code JarFile} for processing
 327      * multi-release jar files.
 328      * <p>
 329      * The canonical form derived from the version parameter is
 330      * {@code Runtime.Version.parse(Integer.toString(n))} where {@code n} is
 331      * {@code Math.max(version.feature(), JarFile.baseVersion().feature())}.
 332      *
 333      * @param file the jar file to be opened for reading
 334      * @param verify whether or not to verify the jar file if
 335      * it is signed.
 336      * @param mode the mode in which the file is to be opened
 337      * @param version specifies the release version for a multi-release jar file
 338      * @throws IOException if an I/O error has occurred
 339      * @throws IllegalArgumentException
 340      *         if the {@code mode} argument is invalid
 341      * @throws SecurityException if access to the file is denied
 342      *         by the SecurityManager
 343      * @throws NullPointerException if {@code version} is {@code null}
 344      * @since 9
 345      */
 346     public JarFile(File file, boolean verify, int mode, Runtime.Version version) throws IOException {
 347         super(file, mode);
 348         this.verify = verify;
 349         Objects.requireNonNull(version);
 350         if (MULTI_RELEASE_FORCED || version.feature() == RUNTIME_VERSION.feature()) {
 351             // This deals with the common case where the value from JarFile.runtimeVersion() is passed
 352             this.version = RUNTIME_VERSION;
 353         } else if (version.feature() <= BASE_VERSION_FEATURE) {
 354             // This also deals with the common case where the value from JarFile.baseVersion() is passed
 355             this.version = BASE_VERSION;
 356         } else {
 357             // Canonicalize
 358             this.version = Runtime.Version.parse(Integer.toString(version.feature()));
 359         }
 360         this.versionFeature = this.version.feature();
 361     }
 362 
 363     /**
 364      * Returns the maximum version used when searching for versioned entries.
 365      * <p>
 366      * If this {@code JarFile} is not a multi-release jar file or is not
 367      * configured to be processed as such, then the version returned will be the
 368      * same as that returned from {@link #baseVersion()}.
 369      *
 370      * @return the maximum version
 371      * @since 9
 372      */
 373     public final Runtime.Version getVersion() {
 374         return isMultiRelease() ? this.version : BASE_VERSION;
 375     }
 376 
 377     /**
 378      * Indicates whether or not this jar file is a multi-release jar file.
 379      *
 380      * @return true if this JarFile is a multi-release jar file
 381      * @since 9
 382      */
 383     public final boolean isMultiRelease() {
 384         if (isMultiRelease) {
 385             return true;
 386         }
 387         if (MULTI_RELEASE_ENABLED) {
 388             try {
 389                 checkForSpecialAttributes();
 390             } catch (IOException io) {
 391                 isMultiRelease = false;
 392             }
 393         }
 394         return isMultiRelease;
 395     }
 396 
 397     /**
 398      * Returns the jar file manifest, or {@code null} if none.
 399      *
 400      * @return the jar file manifest, or {@code null} if none
 401      *
 402      * @throws IllegalStateException
 403      *         may be thrown if the jar file has been closed
 404      * @throws IOException  if an I/O error has occurred
 405      */
 406     public Manifest getManifest() throws IOException {
 407         return getManifestFromReference();
 408     }
 409 
 410     private Manifest getManifestFromReference() throws IOException {
 411         Manifest man = manRef != null ? manRef.get() : null;
 412 
 413         if (man == null) {
 414 
 415             JarEntry manEntry = getManEntry();
 416 
 417             // If found then load the manifest
 418             if (manEntry != null) {
 419                 if (verify) {
 420                     byte[] b = getBytes(manEntry);
 421                     if (!jvInitialized) {
 422                         jv = new JarVerifier(b);
 423                     }
 424                     man = new Manifest(jv, new ByteArrayInputStream(b), getName());
 425                 } else {
 426                     man = new Manifest(super.getInputStream(manEntry), getName());
 427                 }
 428                 manRef = new SoftReference<>(man);
 429             }
 430         }
 431         return man;
 432     }
 433 
 434     /**
 435      * Returns the {@code JarEntry} for the given base entry name or
 436      * {@code null} if not found.
 437      *
 438      * <p>If this {@code JarFile} is a multi-release jar file and is configured
 439      * to be processed as such, then a search is performed to find and return
 440      * a {@code JarEntry} that is the latest versioned entry associated with the
 441      * given entry name.  The returned {@code JarEntry} is the versioned entry
 442      * corresponding to the given base entry name prefixed with the string
 443      * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
 444      * which an entry exists.  If such a versioned entry does not exist, then
 445      * the {@code JarEntry} for the base entry is returned, otherwise
 446      * {@code null} is returned if no entries are found.  The initial value for
 447      * the version {@code n} is the maximum version as returned by the method
 448      * {@link JarFile#getVersion()}.
 449      *
 450      * @param name the jar file entry name
 451      * @return the {@code JarEntry} for the given entry name, or
 452      *         the versioned entry name, or {@code null} if not found
 453      *
 454      * @throws IllegalStateException
 455      *         may be thrown if the jar file has been closed
 456      *
 457      * @see java.util.jar.JarEntry
 458      *
 459      * @implSpec
 460      * <div class="block">
 461      * This implementation invokes {@link JarFile#getEntry(String)}.
 462      * </div>
 463      */
 464     public JarEntry getJarEntry(String name) {
 465         return (JarEntry)getEntry(name);
 466     }
 467 
 468     /**
 469      * Returns the {@code ZipEntry} for the given base entry name or
 470      * {@code null} if not found.
 471      *
 472      * <p>If this {@code JarFile} is a multi-release jar file and is configured
 473      * to be processed as such, then a search is performed to find and return
 474      * a {@code ZipEntry} that is the latest versioned entry associated with the
 475      * given entry name.  The returned {@code ZipEntry} is the versioned entry
 476      * corresponding to the given base entry name prefixed with the string
 477      * {@code "META-INF/versions/{n}/"}, for the largest value of {@code n} for
 478      * which an entry exists.  If such a versioned entry does not exist, then
 479      * the {@code ZipEntry} for the base entry is returned, otherwise
 480      * {@code null} is returned if no entries are found.  The initial value for
 481      * the version {@code n} is the maximum version as returned by the method
 482      * {@link JarFile#getVersion()}.
 483      *
 484      * @param name the jar file entry name
 485      * @return the {@code ZipEntry} for the given entry name or
 486      *         the versioned entry name or {@code null} if not found
 487      *
 488      * @throws IllegalStateException
 489      *         may be thrown if the jar file has been closed
 490      *
 491      * @see java.util.zip.ZipEntry
 492      *
 493      * @implSpec
 494      * <div class="block">
 495      * This implementation may return a versioned entry for the requested name
 496      * even if there is not a corresponding base entry.  This can occur
 497      * if there is a private or package-private versioned entry that matches.
 498      * If a subclass overrides this method, assure that the override method
 499      * invokes {@code super.getEntry(name)} to obtain all versioned entries.
 500      * </div>
 501      */
 502     public ZipEntry getEntry(String name) {
 503         if (isMultiRelease()) {
 504             JarEntry je = getVersionedEntry(name, null);
 505             if (je == null) {
 506                 je = getEntry0(name);
 507             }
 508             return je;
 509         } else {
 510             return getEntry0(name);
 511         }
 512     }
 513 
 514     /**
 515      * Returns an enumeration of the jar file entries.
 516      *
 517      * @return an enumeration of the jar file entries
 518      * @throws IllegalStateException
 519      *         may be thrown if the jar file has been closed
 520      */
 521     public Enumeration<JarEntry> entries() {
 522         return JUZFA.entries(this, JarFileEntry::new);
 523     }
 524 
 525     /**
 526      * Returns an ordered {@code Stream} over the jar file entries.
 527      * Entries appear in the {@code Stream} in the order they appear in
 528      * the central directory of the jar file.
 529      *
 530      * @return an ordered {@code Stream} of entries in this jar file
 531      * @throws IllegalStateException if the jar file has been closed
 532      * @since 1.8
 533      */
 534     public Stream<JarEntry> stream() {
 535         return JUZFA.stream(this, JarFileEntry::new);
 536     }
 537 
 538     /**
 539      * Returns a {@code Stream} of the versioned jar file entries.
 540      *
 541      * <p>If this {@code JarFile} is a multi-release jar file and is configured to
 542      * be processed as such, then an entry in the stream is the latest versioned entry
 543      * associated with the corresponding base entry name. The maximum version of the
 544      * latest versioned entry is the version returned by {@link #getVersion()}.
 545      * The returned stream may include an entry that only exists as a versioned entry.
 546      *
 547      * If the jar file is not a multi-release jar file or the {@code JarFile} is not
 548      * configured for processing a multi-release jar file, this method returns the
 549      * same stream that {@link #stream()} returns.
 550      *
 551      * @return stream of versioned entries
 552      * @since 10
 553      */
 554     public Stream<JarEntry> versionedStream() {
 555 
 556         if (isMultiRelease()) {
 557             return JUZFA.entryNameStream(this).map(this::getBasename)
 558                                               .filter(Objects::nonNull)
 559                                               .distinct()
 560                                               .map(this::getJarEntry)
 561                                               .filter(Objects::nonNull);
 562         }
 563         return stream();
 564     }
 565 
 566     /*
 567      * Invokes {@ZipFile}'s getEntry to Return a {@code JarFileEntry} for the
 568      * given entry name or {@code null} if not found.
 569      */
 570     private JarFileEntry getEntry0(String name) {
 571         // Not using a lambda/method reference here to optimize startup time
 572         Function<String, JarEntry> newJarFileEntryFn = new Function<>() {
 573             @Override
 574             public JarEntry apply(String name) {
 575                 return new JarFileEntry(name);
 576             }
 577         };
 578         return (JarFileEntry)JUZFA.getEntry(this, name, newJarFileEntryFn);
 579     }
 580 
 581     private String getBasename(String name) {
 582         if (name.startsWith(META_INF_VERSIONS)) {
 583             int off = META_INF_VERSIONS.length();
 584             int index = name.indexOf('/', off);
 585             try {
 586                 // filter out dir META-INF/versions/ and META-INF/versions/*/
 587                 // and any entry with version > 'version'
 588                 if (index == -1 || index == (name.length() - 1) ||
 589                     Integer.parseInt(name, off, index, 10) > versionFeature) {
 590                     return null;
 591                 }
 592             } catch (NumberFormatException x) {
 593                 return null; // remove malformed entries silently
 594             }
 595             // map to its base name
 596             return name.substring(index + 1);
 597         }
 598         return name;
 599     }
 600 
 601     private JarEntry getVersionedEntry(String name, JarEntry defaultEntry) {
 602         if (!name.startsWith(META_INF)) {
 603             int[] versions = JUZFA.getMetaInfVersions(this);
 604             if (BASE_VERSION_FEATURE < versionFeature && versions.length > 0) {
 605                 // search for versioned entry
 606                 for (int i = versions.length - 1; i >= 0; i--) {
 607                     int version = versions[i];
 608                     // skip versions above versionFeature
 609                     if (version > versionFeature) {
 610                         continue;
 611                     }
 612                     // skip versions below base version
 613                     if (version < BASE_VERSION_FEATURE) {
 614                         break;
 615                     }
 616                     JarFileEntry vje = getEntry0(META_INF_VERSIONS + version + "/" + name);
 617                     if (vje != null) {
 618                         return vje.withBasename(name);
 619                     }
 620                 }
 621             }
 622         }
 623         return defaultEntry;
 624     }
 625 
 626     // placeholder for now
 627     String getRealName(JarEntry entry) {
 628         return entry.getRealName();
 629     }
 630 
 631     private class JarFileEntry extends JarEntry {
 632         private String basename;
 633 
 634         JarFileEntry(String name) {
 635             super(name);
 636             this.basename = name;
 637         }
 638 
 639         JarFileEntry(String name, ZipEntry vze) {
 640             super(vze);
 641             this.basename = name;
 642         }
 643 
 644         @Override
 645         public Attributes getAttributes() throws IOException {
 646             Manifest man = JarFile.this.getManifest();
 647             if (man != null) {
 648                 return man.getAttributes(super.getName());
 649             } else {
 650                 return null;
 651             }
 652         }
 653 
 654         @Override
 655         public Certificate[] getCertificates() {
 656             try {
 657                 maybeInstantiateVerifier();
 658             } catch (IOException e) {
 659                 throw new RuntimeException(e);
 660             }
 661             if (certs == null && jv != null) {
 662                 certs = jv.getCerts(JarFile.this, realEntry());
 663             }
 664             return certs == null ? null : certs.clone();
 665         }
 666 
 667         @Override
 668         public CodeSigner[] getCodeSigners() {
 669             try {
 670                 maybeInstantiateVerifier();
 671             } catch (IOException e) {
 672                 throw new RuntimeException(e);
 673             }
 674             if (signers == null && jv != null) {
 675                 signers = jv.getCodeSigners(JarFile.this, realEntry());
 676             }
 677             return signers == null ? null : signers.clone();
 678         }
 679 
 680         @Override
 681         public String getRealName() {
 682             return super.getName();
 683         }
 684 
 685         @Override
 686         public String getName() {
 687             return basename;
 688         }
 689 
 690         JarFileEntry realEntry() {
 691             if (isMultiRelease() && versionFeature != BASE_VERSION_FEATURE) {
 692                 String entryName = super.getName();
 693                 return entryName == basename || entryName.equals(basename) ?
 694                         this : new JarFileEntry(entryName, this);
 695             }
 696             return this;
 697         }
 698 
 699         // changes the basename, returns "this"
 700         JarFileEntry withBasename(String name) {
 701             basename = name;
 702             return this;
 703         }
 704     }
 705 
 706     /*
 707      * Ensures that the JarVerifier has been created if one is
 708      * necessary (i.e., the jar appears to be signed.) This is done as
 709      * a quick check to avoid processing of the manifest for unsigned
 710      * jars.
 711      */
 712     private void maybeInstantiateVerifier() throws IOException {
 713         if (jv != null) {
 714             return;
 715         }
 716 
 717         if (verify) {
 718             String[] names = JUZFA.getMetaInfEntryNames(this);
 719             if (names != null) {
 720                 for (String nameLower : names) {
 721                     String name = nameLower.toUpperCase(Locale.ENGLISH);
 722                     if (name.endsWith(".DSA") ||
 723                         name.endsWith(".RSA") ||
 724                         name.endsWith(".EC") ||
 725                         name.endsWith(".SF")) {
 726                         // Assume since we found a signature-related file
 727                         // that the jar is signed and that we therefore
 728                         // need a JarVerifier and Manifest
 729                         getManifest();
 730                         return;
 731                     }
 732                 }
 733             }
 734             // No signature-related files; don't instantiate a
 735             // verifier
 736             verify = false;
 737         }
 738     }
 739 
 740     /*
 741      * Initializes the verifier object by reading all the manifest
 742      * entries and passing them to the verifier.
 743      */
 744     private void initializeVerifier() {
 745         ManifestEntryVerifier mev = null;
 746 
 747         // Verify "META-INF/" entries...
 748         try {
 749             String[] names = JUZFA.getMetaInfEntryNames(this);
 750             if (names != null) {
 751                 for (String name : names) {
 752                     String uname = name.toUpperCase(Locale.ENGLISH);
 753                     if (MANIFEST_NAME.equals(uname)
 754                             || SignatureFileVerifier.isBlockOrSF(uname)) {
 755                         JarEntry e = getJarEntry(name);
 756                         if (e == null) {
 757                             throw new JarException("corrupted jar file");
 758                         }
 759                         if (mev == null) {
 760                             mev = new ManifestEntryVerifier
 761                                 (getManifestFromReference());
 762                         }
 763                         byte[] b = getBytes(e);
 764                         if (b != null && b.length > 0) {
 765                             jv.beginEntry(e, mev);
 766                             jv.update(b.length, b, 0, b.length, mev);
 767                             jv.update(-1, null, 0, 0, mev);
 768                         }
 769                     }
 770                 }
 771             }
 772         } catch (IOException ex) {
 773             // if we had an error parsing any blocks, just
 774             // treat the jar file as being unsigned
 775             jv = null;
 776             verify = false;
 777             if (JarVerifier.debug != null) {
 778                 JarVerifier.debug.println("jarfile parsing error!");
 779                 ex.printStackTrace();
 780             }
 781         }
 782 
 783         // if after initializing the verifier we have nothing
 784         // signed, we null it out.
 785 
 786         if (jv != null) {
 787 
 788             jv.doneWithMeta();
 789             if (JarVerifier.debug != null) {
 790                 JarVerifier.debug.println("done with meta!");
 791             }
 792 
 793             if (jv.nothingToVerify()) {
 794                 if (JarVerifier.debug != null) {
 795                     JarVerifier.debug.println("nothing to verify!");
 796                 }
 797                 jv = null;
 798                 verify = false;
 799             }
 800         }
 801     }
 802 
 803     /*
 804      * Reads all the bytes for a given entry. Used to process the
 805      * META-INF files.
 806      */
 807     private byte[] getBytes(ZipEntry ze) throws IOException {
 808         try (InputStream is = super.getInputStream(ze)) {
 809             int len = (int)ze.getSize();
 810             int bytesRead;
 811             byte[] b;
 812             // trust specified entry sizes when reasonably small
 813             if (len != -1 && len <= 65535) {
 814                 b = new byte[len];
 815                 bytesRead = is.readNBytes(b, 0, len);
 816             } else {
 817                 b = is.readAllBytes();
 818                 bytesRead = b.length;
 819             }
 820             if (len != -1 && len != bytesRead) {
 821                 throw new EOFException("Expected:" + len + ", read:" + bytesRead);
 822             }
 823             return b;
 824         }
 825     }
 826 
 827     /**
 828      * Returns an input stream for reading the contents of the specified
 829      * zip file entry.
 830      * @param ze the zip file entry
 831      * @return an input stream for reading the contents of the specified
 832      *         zip file entry
 833      * @throws ZipException if a zip file format error has occurred
 834      * @throws IOException if an I/O error has occurred
 835      * @throws SecurityException if any of the jar file entries
 836      *         are incorrectly signed.
 837      * @throws IllegalStateException
 838      *         may be thrown if the jar file has been closed
 839      */
 840     public synchronized InputStream getInputStream(ZipEntry ze)
 841         throws IOException
 842     {
 843         maybeInstantiateVerifier();
 844         if (jv == null) {
 845             return super.getInputStream(ze);
 846         }
 847         if (!jvInitialized) {
 848             initializeVerifier();
 849             jvInitialized = true;
 850             // could be set to null after a call to
 851             // initializeVerifier if we have nothing to
 852             // verify
 853             if (jv == null)
 854                 return super.getInputStream(ze);
 855         }
 856 
 857         // wrap a verifier stream around the real stream
 858         return new JarVerifier.VerifierStream(
 859             getManifestFromReference(),
 860             verifiableEntry(ze),
 861             super.getInputStream(ze),
 862             jv);
 863     }
 864 
 865     private JarEntry verifiableEntry(ZipEntry ze) {
 866         if (ze instanceof JarFileEntry) {
 867             // assure the name and entry match for verification
 868             return ((JarFileEntry)ze).realEntry();
 869         }
 870         ze = getJarEntry(ze.getName());
 871         if (ze instanceof JarFileEntry) {
 872             return ((JarFileEntry)ze).realEntry();
 873         }
 874         return (JarEntry)ze;
 875     }
 876 
 877     // Statics for hand-coded Boyer-Moore search
 878     private static final byte[] CLASSPATH_CHARS =
 879             {'C','L','A','S','S','-','P','A','T','H', ':', ' '};
 880 
 881     // The bad character shift for "class-path: "
 882     private static final byte[] CLASSPATH_LASTOCC;
 883 
 884     // The good suffix shift for "class-path: "
 885     private static final byte[] CLASSPATH_OPTOSFT;
 886 
 887     private static final byte[] MULTIRELEASE_CHARS =
 888             {'M','U','L','T','I','-','R','E','L','E', 'A', 'S', 'E', ':',
 889                     ' ', 'T', 'R', 'U', 'E'};
 890 
 891     // The bad character shift for "multi-release: true"
 892     private static final byte[] MULTIRELEASE_LASTOCC;
 893 
 894     // The good suffix shift for "multi-release: true"
 895     private static final byte[] MULTIRELEASE_OPTOSFT;
 896 
 897     static {
 898         CLASSPATH_LASTOCC = new byte[65];
 899         CLASSPATH_OPTOSFT = new byte[12];
 900         CLASSPATH_LASTOCC[(int)'C' - 32] = 1;
 901         CLASSPATH_LASTOCC[(int)'L' - 32] = 2;
 902         CLASSPATH_LASTOCC[(int)'S' - 32] = 5;
 903         CLASSPATH_LASTOCC[(int)'-' - 32] = 6;
 904         CLASSPATH_LASTOCC[(int)'P' - 32] = 7;
 905         CLASSPATH_LASTOCC[(int)'A' - 32] = 8;
 906         CLASSPATH_LASTOCC[(int)'T' - 32] = 9;
 907         CLASSPATH_LASTOCC[(int)'H' - 32] = 10;
 908         CLASSPATH_LASTOCC[(int)':' - 32] = 11;
 909         CLASSPATH_LASTOCC[(int)' ' - 32] = 12;
 910         for (int i = 0; i < 11; i++) {
 911             CLASSPATH_OPTOSFT[i] = 12;
 912         }
 913         CLASSPATH_OPTOSFT[11] = 1;
 914 
 915         MULTIRELEASE_LASTOCC = new byte[65];
 916         MULTIRELEASE_OPTOSFT = new byte[19];
 917         MULTIRELEASE_LASTOCC[(int)'M' - 32] = 1;
 918         MULTIRELEASE_LASTOCC[(int)'I' - 32] = 5;
 919         MULTIRELEASE_LASTOCC[(int)'-' - 32] = 6;
 920         MULTIRELEASE_LASTOCC[(int)'L' - 32] = 9;
 921         MULTIRELEASE_LASTOCC[(int)'A' - 32] = 11;
 922         MULTIRELEASE_LASTOCC[(int)'S' - 32] = 12;
 923         MULTIRELEASE_LASTOCC[(int)':' - 32] = 14;
 924         MULTIRELEASE_LASTOCC[(int)' ' - 32] = 15;
 925         MULTIRELEASE_LASTOCC[(int)'T' - 32] = 16;
 926         MULTIRELEASE_LASTOCC[(int)'R' - 32] = 17;
 927         MULTIRELEASE_LASTOCC[(int)'U' - 32] = 18;
 928         MULTIRELEASE_LASTOCC[(int)'E' - 32] = 19;
 929         for (int i = 0; i < 17; i++) {
 930             MULTIRELEASE_OPTOSFT[i] = 19;
 931         }
 932         MULTIRELEASE_OPTOSFT[17] = 6;
 933         MULTIRELEASE_OPTOSFT[18] = 1;
 934     }
 935 
 936     private JarEntry getManEntry() {
 937         if (manEntry == null) {
 938             // First look up manifest entry using standard name
 939             JarEntry manEntry = getEntry0(MANIFEST_NAME);
 940             if (manEntry == null) {
 941                 // If not found, then iterate through all the "META-INF/"
 942                 // entries to find a match.
 943                 String[] names = JUZFA.getMetaInfEntryNames(this);
 944                 if (names != null) {
 945                     for (String name : names) {
 946                         if (MANIFEST_NAME.equals(name.toUpperCase(Locale.ENGLISH))) {
 947                             manEntry = getEntry0(name);
 948                             break;
 949                         }
 950                     }
 951                 }
 952             }
 953             this.manEntry = manEntry;
 954         }
 955         return manEntry;
 956     }
 957 
 958    /**
 959     * Returns {@code true} iff this JAR file has a manifest with the
 960     * Class-Path attribute
 961     */
 962     boolean hasClassPathAttribute() throws IOException {
 963         checkForSpecialAttributes();
 964         return hasClassPathAttribute;
 965     }
 966 
 967     /**
 968      * Returns true if the pattern {@code src} is found in {@code b}.
 969      * The {@code lastOcc} array is the precomputed bad character shifts.
 970      * Since there are no repeated substring in our search strings,
 971      * the good suffix shifts can be replaced with a comparison.
 972      */
 973     private int match(byte[] src, byte[] b, byte[] lastOcc, byte[] optoSft) {
 974         int len = src.length;
 975         int last = b.length - len;
 976         int i = 0;
 977         next:
 978         while (i <= last) {
 979             for (int j = (len - 1); j >= 0; j--) {
 980                 byte c = b[i + j];
 981                 if (c >= ' ' && c <= 'z') {
 982                     if (c >= 'a') c -= 32; // Canonicalize
 983 
 984                     if (c != src[j]) {
 985                         // no match
 986                         int badShift = lastOcc[c - 32];
 987                         i += Math.max(j + 1 - badShift, optoSft[j]);
 988                         continue next;
 989                     }
 990                 } else {
 991                     // no match, character not valid for name
 992                     i += len;
 993                     continue next;
 994                 }
 995             }
 996             return i;
 997         }
 998         return -1;
 999     }
1000 
1001     /**
1002      * On first invocation, check if the JAR file has the Class-Path
1003      * and the Multi-Release attribute. A no-op on subsequent calls.
1004      */
1005     private void checkForSpecialAttributes() throws IOException {
1006         if (hasCheckedSpecialAttributes) {
1007             return;
1008         }
1009         synchronized (this) {
1010             if (hasCheckedSpecialAttributes) {
1011                 return;
1012             }
1013             JarEntry manEntry = getManEntry();
1014             if (manEntry != null) {
1015                 byte[] b = getBytes(manEntry);
1016                 hasClassPathAttribute = match(CLASSPATH_CHARS, b,
1017                         CLASSPATH_LASTOCC, CLASSPATH_OPTOSFT) != -1;
1018                 // is this a multi-release jar file
1019                 if (MULTI_RELEASE_ENABLED) {
1020                     int i = match(MULTIRELEASE_CHARS, b, MULTIRELEASE_LASTOCC,
1021                             MULTIRELEASE_OPTOSFT);
1022                     if (i != -1) {
1023                         // Read the main attributes of the manifest
1024                         byte[] lbuf = new byte[512];
1025                         Attributes attr = new Attributes();
1026                         attr.read(new Manifest.FastInputStream(
1027                                 new ByteArrayInputStream(b)), lbuf);
1028                         isMultiRelease = Boolean.parseBoolean(
1029                             attr.getValue(Attributes.Name.MULTI_RELEASE));
1030                     }
1031                 }
1032             }
1033             hasCheckedSpecialAttributes = true;
1034         }
1035     }
1036 
1037     synchronized void ensureInitialization() {
1038         try {
1039             maybeInstantiateVerifier();
1040         } catch (IOException e) {
1041             throw new RuntimeException(e);
1042         }
1043         if (jv != null && !jvInitialized) {
1044             isInitializing.set(Boolean.TRUE);
1045             try {
1046                 initializeVerifier();
1047                 jvInitialized = true;
1048             } finally {
1049                 isInitializing.set(Boolean.FALSE);
1050             }
1051         }
1052     }
1053 
1054     static boolean isInitializing() {
1055         Boolean value = isInitializing.get();
1056         return (value == null) ? false : value;
1057     }
1058 
1059     /*
1060      * Returns a versioned {@code JarFileEntry} for the given entry,
1061      * if there is one. Otherwise returns the original entry. This
1062      * is invoked by the {@code entries2} for verifier.
1063      */
1064     JarEntry newEntry(JarEntry je) {
1065         if (isMultiRelease()) {
1066             return getVersionedEntry(je.getName(), je);
1067         }
1068         return je;
1069     }
1070 
1071     /*
1072      * Returns a versioned {@code JarFileEntry} for the given entry
1073      * name, if there is one. Otherwise returns a {@code JarFileEntry}
1074      * with the given name. It is invoked from JarVerifier's entries2
1075      * for {@code singers}.
1076      */
1077     JarEntry newEntry(String name) {
1078         if (isMultiRelease()) {
1079             JarEntry vje = getVersionedEntry(name, null);
1080             if (vje != null) {
1081                 return vje;
1082             }
1083         }
1084         return new JarFileEntry(name);
1085     }
1086 
1087     Enumeration<String> entryNames(CodeSource[] cs) {
1088         ensureInitialization();
1089         if (jv != null) {
1090             return jv.entryNames(this, cs);
1091         }
1092 
1093         /*
1094          * JAR file has no signed content. Is there a non-signing
1095          * code source?
1096          */
1097         boolean includeUnsigned = false;
1098         for (CodeSource c : cs) {
1099             if (c.getCodeSigners() == null) {
1100                 includeUnsigned = true;
1101                 break;
1102             }
1103         }
1104         if (includeUnsigned) {
1105             return unsignedEntryNames();
1106         } else {
1107             return Collections.emptyEnumeration();
1108         }
1109     }
1110 
1111     /**
1112      * Returns an enumeration of the zip file entries
1113      * excluding internal JAR mechanism entries and including
1114      * signed entries missing from the ZIP directory.
1115      */
1116     Enumeration<JarEntry> entries2() {
1117         ensureInitialization();
1118         if (jv != null) {
1119             return jv.entries2(this, JUZFA.entries(JarFile.this,
1120                                                    JarFileEntry::new));
1121         }
1122 
1123         // screen out entries which are never signed
1124         final var unfilteredEntries = JUZFA.entries(JarFile.this, JarFileEntry::new);
1125 
1126         return new Enumeration<>() {
1127 
1128             JarEntry entry;
1129 
1130             public boolean hasMoreElements() {
1131                 if (entry != null) {
1132                     return true;
1133                 }
1134                 while (unfilteredEntries.hasMoreElements()) {
1135                     JarEntry je = unfilteredEntries.nextElement();
1136                     if (JarVerifier.isSigningRelated(je.getName())) {
1137                         continue;
1138                     }
1139                     entry = je;
1140                     return true;
1141                 }
1142                 return false;
1143             }
1144 
1145             public JarEntry nextElement() {
1146                 if (hasMoreElements()) {
1147                     JarEntry je = entry;
1148                     entry = null;
1149                     return newEntry(je);
1150                 }
1151                 throw new NoSuchElementException();
1152             }
1153         };
1154     }
1155 
1156     CodeSource[] getCodeSources(URL url) {
1157         ensureInitialization();
1158         if (jv != null) {
1159             return jv.getCodeSources(this, url);
1160         }
1161 
1162         /*
1163          * JAR file has no signed content. Is there a non-signing
1164          * code source?
1165          */
1166         Enumeration<String> unsigned = unsignedEntryNames();
1167         if (unsigned.hasMoreElements()) {
1168             return new CodeSource[]{JarVerifier.getUnsignedCS(url)};
1169         } else {
1170             return null;
1171         }
1172     }
1173 
1174     private Enumeration<String> unsignedEntryNames() {
1175         final Enumeration<JarEntry> entries = entries();
1176         return new Enumeration<>() {
1177 
1178             String name;
1179 
1180             /*
1181              * Grab entries from ZIP directory but screen out
1182              * metadata.
1183              */
1184             public boolean hasMoreElements() {
1185                 if (name != null) {
1186                     return true;
1187                 }
1188                 while (entries.hasMoreElements()) {
1189                     String value;
1190                     ZipEntry e = entries.nextElement();
1191                     value = e.getName();
1192                     if (e.isDirectory() || JarVerifier.isSigningRelated(value)) {
1193                         continue;
1194                     }
1195                     name = value;
1196                     return true;
1197                 }
1198                 return false;
1199             }
1200 
1201             public String nextElement() {
1202                 if (hasMoreElements()) {
1203                     String value = name;
1204                     name = null;
1205                     return value;
1206                 }
1207                 throw new NoSuchElementException();
1208             }
1209         };
1210     }
1211 
1212     CodeSource getCodeSource(URL url, String name) {
1213         ensureInitialization();
1214         if (jv != null) {
1215             if (jv.eagerValidation) {
1216                 CodeSource cs = null;
1217                 JarEntry je = getJarEntry(name);
1218                 if (je != null) {
1219                     cs = jv.getCodeSource(url, this, je);
1220                 } else {
1221                     cs = jv.getCodeSource(url, name);
1222                 }
1223                 return cs;
1224             } else {
1225                 return jv.getCodeSource(url, name);
1226             }
1227         }
1228 
1229         return JarVerifier.getUnsignedCS(url);
1230     }
1231 
1232     void setEagerValidation(boolean eager) {
1233         try {
1234             maybeInstantiateVerifier();
1235         } catch (IOException e) {
1236             throw new RuntimeException(e);
1237         }
1238         if (jv != null) {
1239             jv.setEagerValidation(eager);
1240         }
1241     }
1242 
1243     List<Object> getManifestDigests() {
1244         ensureInitialization();
1245         if (jv != null) {
1246             return jv.getManifestDigests();
1247         }
1248         return new ArrayList<>();
1249     }
1250 }