org.eclipse.osgi_3.7.2.v20120110-1415

.osgi.internal.signedcontent;

public abstract interface SignedContentConstants
{
  public static final String SHA1_STR = "SHA1";
  public static final String MD5_STR = "MD5";
  public static final String MD2_STR = "MD2";
  public static final String DOT_DSA = ".DSA";
  public static final String DOT_RSA = ".RSA";
  public static final String DOT_SF = ".SF";
  public static final String SIG_DASH = "SIG-";
  public static final String META_INF = "META-INF/";
  public static final String META_INF_MANIFEST_MF = "META-INF/MANIFEST.MF";
  public static final String[] EMPTY_STRING = new String[0];
  public static final String MF_ENTRY_NEWLN_NAME = "\nName: ";
  public static final String MF_ENTRY_NAME = "Name: ";
  public static final String MF_DIGEST_PART = "-Digest: ";
  public static final String digestManifestSearch = "-Digest-Manifest: ";
  public static final int digestManifestSearchLen = "-Digest-Manifest: ".length();
  public static final int[] SIGNEDDATA_OID = { 1, 2, 840, 113549, 1, 7, 2 };
  public static final int[] MD5_OID = { 1, 2, 840, 113549, 2, 5 };
  public static final int[] MD2_OID = { 1, 2, 840, 113549, 2, 2 };
  public static final int[] SHA1_OID = { 1, 3, 14, 3, 2, 26 };
  public static final int[] DSA_OID = { 1, 2, 840, 10040, 4, 1 };
  public static final int[] RSA_OID = { 1, 2, 840, 113549, 1, 1, 1 };
  public static final String TRUST_ENGINE = "osgi.signedcontent.trust.engine";
  public static final Object DEFAULT_TRUST_ENGINE = "org.eclipse.osgi";
  public static final String AUTHORIZATION_ENGINE = "osgi.signedcontent.authorization.engine";
  public static final Object DEFAULT_AUTHORIZATION_ENGINE = "org.eclipse.osgi";
  public static final int[] TIMESTAMP_OID = { 1, 2, 840, 113549, 1, 9, 16, 2, 14 };
  public static final int[] TIMESTAMP_TST_OID = { 1, 2, 840, 113549, 1, 9, 16, 1, 4 };
  public static final int[] SIGNING_TIME = { 1, 2, 840, 113549, 1, 9, 5 };
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentConstants
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.IOException;
import java.util.Map;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;

public class SignedContentFile$SignedContentFileEntry
  implements SignedContentEntry
{
  private final SignedContentEntry entry;
  final SignedContentFile this$0;
  
  public SignedContentFile$SignedContentFileEntry(SignedContentFile paramSignedContentFile, SignedContentEntry entry)
  {
    this.entry = entry;
  }
  
  public String getName()
  {
    return entry.getName();
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return entry.getSignerInfos();
  }
  
  public boolean isSigned()
  {
    return entry.isSigned();
  }
  
  public void verify()
    throws IOException, InvalidContentException
  {
    Map<String, Throwable> exceptions = this$0.getEntryExceptions(false);
    Throwable t = exceptions == null ? null : (Throwable)exceptions.get(entry.getName());
    if (t == null) {
      return;
    }
    if ((t instanceof IOException)) {
      throw ((IOException)t);
    }
    if ((t instanceof InvalidContentException)) {
      throw ((InvalidContentException)t);
    }
    if ((t instanceof Error)) {
      throw ((Error)t);
    }
    if ((t instanceof RuntimeException)) {
      throw ((RuntimeException)t);
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentFile.SignedContentFileEntry
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.IOException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;

public class SignedContentFile
  implements SignedContent
{
  private final SignedContentImpl signedContent;
  private Map<String, Throwable> entryExceptions = null;
  
  public SignedContentFile(SignedContentImpl signedContent)
  {
    try
    {
      content.close();
    }
    catch (IOException localIOException) {}
    this.signedContent = signedContent;
  }
  
  public void checkValidity(SignerInfo signerInfo)
    throws CertificateExpiredException, CertificateNotYetValidException
  {
    signedContent.checkValidity(signerInfo);
  }
  
  public synchronized SignedContentEntry[] getSignedEntries()
  {
    SignedContentEntry[] entries = signedContent.getSignedEntries();
    if (signedContent == null) {
      return null;
    }
    SignedContentEntry[] results = new SignedContentEntry[entries.length];
    Map<String, Throwable> exceptions = getEntryExceptions(true);
    for (int i = 0; i < entries.length; i++)
    {
      try
      {
        entries[i].verify();
      }
      catch (Throwable t)
      {
        exceptions.put(entries[i].getName(), t);
      }
      results[i] = new SignedContentFileEntry(entries[i]);
    }
    try
    {
      signedContent.content.close();
    }
    catch (IOException localIOException) {}
    return results;
  }
  
  public synchronized SignedContentEntry getSignedEntry(String name)
  {
    if (getEntryExceptions(false) == null) {
      getSignedEntries();
    }
    SignedContentEntry entry = signedContent.getSignedEntry(name);
    return entry == null ? null : new SignedContentFileEntry(entry);
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return signedContent.getSignerInfos();
  }
  
  public Date getSigningTime(SignerInfo signerInfo)
  {
    return signedContent.getSigningTime(signerInfo);
  }
  
  public SignerInfo getTSASignerInfo(SignerInfo signerInfo)
  {
    return signedContent.getTSASignerInfo(signerInfo);
  }
  
  public boolean isSigned()
  {
    return signedContent.isSigned();
  }
  
  synchronized Map<String, Throwable> getEntryExceptions(boolean create)
  {
    if ((create) && (entryExceptions == null)) {
      entryExceptions = new HashMap(5);
    }
    return entryExceptions;
  }
  
  public class SignedContentFileEntry
    implements SignedContentEntry
  {
    private final SignedContentEntry entry;
    
    public SignedContentFileEntry(SignedContentEntry entry)
    {
      this.entry = entry;
    }
    
    public String getName()
    {
      return entry.getName();
    }
    
    public SignerInfo[] getSignerInfos()
    {
      return entry.getSignerInfos();
    }
    
    public boolean isSigned()
    {
      return entry.isSigned();
    }
    
    public void verify()
      throws IOException, InvalidContentException
    {
      Map<String, Throwable> exceptions = getEntryExceptions(false);
      Throwable t = exceptions == null ? null : (Throwable)exceptions.get(entry.getName());
      if (t == null) {
        return;
      }
      if ((t instanceof IOException)) {
        throw ((IOException)t);
      }
      if ((t instanceof InvalidContentException)) {
        throw ((InvalidContentException)t);
      }
      if ((t instanceof Error)) {
        throw ((Error)t);
      }
      if ((t instanceof RuntimeException)) {
        throw ((RuntimeException)t);
      }
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentFile
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.File;
import java.io.IOException;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleFile;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.eclipse.osgi.util.NLS;

public class SignedContentImpl$SignedContentEntryImpl
  implements SignedContentEntry
{
  private final String entryName;
  private final SignerInfo[] entrySigners;
  final SignedContentImpl this$0;
  
  public SignedContentImpl$SignedContentEntryImpl(SignedContentImpl paramSignedContentImpl, String entryName, SignerInfo[] entrySigners)
  {
    this.entryName = entryName;
    this.entrySigners = (entrySigners == null ? SignedContentImpl.EMPTY_SIGNERINFO : entrySigners);
  }
  
  public String getName()
  {
    return entryName;
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return entrySigners;
  }
  
  public boolean isSigned()
  {
    return entrySigners.length > 0;
  }
  
  public void verify()
    throws IOException, InvalidContentException
  {
    BundleFile currentContent = this$0.content;
    if (currentContent == null) {
      throw new InvalidContentException("The content was not set", null);
    }
    BundleEntry entry = null;
    SecurityException exception = null;
    try
    {
      entry = currentContent.getEntry(entryName);
    }
    catch (SecurityException e)
    {
      exception = e;
    }
    if (entry == null) {
      throw new InvalidContentException(NLS.bind(SignedContentMessages.file_is_removed_from_jar, entryName, currentContent.getBaseFile().toString()), exception);
    }
    entry.getBytes();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentImpl.SignedContentEntryImpl
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleFile;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.eclipse.osgi.util.NLS;

public class SignedContentImpl
  implements SignedContent
{
  static final SignerInfo[] EMPTY_SIGNERINFO = new SignerInfo[0];
  volatile SignedBundleFile content;
  private final Map<String, Object> contentMDResults;
  private final SignerInfo[] signerInfos;
  private Map<SignerInfo, Object[]> tsaSignerInfos;
  private volatile boolean checkedValid = false;
  
  public SignedContentImpl(SignerInfo[] signerInfos, Map<String, Object> contentMDResults)
  {
    this.signerInfos = (signerInfos == null ? EMPTY_SIGNERINFO : signerInfos);
    this.contentMDResults = contentMDResults;
  }
  
  public SignedContentEntry[] getSignedEntries()
  {
    if (contentMDResults == null) {
      return new SignedContentEntry[0];
    }
    List<SignedContentEntry> results = new ArrayList(contentMDResults.size());
    for (Iterator localIterator = contentMDResults.entrySet().iterator(); localIterator.hasNext();)
    {
      Map.Entry<String, Object> entry = (Map.Entry)localIterator.next();
      String entryName = (String)entry.getKey();
      Object[] mdResult = (Object[])entry.getValue();
      results.add(new SignedContentEntryImpl(entryName, (SignerInfo[])mdResult[0]));
    }
    return (SignedContentEntry[])results.toArray(new SignedContentEntry[results.size()]);
  }
  
  public SignedContentEntry getSignedEntry(String name)
  {
    if (contentMDResults == null) {
      return null;
    }
    Object[] mdResult = (Object[])contentMDResults.get(name);
    return mdResult == null ? null : new SignedContentEntryImpl(name, (SignerInfo[])mdResult[0]);
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return signerInfos;
  }
  
  public Date getSigningTime(SignerInfo signerInfo)
  {
    if (tsaSignerInfos == null) {
      return null;
    }
    Object[] tsaInfo = (Object[])tsaSignerInfos.get(signerInfo);
    return tsaInfo == null ? null : (Date)tsaInfo[1];
  }
  
  public SignerInfo getTSASignerInfo(SignerInfo signerInfo)
  {
    if (tsaSignerInfos == null) {
      return null;
    }
    Object[] tsaInfo = (Object[])tsaSignerInfos.get(signerInfo);
    return tsaInfo == null ? null : (SignerInfo)tsaInfo[0];
  }
  
  public boolean isSigned()
  {
    return signerInfos.length > 0;
  }
  
  public void checkValidity(SignerInfo signer)
    throws CertificateExpiredException, CertificateNotYetValidException
  {
    Date signingTime = getSigningTime(signer);
    if (checkedValid) {
      return;
    }
    Certificate[] certs = signer.getCertificateChain();
    for (int i = 0; i < certs.length; i++) {
      if ((certs[i] instanceof X509Certificate)) {
        if (signingTime == null) {
          ((X509Certificate)certs[i]).checkValidity();
        } else {
          ((X509Certificate)certs[i]).checkValidity(signingTime);
        }
      }
    }
    checkedValid = true;
  }
  
  void setContent(SignedBundleFile content)
  {
    this.content = content;
  }
  
  void setTSASignerInfos(Map<SignerInfo, Object[]> tsaSignerInfos)
  {
    this.tsaSignerInfos = tsaSignerInfos;
  }
  
  void addTSASignerInfo(SignerInfo baseInfo, SignerInfo tsaSignerInfo, Date signingTime)
  {
    if (!containsInfo(baseInfo)) {
      throw new IllegalArgumentException("The baseInfo is not found");
    }
    if (tsaSignerInfos == null) {
      tsaSignerInfos = new HashMap(signerInfos.length);
    }
    tsaSignerInfos.put(baseInfo, new Object[] { tsaSignerInfo, signingTime });
  }
  
  Map<String, Object> getContentMDResults()
  {
    return contentMDResults;
  }
  
  private boolean containsInfo(SignerInfo signerInfo)
  {
    for (int i = 0; i < signerInfos.length; i++) {
      if (signerInfo == signerInfos[i]) {
        return true;
      }
    }
    return false;
  }
  
  InputStream getDigestInputStream(BundleEntry nestedEntry)
    throws IOException
  {
    if (contentMDResults == null) {
      return nestedEntry.getInputStream();
    }
    Object[] mdResult = (Object[])contentMDResults.get(nestedEntry.getName());
    if (mdResult == null) {
      return null;
    }
    return new DigestedInputStream(nestedEntry, content, (SignerInfo[])mdResult[0], (byte[][])mdResult[1], nestedEntry.getSize());
  }
  
  public class SignedContentEntryImpl
    implements SignedContentEntry
  {
    private final String entryName;
    private final SignerInfo[] entrySigners;
    
    public SignedContentEntryImpl(String entryName, SignerInfo[] entrySigners)
    {
      this.entryName = entryName;
      this.entrySigners = (entrySigners == null ? SignedContentImpl.EMPTY_SIGNERINFO : entrySigners);
    }
    
    public String getName()
    {
      return entryName;
    }
    
    public SignerInfo[] getSignerInfos()
    {
      return entrySigners;
    }
    
    public boolean isSigned()
    {
      return entrySigners.length > 0;
    }
    
    public void verify()
      throws IOException, InvalidContentException
    {
      BundleFile currentContent = content;
      if (currentContent == null) {
        throw new InvalidContentException("The content was not set", null);
      }
      BundleEntry entry = null;
      SecurityException exception = null;
      try
      {
        entry = currentContent.getEntry(entryName);
      }
      catch (SecurityException e)
      {
        exception = e;
      }
      if (entry == null) {
        throw new InvalidContentException(NLS.bind(SignedContentMessages.file_is_removed_from_jar, entryName, currentContent.getBaseFile().toString()), exception);
      }
      entry.getBytes();
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentImpl
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import org.eclipse.osgi.util.NLS;

public class SignedContentMessages
  extends NLS
{
  public static String file_is_removed_from_jar;
  public static String File_In_Jar_Is_Tampered;
  public static String Security_File_Is_Tampered;
  public static String Signature_Not_Verify;
  public static String SF_File_Parsing_Error;
  public static String PKCS7_SignerInfo_Version_Not_Supported;
  public static String PKCS7_Invalid_File;
  public static String PKCS7_Parse_Signing_Time;
  public static String Algorithm_Not_Supported;
  public static String Factory_SignedContent_Error;
  public static String Default_Trust_Keystore_Load_Failed;
  public static String Default_Trust_Read_Only;
  public static String Default_Trust_Cert_Not_Found;
  public static String Default_Trust_Existing_Cert;
  public static String Default_Trust_Existing_Alias;
  private static final String BUNDLE_PACKAGE = "org.eclipse.osgi.internal.signedcontent.";
  private static final String BUNDLE_FILENAME = "SignedContentMessages";
  private static final String BUNDLE_NAME = "org.eclipse.osgi.internal.signedcontent.SignedContentMessages";
  
  static
  {
    NLS.initializeMessages("org.eclipse.osgi.internal.signedcontent.SignedContentMessages", SignedContentMessages.class);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentMessages
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Date;
import java.util.Dictionary;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.eclipse.osgi.baseadaptor.BaseAdaptor;
import org.eclipse.osgi.baseadaptor.BaseData;
import org.eclipse.osgi.baseadaptor.hooks.StorageHook;
import org.eclipse.osgi.framework.util.KeyedElement;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.BundleException;

public class SignedStorageHook
  implements StorageHook
{
  public static final String KEY = SignedStorageHook.class.getName();
  public static final int HASHCODE = KEY.hashCode();
  private static final int STORAGE_VERSION = 3;
  private static List<SignerInfo> savedSignerInfo = new ArrayList(5);
  private static long firstIDSaved = -1L;
  private static long lastIDSaved = -1L;
  private static List<SignerInfo> loadedSignerInfo = new ArrayList(5);
  private static long lastIDLoaded;
  private BaseData bundledata;
  SignedContentImpl signedContent;
  
  public int getStorageVersion()
  {
    return 3;
  }
  
  public StorageHook create(BaseData data)
    throws BundleException
  {
    SignedStorageHook hook = new SignedStorageHook();
    bundledata = data;
    return hook;
  }
  
  public void initialize(Dictionary<String, String> manifest)
    throws BundleException
  {}
  
  public StorageHook load(BaseData target, DataInputStream is)
    throws IOException
  {
    if (lastIDLoaded > target.getBundleID()) {
      loadedSignerInfo.clear();
    }
    lastIDLoaded = target.getBundleID();
    SignedStorageHook hook = new SignedStorageHook();
    bundledata = target;
    boolean signed = is.readBoolean();
    if (!signed) {
      return hook;
    }
    int numSigners = is.readInt();
    SignerInfo[] signerInfos = new SignerInfo[numSigners];
    for (int i = 0; i < numSigners; i++) {
      signerInfos[i] = readSignerInfo(is);
    }
    int resultsSize = is.readInt();
    Map<String, Object> contentMDResults = null;
    if (resultsSize > 0)
    {
      contentMDResults = new HashMap(resultsSize);
      for (int i = 0; i < resultsSize; i++)
      {
        String path = is.readUTF();
        int numEntrySigners = is.readInt();
        SignerInfo[] entrySigners = new SignerInfo[numEntrySigners];
        byte[][] entryResults = new byte[numEntrySigners][];
        for (int j = 0; j < numEntrySigners; j++)
        {
          entrySigners[j] = readSignerInfo(is);
          int resultSize = is.readInt();
          entryResults[j] = new byte[resultSize];
          is.readFully(entryResults[j]);
        }
        contentMDResults.put(path, new Object[] { entrySigners, entryResults });
      }
    }
    SignedContentImpl result = new SignedContentImpl(signerInfos, contentMDResults);
    for (int i = 0; i < numSigners; i++)
    {
      boolean hasTSA = is.readBoolean();
      if (hasTSA)
      {
        SignerInfo tsaSigner = readSignerInfo(is);
        Date signingDate = new Date(is.readLong());
        result.addTSASignerInfo(signerInfos[i], tsaSigner, signingDate);
      }
    }
    signedContent = result;
    return hook;
  }
  
  public void save(DataOutputStream os)
    throws IOException
  {
    getFirstLastID();
    if (firstIDSaved == bundledata.getBundleID()) {
      savedSignerInfo.clear();
    }
    if (lastIDSaved == bundledata.getBundleID()) {
      firstIDSaved = lastIDSaved = -1L;
    }
    os.writeBoolean(signedContent != null);
    if (signedContent == null) {
      return;
    }
    SignerInfo[] signerInfos = signedContent.getSignerInfos();
    os.writeInt(signerInfos.length);
    for (int i = 0; i < signerInfos.length; i++) {
      saveSignerInfo(signerInfos[i], os);
    }
    Map<String, Object> contentMDResults = signedContent.getContentMDResults();
    os.writeInt(contentMDResults == null ? -1 : contentMDResults.size());
    if (contentMDResults != null)
    {
      SignerInfo[] entrySigners;
      int i;
      for (Iterator localIterator = contentMDResults.entrySet().iterator(); localIterator.hasNext(); i < entrySigners.length)
      {
        Map.Entry<String, Object> entry = (Map.Entry)localIterator.next();
        String path = (String)entry.getKey();
        os.writeUTF(path);
        Object[] signerResults = (Object[])entry.getValue();
        entrySigners = (SignerInfo[])signerResults[0];
        byte[][] entryResults = (byte[][])signerResults[1];
        os.writeInt(entrySigners.length);
        i = 0; continue;
        saveSignerInfo(entrySigners[i], os);
        os.writeInt(entryResults[i].length);
        os.write(entryResults[i]);i++;
      }
    }
    for (int i = 0; i < signerInfos.length; i++)
    {
      SignerInfo tsaInfo = signedContent.getTSASignerInfo(signerInfos[i]);
      os.writeBoolean(tsaInfo != null);
      if (tsaInfo != null)
      {
        saveSignerInfo(tsaInfo, os);
        Date signingTime = signedContent.getSigningTime(signerInfos[i]);
        os.writeLong(signingTime != null ? signingTime.getTime() : Long.MIN_VALUE);
      }
    }
  }
  
  private void saveSignerInfo(SignerInfo signerInfo, DataOutputStream os)
    throws IOException
  {
    int cacheIdx = savedSignerInfo.indexOf(signerInfo);
    os.writeInt(cacheIdx);
    if (cacheIdx >= 0) {
      return;
    }
    Certificate[] certs = signerInfo.getCertificateChain();
    int anchorIndex = -1;
    os.writeInt(certs == null ? 0 : certs.length);
    if (certs != null) {
      for (int i = 0; i < certs.length; i++)
      {
        if (certs[i].equals(signerInfo.getTrustAnchor())) {
          anchorIndex = i;
        }
        try
        {
          certBytes = certs[i].getEncoded();
        }
        catch (CertificateEncodingException e)
        {
          byte[] certBytes;
          throw ((IOException)new IOException(e.getMessage()).initCause(e));
        }
        byte[] certBytes;
        os.writeInt(certBytes.length);
        os.write(certBytes);
      }
    }
    os.writeInt(anchorIndex);
    os.writeUTF(signerInfo.getMessageDigestAlgorithm());
    savedSignerInfo.add(signerInfo);
  }
  
  private SignerInfo readSignerInfo(DataInputStream is)
    throws IOException
  {
    int index = is.readInt();
    if (index >= 0) {
      return (SignerInfo)loadedSignerInfo.get(index);
    }
    int numCerts = is.readInt();
    Certificate[] certs = new Certificate[numCerts];
    for (int i = 0; i < numCerts; i++)
    {
      int certSize = is.readInt();
      byte[] certBytes = new byte[certSize];
      is.readFully(certBytes);
      try
      {
        certs[i] = PKCS7Processor.certFact.generateCertificate(new ByteArrayInputStream(certBytes));
      }
      catch (CertificateException e)
      {
        throw ((IOException)new IOException(e.getMessage()).initCause(e));
      }
    }
    int anchorIdx = is.readInt();
    SignerInfoImpl result = new SignerInfoImpl(certs, anchorIdx >= 0 ? certs[anchorIdx] : null, is.readUTF());
    loadedSignerInfo.add(result);
    return result;
  }
  
  private void getFirstLastID()
  {
    if (firstIDSaved >= 0L) {
      return;
    }
    Bundle[] bundles = bundledata.getAdaptor().getContext().getBundles();
    if (bundles.length > 1)
    {
      firstIDSaved = bundles[1].getBundleId();
      lastIDSaved = bundles[(bundles.length - 1)].getBundleId();
    }
  }
  
  public void copy(StorageHook storageHook) {}
  
  public void validate()
    throws IllegalArgumentException
  {}
  
  public Dictionary<String, String> getManifest(boolean firstLoad)
    throws BundleException
  {
    return null;
  }
  
  public boolean forgetStatusChange(int status)
  {
    return false;
  }
  
  public boolean forgetStartLevelChange(int startlevel)
  {
    return false;
  }
  
  public int getKeyHashCode()
  {
    return HASHCODE;
  }
  
  public boolean compare(KeyedElement other)
  {
    return other.getKey() == KEY;
  }
  
  public Object getKey()
  {
    return KEY;
  }
  
  public SignedContent getSignedContent()
  {
    return signedContent;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedStorageHook
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.security.cert.Certificate;
import org.eclipse.osgi.signedcontent.SignerInfo;

public class SignerInfoImpl
  implements SignerInfo
{
  private final Certificate[] chain;
  private final String mdAlgorithm;
  private volatile Certificate trustAnchor;
  
  public SignerInfoImpl(Certificate[] chain, Certificate trustAnchor, String mdAlgorithm)
  {
    this.chain = chain;
    this.trustAnchor = trustAnchor;
    this.mdAlgorithm = mdAlgorithm;
  }
  
  public Certificate[] getCertificateChain()
  {
    return chain;
  }
  
  public Certificate getTrustAnchor()
  {
    return trustAnchor;
  }
  
  public boolean isTrusted()
  {
    return trustAnchor != null;
  }
  
  void setTrustAnchor(Certificate trustAnchor)
  {
    this.trustAnchor = trustAnchor;
  }
  
  public String getMessageDigestAlgorithm()
  {
    return mdAlgorithm;
  }
  
  public int hashCode()
  {
    int result = mdAlgorithm.hashCode();
    for (int i = 0; i < chain.length; i++) {
      result += chain[i].hashCode();
    }
    return result;
  }
  
  public boolean equals(Object obj)
  {
    if (!(obj instanceof SignerInfo)) {
      return false;
    }
    if (obj == this) {
      return true;
    }
    SignerInfo other = (SignerInfo)obj;
    if (!mdAlgorithm.equals(other.getMessageDigestAlgorithm())) {
      return false;
    }
    Certificate[] otherCerts = other.getCertificateChain();
    if (otherCerts.length != chain.length) {
      return false;
    }
    for (int i = 0; i < chain.length; i++) {
      if (!chain[i].equals(otherCerts[i])) {
        return false;
      }
    }
    return trustAnchor == null ? false : other.getTrustAnchor() == null ? true : trustAnchor.equals(other.getTrustAnchor());
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignerInfoImpl
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.security.cert.Certificate;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.eclipse.osgi.baseadaptor.BaseData;
import org.eclipse.osgi.framework.internal.core.AbstractBundle;
import org.eclipse.osgi.framework.internal.core.FilterImpl;
import org.eclipse.osgi.framework.internal.core.FrameworkProperties;
import org.eclipse.osgi.internal.provisional.service.security.AuthorizationEngine;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Filter;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.util.tracker.ServiceTracker;

public class TrustEngineListener
{
  private static volatile TrustEngineListener instance;
  private final BundleContext context;
  private final ServiceTracker<AuthorizationEngine, AuthorizationEngine> authorizationTracker;
  static Class class$1;
  
  TrustEngineListener(BundleContext context)
  {
    this.context = context;
    
    String authEngineProp = FrameworkProperties.getProperty("osgi.signedcontent.authorization.engine");
    Filter filter = null;
    if (authEngineProp != null) {
      try
      {
        filter = FilterImpl.newInstance("(&(objectClass=" + AuthorizationEngine.class.getName() + ")(" + "osgi.signedcontent.authorization.engine" + "=" + authEngineProp + "))");
      }
      catch (InvalidSyntaxException e)
      {
        SignedBundleHook.log("Invalid authorization filter", 2, e);
      }
    }
    if (filter != null) {
      authorizationTracker = new ServiceTracker(context, filter, null);
    } else {
      authorizationTracker = new ServiceTracker(context, AuthorizationEngine.class.getName(), null);
    }
    authorizationTracker.open();
    instance = this;
  }
  
  public static TrustEngineListener getInstance()
  {
    return instance;
  }
  
  void stopTrustEngineListener()
  {
    authorizationTracker.close();
    instance = null;
  }
  
  public void addedTrustAnchor(Certificate anchor)
  {
    Bundle[] bundles = context.getBundles();
    Set<Bundle> unresolved = new HashSet();
    for (int i = 0; i < bundles.length; i++)
    {
      SignedContentImpl signedContent = getSignedContent(bundles[i]);
      if ((signedContent != null) && (signedContent.isSigned()))
      {
        SignerInfo[] infos = signedContent.getSignerInfos();
        for (int j = 0; j < infos.length; j++)
        {
          if (infos[j].getTrustAnchor() == null) {
            unresolved.add(bundles[i]);
          }
          SignerInfo tsa = signedContent.getTSASignerInfo(infos[j]);
          if ((tsa != null) && (tsa.getTrustAnchor() == null)) {
            unresolved.add(bundles[i]);
          }
        }
      }
      if (unresolved.contains(bundles[i]))
      {
        SignedBundleFile.determineTrust(signedContent, 2);
        
        checkAuthorization(signedContent, bundles[i]);
      }
    }
    if (unresolved.size() > 0) {
      resolveBundles((Bundle[])unresolved.toArray(new Bundle[unresolved.size()]), false);
    }
  }
  
  private void checkAuthorization(SignedContentImpl signedContent, Bundle bundle)
  {
    AuthorizationEngine authEngine = getAuthorizationEngine();
    if (authEngine != null) {
      authEngine.authorize(signedContent, bundle);
    }
  }
  
  AuthorizationEngine getAuthorizationEngine()
  {
    return (AuthorizationEngine)authorizationTracker.getService();
  }
  
  /* Error */
  private void resolveBundles(Bundle[] bundles, boolean refresh)
  {
    // Byte code:
    //   0: aload_0
    //   1: getfield 261	org/eclipse/osgi/internal/signedcontent/TrustEngineListener:context	Lorg/osgi/framework/BundleContext;
    //   4: getstatic 259	org/eclipse/osgi/internal/signedcontent/TrustEngineListener:class$1	Ljava/lang/Class;
    //   7: dup
    //   8: ifnonnull +28 -> 36
    //   11: pop
    //   12: ldc 7
    //   14: invokestatic 264	java/lang/Class:forName	(Ljava/lang/String;)Ljava/lang/Class;
    //   17: dup
    //   18: putstatic 259	org/eclipse/osgi/internal/signedcontent/TrustEngineListener:class$1	Ljava/lang/Class;
    //   21: goto +15 -> 36
    //   24: new 125	java/lang/NoClassDefFoundError
    //   27: dup_x1
    //   28: swap
    //   29: invokevirtual 270	java/lang/Throwable:getMessage	()Ljava/lang/String;
    //   32: invokespecial 265	java/lang/NoClassDefFoundError:<init>	(Ljava/lang/String;)V
    //   35: athrow
    //   36: invokevirtual 263	java/lang/Class:getName	()Ljava/lang/String;
    //   39: invokeinterface 305 2 0
    //   44: astore_3
    //   45: aload_3
    //   46: ifnonnull +4 -> 50
    //   49: return
    //   50: aload_0
    //   51: getfield 261	org/eclipse/osgi/internal/signedcontent/TrustEngineListener:context	Lorg/osgi/framework/BundleContext;
    //   54: aload_3
    //   55: invokeinterface 304 2 0
    //   60: checkcast 148	org/osgi/service/packageadmin/PackageAdmin
    //   63: astore 4
    //   65: aload 4
    //   67: ifnonnull +4 -> 71
    //   70: return
    //   71: iload_2
    //   72: ifeq +14 -> 86
    //   75: aload 4
    //   77: aload_1
    //   78: invokeinterface 306 2 0
    //   83: goto +31 -> 114
    //   86: aload 4
    //   88: aload_1
    //   89: invokeinterface 307 2 0
    //   94: pop
    //   95: goto +19 -> 114
    //   98: astore 5
    //   100: aload_0
    //   101: getfield 261	org/eclipse/osgi/internal/signedcontent/TrustEngineListener:context	Lorg/osgi/framework/BundleContext;
    //   104: aload_3
    //   105: invokeinterface 303 2 0
    //   110: pop
    //   111: aload 5
    //   113: athrow
    //   114: aload_0
    //   115: getfield 261	org/eclipse/osgi/internal/signedcontent/TrustEngineListener:context	Lorg/osgi/framework/BundleContext;
    //   118: aload_3
    //   119: invokeinterface 303 2 0
    //   124: pop
    //   125: return
    // Line number table:
    //   Java source line #100	-> byte code offset #0
    //   Java source line #101	-> byte code offset #45
    //   Java source line #102	-> byte code offset #49
    //   Java source line #103	-> byte code offset #50
    //   Java source line #104	-> byte code offset #65
    //   Java source line #105	-> byte code offset #70
    //   Java source line #107	-> byte code offset #71
    //   Java source line #108	-> byte code offset #75
    //   Java source line #110	-> byte code offset #86
    //   Java source line #111	-> byte code offset #98
    //   Java source line #112	-> byte code offset #100
    //   Java source line #113	-> byte code offset #111
    //   Java source line #112	-> byte code offset #114
    //   Java source line #114	-> byte code offset #125
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	126	0	this	TrustEngineListener
    //   0	126	1	bundles	Bundle[]
    //   0	126	2	refresh	boolean
    //   44	75	3	ref	org.osgi.framework.ServiceReference<?>
    //   63	24	4	pa	org.osgi.service.packageadmin.PackageAdmin
    //   98	14	5	localObject	Object
    //   24	1	6	localClassNotFoundException	ClassNotFoundException
    // Exception table:
    //   from	to	target	type
    //   12	17	24	java/lang/ClassNotFoundException
    //   71	98	98	finally
  }
  
  public void removedTrustAnchor(Certificate anchor)
  {
    Bundle[] bundles = context.getBundles();
    Set<Bundle> usingAnchor = new HashSet();
    Set<SignerInfo> untrustedSigners = new HashSet();
    for (int i = 0; i < bundles.length; i++)
    {
      SignedContentImpl signedContent = getSignedContent(bundles[i]);
      if ((signedContent != null) && (signedContent.isSigned()))
      {
        SignerInfo[] infos = signedContent.getSignerInfos();
        for (int j = 0; j < infos.length; j++)
        {
          if (anchor.equals(infos[j].getTrustAnchor()))
          {
            untrustedSigners.add(infos[j]);
            usingAnchor.add(bundles[i]);
          }
          SignerInfo tsa = signedContent.getTSASignerInfo(infos[j]);
          if ((tsa != null) && (anchor.equals(tsa.getTrustAnchor())))
          {
            usingAnchor.add(bundles[i]);
            untrustedSigners.add(tsa);
          }
        }
      }
    }
    for (Iterator<SignerInfo> untrusted = untrustedSigners.iterator(); untrusted.hasNext();) {
      ((SignerInfoImpl)untrusted.next()).setTrustAnchor(null);
    }
    for (Iterator<Bundle> untrustedBundles = usingAnchor.iterator(); untrustedBundles.hasNext();)
    {
      Bundle bundle = (Bundle)untrustedBundles.next();
      SignedContentImpl signedContent = getSignedContent(bundle);
      
      SignedBundleFile.determineTrust(signedContent, 2);
      
      checkAuthorization(signedContent, bundle);
    }
    if (usingAnchor.size() > 0) {
      resolveBundles((Bundle[])usingAnchor.toArray(new Bundle[usingAnchor.size()]), true);
    }
  }
  
  private SignedContentImpl getSignedContent(Bundle bundle)
  {
    BaseData data = (BaseData)((AbstractBundle)bundle).getBundleData();
    SignedStorageHook hook = (SignedStorageHook)data.getStorageHook(SignedStorageHook.KEY);
    if (hook == null) {
      return null;
    }
    return (SignedContentImpl)hook.getSignedContent();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.TrustEngineListener
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.launch;

import java.security.PrivilegedAction;
import org.osgi.framework.launch.Framework;

class Equinox$1
  implements PrivilegedAction<Framework>
{
  final Equinox this$0;
  
  Equinox$1(Equinox paramEquinox) {}
  
  public Framework run()
  {
    return this$0.createImpl0();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.launch.Equinox.1
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.launch;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLClassLoader;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.PrivilegedAction;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Dictionary;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.eclipse.osgi.framework.internal.core.FrameworkProperties;
import org.eclipse.osgi.internal.baseadaptor.DevClassPathHelper;
import org.eclipse.osgi.util.ManifestElement;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.BundleException;
import org.osgi.framework.FrameworkEvent;
import org.osgi.framework.ServiceReference;
import org.osgi.framework.Version;
import org.osgi.framework.launch.Framework;

public class Equinox
  implements Framework
{
  private static final String implName = "org.eclipse.osgi.framework.internal.core.EquinoxLauncher";
  private Framework impl;
  private final boolean useSeparateCL;
  private final Map<String, Object> configuration;
  
  public Equinox(Map<String, ?> configuration)
  {
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
      sm.checkPermission(new AllPermission());
    }
    useSeparateCL = FrameworkProperties.inUse();
    
    Map<String, Object> empty = Collections.EMPTY_MAP;
    this.configuration = (configuration == null ? empty : new HashMap(configuration));
  }
  
  private Framework createImpl()
  {
    if (System.getSecurityManager() == null) {
      return createImpl0();
    }
    (Framework)AccessController.doPrivileged(new PrivilegedAction()
    {
      public Framework run()
      {
        return createImpl0();
      }
    });
  }
  
  Framework 
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84

Further reading...

For more information on Java 1.5 Tiger, you may find Java 1.5 Tiger, A developer's Notebook by D. Flanagan and B. McLaughlin from O'Reilly of interest.

New!JAR listings


Copyright 2006-2017. Infinite Loop Ltd