libcore/archive/src/main/java/java/util/jar/JarVerifier.java - platform/dalvik - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package java.util.jar;

 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.io.UnsupportedEncodingException;
 import java.security.GeneralSecurityException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.Certificate;
 import java.util.HashMap;
 import java.util.Hashtable;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.StringTokenizer;
 import java.util.Vector;
 import java.util.zip.ZipEntry;

 import org.apache.harmony.archive.internal.nls.Messages;
 import org.apache.harmony.luni.util.Base64;
 import org.apache.harmony.security.utils.JarUtils;

 import org.apache.harmony.archive.util.Util;

 // BEGIN android-added
 import org.apache.harmony.xnet.provider.jsse.OpenSSLMessageDigestJDK;
 // END android-added

 /**
  * Non-public class used by {@link JarFile} and {@link JarInputStream} to manage
  * the verification of signed JARs. {@code JarFile} and {@code JarInputStream}
  * objects are expected to have a {@code JarVerifier} instance member which
  * can be used to carry out the tasks associated with verifying a signed JAR.
  * These tasks would typically include:
  * <ul>
  * <li>verification of all signed signature files
  * <li>confirmation that all signed data was signed only by the party or parties
  * specified in the signature block data
  * <li>verification that the contents of all signature files (i.e. {@code .SF}
  * files) agree with the JAR entries information found in the JAR manifest.
  * </ul>
  */
 class JarVerifier {

     private final String jarName;

     private Manifest man;

     private HashMap<String, byte[]> metaEntries = new HashMap<String, byte[]>(5);

     private final Hashtable<String, HashMap<String, Attributes>> signatures =
         new Hashtable<String, HashMap<String, Attributes>>(5);

     private final Hashtable<String, Certificate[]> certificates =
         new Hashtable<String, Certificate[]>(5);

     private final Hashtable<String, Certificate[]> verifiedEntries =
         new Hashtable<String, Certificate[]>();

     byte[] mainAttributesChunk;

     // BEGIN android-added
     private static long measureCount = 0;

     private static long averageTime = 0;
     // END android-added

     /**
      * TODO Type description
      */
     static class VerifierEntry extends OutputStream {

         MessageDigest digest;

         byte[] hash;

         Certificate[] certificates;

         VerifierEntry(MessageDigest digest, byte[] hash,
                 Certificate[] certificates) {
             this.digest = digest;
             this.hash = hash;
             this.certificates = certificates;
         }

         /*
          * (non-Javadoc)
          *
          * @see java.io.OutputStream#write(int)
          */
         @Override
         public void write(int value) {
             digest.update((byte) value);
         }

         /*
          * (non-Javadoc)
          *
          * @see java.io.OutputStream#write(byte[], int, int)
          */
         @Override
         public void write(byte[] buf, int off, int nbytes) {
             digest.update(buf, off, nbytes);
         }
     }

     /**
      * Constructs and returns a new instance of {@code JarVerifier}.
      *
      * @param name
      *            the name of the JAR file being verified.
      */
     JarVerifier(String name) {
         jarName = name;
     }

     /**
      * Invoked for each new JAR entry read operation from the input
      * stream. This method constructs and returns a new {@link VerifierEntry}
      * which contains the certificates used to sign the entry and its hash value
      * as specified in the JAR MANIFEST format.
      *
      * @param name
      *            the name of an entry in a JAR file which is <b>not</b> in the
      *            {@code META-INF} directory.
      * @return a new instance of {@link VerifierEntry} which can be used by
      *         callers as an {@link OutputStream}.
      * @since Android 1.0
      */
     VerifierEntry initEntry(String name) {
         // If no manifest is present by the time an entry is found,
         // verification cannot occur. If no signature files have
         // been found, do not verify.
         if (man == null || signatures.size() == 0) {
             return null;
         }

         Attributes attributes = man.getAttributes(name);
         // entry has no digest
         if (attributes == null) {
             return null;
         }

         Vector<Certificate> certs = new Vector<Certificate>();
         Iterator<Map.Entry<String, HashMap<String, Attributes>>> it =
             signatures.entrySet().iterator();
         while (it.hasNext()) {
             Map.Entry<String, HashMap<String, Attributes>> entry = it.next();
             HashMap<String, Attributes> hm = entry.getValue();
             if (hm.get(name) != null) {
                 // Found an entry for entry name in .SF file
                 String signatureFile = entry.getKey();

                 Vector<Certificate> newCerts = getSignerCertificates(
                         signatureFile, certificates);
                 Iterator<Certificate> iter = newCerts.iterator();
                 while (iter.hasNext()) {
                     certs.add(iter.next());
                 }
             }
         }

         // entry is not signed
         if (certs.size() == 0) {
             return null;
         }
         Certificate[] certificatesArray = new Certificate[certs.size()];
         certs.toArray(certificatesArray);

         String algorithms = attributes.getValue("Digest-Algorithms"); //$NON-NLS-1$
         if (algorithms == null) {
             algorithms = "SHA SHA1"; //$NON-NLS-1$
         }
         StringTokenizer tokens = new StringTokenizer(algorithms);
         while (tokens.hasMoreTokens()) {
             String algorithm = tokens.nextToken();
             String hash = attributes.getValue(algorithm + "-Digest"); //$NON-NLS-1$
             if (hash == null) {
                 continue;
             }
             byte[] hashBytes;
             try {
                 hashBytes = hash.getBytes("ISO8859_1"); //$NON-NLS-1$
             } catch (UnsupportedEncodingException e) {
                 throw new RuntimeException(e.toString());
             }

             try {
                 // BEGIN android-changed
                 return new VerifierEntry(OpenSSLMessageDigestJDK.getInstance(algorithm),
                         hashBytes, certificatesArray);
                 // END android-changed
             } catch (NoSuchAlgorithmException e) {
                 // Ignored
             }
         }
         return null;
     }

     /**
      * Add a new meta entry to the internal collection of data held on each JAR
      * entry in the {@code META-INF} directory including the manifest
      * file itself. Files associated with the signing of a JAR would also be
      * added to this collection.
      *
      * @param name
      *            the name of the file located in the {@code META-INF}
      *            directory.
      * @param buf
      *            the file bytes for the file called {@code name}.
      * @see #removeMetaEntries()
      */
     void addMetaEntry(String name, byte[] buf) {
         metaEntries.put(Util.toASCIIUpperCase(name), buf);
     }

     /**
      * If the associated JAR file is signed, check on the validity of all of the
      * known signatures.
      *
      * @return {@code true} if the associated JAR is signed and an internal
      *         check verifies the validity of the signature(s). {@code false} if
      *         the associated JAR file has no entries at all in its {@code
      *         META-INF} directory. This situation is indicative of an invalid
      *         JAR file.
      *         <p>
      *         Will also return {@code true} if the JAR file is <i>not</i>
      *         signed.
      *         </p>
      * @throws SecurityException
      *             if the JAR file is signed and it is determined that a
      *             signature block file contains an invalid signature for the
      *             corresponding signature file.
      * @since Android 1.0
      */
     synchronized boolean readCertificates() {
         if (metaEntries == null) {
             return false;
         }
         Iterator<String> it = metaEntries.keySet().iterator();
         while (it.hasNext()) {
             String key = it.next();
             if (key.endsWith(".DSA") || key.endsWith(".RSA")) { //$NON-NLS-1$ //$NON-NLS-2$
                 verifyCertificate(key);
                 // Check for recursive class load
                 if (metaEntries == null) {
                     return false;
                 }
                 it.remove();
             }
         }
         return true;
     }

     /**
      * @param certFile
      */
     private void verifyCertificate(String certFile) {
         // Found Digital Sig, .SF should already have been read
         String signatureFile = certFile.substring(0, certFile.lastIndexOf('.'))
                 + ".SF"; //$NON-NLS-1$
         byte[] sfBytes = metaEntries.get(signatureFile);
         if (sfBytes == null) {
             return;
         }

         byte[] sBlockBytes = metaEntries.get(certFile);
         try {
             Certificate[] signerCertChain = JarUtils.verifySignature(
                     new ByteArrayInputStream(sfBytes),
                     new ByteArrayInputStream(sBlockBytes));
             /*
              * Recursive call in loading security provider related class which
              * is in a signed JAR.
              */
             if (null == metaEntries) {
                 return;
             }
             if (signerCertChain != null) {
                 certificates.put(signatureFile, signerCertChain);
             }
         } catch (IOException e) {
             return;
         } catch (GeneralSecurityException e) {
             /* [MSG "archive.30", "{0} failed verification of {1}"] */
             throw new SecurityException(
                     Messages.getString("archive.30", jarName, signatureFile)); //$NON-NLS-1$
         }

         // Verify manifest hash in .sf file
         Attributes attributes = new Attributes();
         HashMap<String, Attributes> hm = new HashMap<String, Attributes>();
         try {
             new InitManifest(new ByteArrayInputStream(sfBytes), attributes, hm,
                     null, "Signature-Version"); //$NON-NLS-1$
         } catch (IOException e) {
             return;
         }

         boolean createdBySigntool = false;
         String createdByValue = attributes.getValue("Created-By"); //$NON-NLS-1$
         if (createdByValue != null) {
             createdBySigntool = createdByValue.indexOf("signtool") != -1; //$NON-NLS-1$
         }

         // Use .SF to verify the mainAttributes of the manifest
         // If there is no -Digest-Manifest-Main-Attributes entry in .SF
         // file, such as those created before java 1.5, then we ignore
         // such verification.
         // FIXME: The meaning of createdBySigntool
         if (mainAttributesChunk != null && !createdBySigntool) {
             String digestAttribute = "-Digest-Manifest-Main-Attributes"; //$NON-NLS-1$
             if (!verify(attributes, digestAttribute, mainAttributesChunk,
                     false, true)) {
                 /* [MSG "archive.30", "{0} failed verification of {1}"] */
                 throw new SecurityException(
                         Messages.getString("archive.30", jarName, signatureFile)); //$NON-NLS-1$
             }
         }

         byte[] manifest = metaEntries.get(JarFile.MANIFEST_NAME);
         if (manifest == null) {
             return;
         }
         // Use .SF to verify the whole manifest
         String digestAttribute = createdBySigntool ? "-Digest" //$NON-NLS-1$
                 : "-Digest-Manifest"; //$NON-NLS-1$
         if (!verify(attributes, digestAttribute, manifest, false, false)) {
             Iterator<Map.Entry<String, Attributes>> it = hm.entrySet()
                     .iterator();
             while (it.hasNext()) {
                 Map.Entry<String, Attributes> entry = it.next();
                 byte[] chunk = man.getChunk(entry.getKey());
                 if (chunk == null) {
                     return;
                 }
                 if (!verify(entry.getValue(), "-Digest", chunk, //$NON-NLS-1$
                         createdBySigntool, false)) {
                     /* [MSG "archive.31", "{0} has invalid digest for {1} in {2}"] */
                     throw new SecurityException(
                         Messages.getString("archive.31", //$NON-NLS-1$
                             new Object[] { signatureFile, entry.getKey(), jarName }));
                 }
             }
         }
         metaEntries.put(signatureFile, null);
         signatures.put(signatureFile, hm);
     }

     /**
      * Associate this verifier with the specified {@link Manifest} object.
      *
      * @param mf
      *            a {@code java.util.jar.Manifest} object.
      */
     void setManifest(Manifest mf) {
         man = mf;
     }

     /**
      * Verifies that the digests stored in the manifest match the decrypted
      * digests from the .SF file. This indicates the validity of the signing,
      * not the integrity of the file, as it's digest must be calculated and
      * verified when its contents are read.
      *
      * @param entry
      *            the {@link VerifierEntry} associated with the specified
      *            {@code zipEntry}.
      * @param zipEntry
      *            an entry in the JAR file
      * @throws SecurityException
      *             if the digest value stored in the manifest does <i>not</i>
      *             agree with the decrypted digest as recovered from the
      *             {@code .SF} file.
      * @see #initEntry(String)
      */
     void verifySignatures(VerifierEntry entry, ZipEntry zipEntry) {
         byte[] digest = entry.digest.digest();
         if (!MessageDigest.isEqual(digest, Base64.decode(entry.hash))) {
             /* [MSG "archive.31", "{0} has invalid digest for {1} in {2}"] */
             throw new SecurityException(Messages.getString("archive.31", new Object[] { //$NON-NLS-1$
                     JarFile.MANIFEST_NAME, zipEntry.getName(), jarName }));
         }
         verifiedEntries.put(zipEntry.getName(), entry.certificates);
     }

     /**
      * Returns a {@code boolean} indication of whether or not the
      * associated JAR file is signed.
      *
      * @return {@code true} if the JAR is signed, {@code false}
      *         otherwise.
      */
     boolean isSignedJar() {
         return certificates.size() > 0;
     }

     private boolean verify(Attributes attributes, String entry, byte[] data,
             boolean ignoreSecondEndline, boolean ignorable) {
         String algorithms = attributes.getValue("Digest-Algorithms"); //$NON-NLS-1$
         if (algorithms == null) {
             algorithms = "SHA SHA1"; //$NON-NLS-1$
         }
         StringTokenizer tokens = new StringTokenizer(algorithms);
         while (tokens.hasMoreTokens()) {
             String algorithm = tokens.nextToken();
             String hash = attributes.getValue(algorithm + entry);
             if (hash == null) {
                 continue;
             }

             MessageDigest md;
             try {
                 // BEGIN android-changed
                 md = OpenSSLMessageDigestJDK.getInstance(algorithm);
                 // END android-changed
             } catch (NoSuchAlgorithmException e) {
                 continue;
             }
             if (ignoreSecondEndline && data[data.length - 1] == '\n'
                     && data[data.length - 2] == '\n') {
                 md.update(data, 0, data.length - 1);
             } else {
                 md.update(data, 0, data.length);
             }
             byte[] b = md.digest();
             byte[] hashBytes;
             try {
                 hashBytes = hash.getBytes("ISO8859_1"); //$NON-NLS-1$
             } catch (UnsupportedEncodingException e) {
                 throw new RuntimeException(e.toString());
             }
             return MessageDigest.isEqual(b, Base64.decode(hashBytes));
         }
         return ignorable;
     }

     /**
      * Returns all of the {@link java.security.cert.Certificate} instances that
      * were used to verify the signature on the JAR entry called
      * {@code name}.
      *
      * @param name
      *            the name of a JAR entry.
      * @return an array of {@link java.security.cert.Certificate}.
      */
     Certificate[] getCertificates(String name) {
         Certificate[] verifiedCerts = verifiedEntries.get(name);
         if (verifiedCerts == null) {
             return null;
         }
         return verifiedCerts.clone();
     }

     /**
      * Remove all entries from the internal collection of data held about each
      * JAR entry in the {@code META-INF} directory.
      *
      * @see #addMetaEntry(String, byte[])
      */
     void removeMetaEntries() {
         metaEntries = null;
     }

     /**
      * Returns a {@code Vector} of all of the
      * {@link java.security.cert.Certificate}s that are associated with the
      * signing of the named signature file.
      *
      * @param signatureFileName
      *            the name of a signature file.
      * @param certificates
      *            a {@code Map} of all of the certificate chains discovered so
      *            far while attempting to verify the JAR that contains the
      *            signature file {@code signatureFileName}. This object is
      *            previously set in the course of one or more calls to
      *            {@link #verifyJarSignatureFile(String, String, String, Map, Map)}
      *            where it was passed as the last argument.
      * @return all of the {@code Certificate} entries for the signer of the JAR
      *         whose actions led to the creation of the named signature file.
      */
     public static Vector<Certificate> getSignerCertificates(
             String signatureFileName, Map<String, Certificate[]> certificates) {
         Vector<Certificate> result = new Vector<Certificate>();
         Certificate[] certChain = certificates.get(signatureFileName);
         if (certChain != null) {
             for (Certificate element : certChain) {
                 result.add(element);
             }
         }
         return result;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package java.util.jar;

	import java.io.ByteArrayInputStream;
	import java.io.IOException;
	import java.io.OutputStream;
	import java.io.UnsupportedEncodingException;
	import java.security.GeneralSecurityException;
	import java.security.MessageDigest;
	import java.security.NoSuchAlgorithmException;
	import java.security.cert.Certificate;
	import java.util.HashMap;
	import java.util.Hashtable;
	import java.util.Iterator;
	import java.util.Map;
	import java.util.StringTokenizer;
	import java.util.Vector;
	import java.util.zip.ZipEntry;

	import org.apache.harmony.archive.internal.nls.Messages;
	import org.apache.harmony.luni.util.Base64;
	import org.apache.harmony.security.utils.JarUtils;

	import org.apache.harmony.archive.util.Util;

	// BEGIN android-added
	import org.apache.harmony.xnet.provider.jsse.OpenSSLMessageDigestJDK;
	// END android-added

	/**
	* Non-public class used by {@link JarFile} and {@link JarInputStream} to manage
	* the verification of signed JARs. {@code JarFile} and {@code JarInputStream}
	* objects are expected to have a {@code JarVerifier} instance member which
	* can be used to carry out the tasks associated with verifying a signed JAR.
	* These tasks would typically include:
	* <ul>
	* <li>verification of all signed signature files
	* <li>confirmation that all signed data was signed only by the party or parties
	* specified in the signature block data
	* <li>verification that the contents of all signature files (i.e. {@code .SF}
	* files) agree with the JAR entries information found in the JAR manifest.
	* </ul>
	*/
	class JarVerifier {

	private final String jarName;

	private Manifest man;

	private HashMap<String, byte[]> metaEntries = new HashMap<String, byte[]>(5);

	private final Hashtable<String, HashMap<String, Attributes>> signatures =
	new Hashtable<String, HashMap<String, Attributes>>(5);

	private final Hashtable<String, Certificate[]> certificates =
	new Hashtable<String, Certificate[]>(5);

	private final Hashtable<String, Certificate[]> verifiedEntries =
	new Hashtable<String, Certificate[]>();

	byte[] mainAttributesChunk;

	// BEGIN android-added
	private static long measureCount = 0;

	private static long averageTime = 0;
	// END android-added

	/**
	* TODO Type description
	*/
	static class VerifierEntry extends OutputStream {

	MessageDigest digest;

	byte[] hash;

	Certificate[] certificates;

	VerifierEntry(MessageDigest digest, byte[] hash,
	Certificate[] certificates) {
	this.digest = digest;
	this.hash = hash;
	this.certificates = certificates;
	}

	/*
	* (non-Javadoc)
	*
	* @see java.io.OutputStream#write(int)
	*/
	@Override
	public void write(int value) {
	digest.update((byte) value);
	}

	/*
	* (non-Javadoc)
	*
	* @see java.io.OutputStream#write(byte[], int, int)
	*/
	@Override
	public void write(byte[] buf, int off, int nbytes) {
	digest.update(buf, off, nbytes);
	}
	}

	/**
	* Constructs and returns a new instance of {@code JarVerifier}.
	*
	* @param name
	* the name of the JAR file being verified.
	*/
	JarVerifier(String name) {
	jarName = name;
	}

	/**
	* Invoked for each new JAR entry read operation from the input
	* stream. This method constructs and returns a new {@link VerifierEntry}
	* which contains the certificates used to sign the entry and its hash value
	* as specified in the JAR MANIFEST format.
	*
	* @param name
	* the name of an entry in a JAR file which is <b>not</b> in the
	* {@code META-INF} directory.
	* @return a new instance of {@link VerifierEntry} which can be used by
	* callers as an {@link OutputStream}.
	* @since Android 1.0
	*/
	VerifierEntry initEntry(String name) {
	// If no manifest is present by the time an entry is found,
	// verification cannot occur. If no signature files have
	// been found, do not verify.
	if (man == null \|\| signatures.size() == 0) {
	return null;
	}

	Attributes attributes = man.getAttributes(name);
	// entry has no digest
	if (attributes == null) {
	return null;
	}

	Vector<Certificate> certs = new Vector<Certificate>();
	Iterator<Map.Entry<String, HashMap<String, Attributes>>> it =
	signatures.entrySet().iterator();
	while (it.hasNext()) {
	Map.Entry<String, HashMap<String, Attributes>> entry = it.next();
	HashMap<String, Attributes> hm = entry.getValue();
	if (hm.get(name) != null) {
	// Found an entry for entry name in .SF file
	String signatureFile = entry.getKey();

	Vector<Certificate> newCerts = getSignerCertificates(
	signatureFile, certificates);
	Iterator<Certificate> iter = newCerts.iterator();
	while (iter.hasNext()) {
	certs.add(iter.next());
	}
	}
	}

	// entry is not signed
	if (certs.size() == 0) {
	return null;
	}
	Certificate[] certificatesArray = new Certificate[certs.size()];
	certs.toArray(certificatesArray);

	String algorithms = attributes.getValue("Digest-Algorithms"); //$NON-NLS-1$
	if (algorithms == null) {
	algorithms = "SHA SHA1"; //$NON-NLS-1$
	}
	StringTokenizer tokens = new StringTokenizer(algorithms);
	while (tokens.hasMoreTokens()) {
	String algorithm = tokens.nextToken();
	String hash = attributes.getValue(algorithm + "-Digest"); //$NON-NLS-1$
	if (hash == null) {
	continue;
	}
	byte[] hashBytes;
	try {
	hashBytes = hash.getBytes("ISO8859_1"); //$NON-NLS-1$
	} catch (UnsupportedEncodingException e) {
	throw new RuntimeException(e.toString());
	}

	try {
	// BEGIN android-changed
	return new VerifierEntry(OpenSSLMessageDigestJDK.getInstance(algorithm),
	hashBytes, certificatesArray);
	// END android-changed
	} catch (NoSuchAlgorithmException e) {
	// Ignored
	}
	}
	return null;
	}

	/**
	* Add a new meta entry to the internal collection of data held on each JAR
	* entry in the {@code META-INF} directory including the manifest
	* file itself. Files associated with the signing of a JAR would also be
	* added to this collection.
	*
	* @param name
	* the name of the file located in the {@code META-INF}
	* directory.
	* @param buf
	* the file bytes for the file called {@code name}.
	* @see #removeMetaEntries()
	*/
	void addMetaEntry(String name, byte[] buf) {
	metaEntries.put(Util.toASCIIUpperCase(name), buf);
	}

	/**
	* If the associated JAR file is signed, check on the validity of all of the
	* known signatures.
	*
	* @return {@code true} if the associated JAR is signed and an internal
	* check verifies the validity of the signature(s). {@code false} if
	* the associated JAR file has no entries at all in its {@code
	* META-INF} directory. This situation is indicative of an invalid
	* JAR file.
	* <p>
	* Will also return {@code true} if the JAR file is <i>not</i>
	* signed.
	* </p>
	* @throws SecurityException
	* if the JAR file is signed and it is determined that a
	* signature block file contains an invalid signature for the
	* corresponding signature file.
	* @since Android 1.0
	*/
	synchronized boolean readCertificates() {
	if (metaEntries == null) {
	return false;
	}
	Iterator<String> it = metaEntries.keySet().iterator();
	while (it.hasNext()) {
	String key = it.next();
	if (key.endsWith(".DSA") \|\| key.endsWith(".RSA")) { //$NON-NLS-1$ //$NON-NLS-2$
	verifyCertificate(key);
	// Check for recursive class load
	if (metaEntries == null) {
	return false;
	}
	it.remove();
	}
	}
	return true;
	}

	/**
	* @param certFile
	*/
	private void verifyCertificate(String certFile) {
	// Found Digital Sig, .SF should already have been read
	String signatureFile = certFile.substring(0, certFile.lastIndexOf('.'))
	+ ".SF"; //$NON-NLS-1$
	byte[] sfBytes = metaEntries.get(signatureFile);
	if (sfBytes == null) {
	return;
	}

	byte[] sBlockBytes = metaEntries.get(certFile);
	try {
	Certificate[] signerCertChain = JarUtils.verifySignature(
	new ByteArrayInputStream(sfBytes),
	new ByteArrayInputStream(sBlockBytes));
	/*
	* Recursive call in loading security provider related class which
	* is in a signed JAR.
	*/
	if (null == metaEntries) {
	return;
	}
	if (signerCertChain != null) {
	certificates.put(signatureFile, signerCertChain);
	}
	} catch (IOException e) {
	return;
	} catch (GeneralSecurityException e) {
	/* [MSG "archive.30", "{0} failed verification of {1}"] */
	throw new SecurityException(
	Messages.getString("archive.30", jarName, signatureFile)); //$NON-NLS-1$
	}

	// Verify manifest hash in .sf file
	Attributes attributes = new Attributes();
	HashMap<String, Attributes> hm = new HashMap<String, Attributes>();
	try {
	new InitManifest(new ByteArrayInputStream(sfBytes), attributes, hm,
	null, "Signature-Version"); //$NON-NLS-1$
	} catch (IOException e) {
	return;
	}

	boolean createdBySigntool = false;
	String createdByValue = attributes.getValue("Created-By"); //$NON-NLS-1$
	if (createdByValue != null) {
	createdBySigntool = createdByValue.indexOf("signtool") != -1; //$NON-NLS-1$
	}

	// Use .SF to verify the mainAttributes of the manifest
	// If there is no -Digest-Manifest-Main-Attributes entry in .SF
	// file, such as those created before java 1.5, then we ignore
	// such verification.
	// FIXME: The meaning of createdBySigntool
	if (mainAttributesChunk != null && !createdBySigntool) {
	String digestAttribute = "-Digest-Manifest-Main-Attributes"; //$NON-NLS-1$
	if (!verify(attributes, digestAttribute, mainAttributesChunk,
	false, true)) {
	/* [MSG "archive.30", "{0} failed verification of {1}"] */
	throw new SecurityException(
	Messages.getString("archive.30", jarName, signatureFile)); //$NON-NLS-1$
	}
	}

	byte[] manifest = metaEntries.get(JarFile.MANIFEST_NAME);
	if (manifest == null) {
	return;
	}
	// Use .SF to verify the whole manifest
	String digestAttribute = createdBySigntool ? "-Digest" //$NON-NLS-1$
	: "-Digest-Manifest"; //$NON-NLS-1$
	if (!verify(attributes, digestAttribute, manifest, false, false)) {
	Iterator<Map.Entry<String, Attributes>> it = hm.entrySet()
	.iterator();
	while (it.hasNext()) {
	Map.Entry<String, Attributes> entry = it.next();
	byte[] chunk = man.getChunk(entry.getKey());
	if (chunk == null) {
	return;
	}
	if (!verify(entry.getValue(), "-Digest", chunk, //$NON-NLS-1$
	createdBySigntool, false)) {
	/* [MSG "archive.31", "{0} has invalid digest for {1} in {2}"] */
	throw new SecurityException(
	Messages.getString("archive.31", //$NON-NLS-1$
	new Object[] { signatureFile, entry.getKey(), jarName }));
	}
	}
	}
	metaEntries.put(signatureFile, null);
	signatures.put(signatureFile, hm);
	}

	/**
	* Associate this verifier with the specified {@link Manifest} object.
	*
	* @param mf
	* a {@code java.util.jar.Manifest} object.
	*/
	void setManifest(Manifest mf) {
	man = mf;
	}

	/**
	* Verifies that the digests stored in the manifest match the decrypted
	* digests from the .SF file. This indicates the validity of the signing,
	* not the integrity of the file, as it's digest must be calculated and
	* verified when its contents are read.
	*
	* @param entry
	* the {@link VerifierEntry} associated with the specified
	* {@code zipEntry}.
	* @param zipEntry
	* an entry in the JAR file
	* @throws SecurityException
	* if the digest value stored in the manifest does <i>not</i>
	* agree with the decrypted digest as recovered from the
	* {@code .SF} file.
	* @see #initEntry(String)
	*/
	void verifySignatures(VerifierEntry entry, ZipEntry zipEntry) {
	byte[] digest = entry.digest.digest();
	if (!MessageDigest.isEqual(digest, Base64.decode(entry.hash))) {
	/* [MSG "archive.31", "{0} has invalid digest for {1} in {2}"] */
	throw new SecurityException(Messages.getString("archive.31", new Object[] { //$NON-NLS-1$
	JarFile.MANIFEST_NAME, zipEntry.getName(), jarName }));
	}
	verifiedEntries.put(zipEntry.getName(), entry.certificates);
	}

	/**
	* Returns a {@code boolean} indication of whether or not the
	* associated JAR file is signed.
	*
	* @return {@code true} if the JAR is signed, {@code false}
	* otherwise.
	*/
	boolean isSignedJar() {
	return certificates.size() > 0;
	}

	private boolean verify(Attributes attributes, String entry, byte[] data,
	boolean ignoreSecondEndline, boolean ignorable) {
	String algorithms = attributes.getValue("Digest-Algorithms"); //$NON-NLS-1$
	if (algorithms == null) {
	algorithms = "SHA SHA1"; //$NON-NLS-1$
	}
	StringTokenizer tokens = new StringTokenizer(algorithms);
	while (tokens.hasMoreTokens()) {
	String algorithm = tokens.nextToken();
	String hash = attributes.getValue(algorithm + entry);
	if (hash == null) {
	continue;
	}

	MessageDigest md;
	try {
	// BEGIN android-changed
	md = OpenSSLMessageDigestJDK.getInstance(algorithm);
	// END android-changed
	} catch (NoSuchAlgorithmException e) {
	continue;
	}
	if (ignoreSecondEndline && data[data.length - 1] == '\n'
	&& data[data.length - 2] == '\n') {
	md.update(data, 0, data.length - 1);
	} else {
	md.update(data, 0, data.length);
	}
	byte[] b = md.digest();
	byte[] hashBytes;
	try {
	hashBytes = hash.getBytes("ISO8859_1"); //$NON-NLS-1$
	} catch (UnsupportedEncodingException e) {
	throw new RuntimeException(e.toString());
	}
	return MessageDigest.isEqual(b, Base64.decode(hashBytes));
	}
	return ignorable;
	}

	/**
	* Returns all of the {@link java.security.cert.Certificate} instances that
	* were used to verify the signature on the JAR entry called
	* {@code name}.
	*
	* @param name
	* the name of a JAR entry.
	* @return an array of {@link java.security.cert.Certificate}.
	*/
	Certificate[] getCertificates(String name) {
	Certificate[] verifiedCerts = verifiedEntries.get(name);
	if (verifiedCerts == null) {
	return null;
	}
	return verifiedCerts.clone();
	}

	/**
	* Remove all entries from the internal collection of data held about each
	* JAR entry in the {@code META-INF} directory.
	*
	* @see #addMetaEntry(String, byte[])
	*/
	void removeMetaEntries() {
	metaEntries = null;
	}

	/**
	* Returns a {@code Vector} of all of the
	* {@link java.security.cert.Certificate}s that are associated with the
	* signing of the named signature file.
	*
	* @param signatureFileName
	* the name of a signature file.
	* @param certificates
	* a {@code Map} of all of the certificate chains discovered so
	* far while attempting to verify the JAR that contains the
	* signature file {@code signatureFileName}. This object is
	* previously set in the course of one or more calls to
	* {@link #verifyJarSignatureFile(String, String, String, Map, Map)}
	* where it was passed as the last argument.
	* @return all of the {@code Certificate} entries for the signer of the JAR
	* whose actions led to the creation of the named signature file.
	*/
	public static Vector<Certificate> getSignerCertificates(
	String signatureFileName, Map<String, Certificate[]> certificates) {
	Vector<Certificate> result = new Vector<Certificate>();
	Certificate[] certChain = certificates.get(signatureFileName);
	if (certChain != null) {
	for (Certificate element : certChain) {
	result.add(element);
	}
	}
	return result;
	}
	}