org.eclipse.osgi_3.8.2.v20130124-134944

nedContent = signedContent;
    this.supportFlags = supportFlags;
  }
  
  void setBundleFile(BundleFile bundleFile)
    throws IOException, InvalidKeyException, SignatureException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException
  {
    wrappedBundleFile = bundleFile;
    if (signedContent == null)
    {
      SignatureBlockProcessor signatureProcessor = new SignatureBlockProcessor(this, supportFlags);
      signedContent = signatureProcessor.process();
      if (signedContent != null) {
        determineTrust(signedContent, supportFlags);
      }
    }
  }
  
  static void determineTrust(SignedContentImpl trustedContent, int supportFlags)
  {
    TrustEngine[] engines = null;
    SignerInfo[] signers = trustedContent.getSignerInfos();
    for (int i = 0; i < signers.length; i++) {
      if (signers[i].getTrustAnchor() == null)
      {
        if (engines == null) {
          engines = SignedBundleHook.getTrustEngines();
        }
        Certificate[] signerCerts = signers[i].getCertificateChain();
        ((SignerInfoImpl)signers[i]).setTrustAnchor(findTrustAnchor(signerCerts, engines, supportFlags));
        
        SignerInfo tsaSignerInfo = trustedContent.getTSASignerInfo(signers[i]);
        if (tsaSignerInfo != null)
        {
          Certificate[] tsaCerts = tsaSignerInfo.getCertificateChain();
          ((SignerInfoImpl)tsaSignerInfo).setTrustAnchor(findTrustAnchor(tsaCerts, engines, supportFlags));
        }
      }
    }
  }
  
  private static Certificate findTrustAnchor(Certificate[] certs, TrustEngine[] engines, int supportFlags)
  {
    if ((supportFlags & 0x2) == 0) {
      return (certs != null) && (certs.length > 0) ? certs[(certs.length - 1)] : null;
    }
    for (int i = 0; i < engines.length; i++) {
      try
      {
        Certificate anchor = engines[i].findTrustAnchor(certs);
        if (anchor != null) {
          return anchor;
        }
      }
      catch (IOException e)
      {
        SignedBundleHook.log("TrustEngine failure: " + engines[i].getName(), 2, e);
      }
    }
    return null;
  }
  
  public File getFile(String path, boolean nativeCode)
  {
    return wrappedBundleFile.getFile(path, nativeCode);
  }
  
  public BundleEntry getEntry(String path)
  {
    if ((path.length() > 0) && (path.charAt(0) == '/')) {
      path = path.substring(1);
    }
    BundleEntry be = wrappedBundleFile.getEntry(path);
    if (((supportFlags & 0x4) == 0) || (signedContent == null)) {
      return be;
    }
    if (path.startsWith("META-INF/"))
    {
      int lastSlash = path.lastIndexOf('/');
      if (lastSlash == "META-INF/".length() - 1)
      {
        if ((path.equals("META-INF/MANIFEST.MF")) || (path.endsWith(".DSA")) || (path.endsWith(".RSA")) || (path.endsWith(".SF")) || (path.indexOf("SIG-") == "META-INF/".length())) {
          return be;
        }
        SignedContentEntry signedEntry = signedContent.getSignedEntry(path);
        if (signedEntry == null) {
          return be;
        }
      }
    }
    if (be == null)
    {
      SignedContentEntry signedEntry = signedContent.getSignedEntry(path);
      if (signedEntry != null) {
        throw new SecurityException(NLS.bind(SignedContentMessages.file_is_removed_from_jar, path, getBaseFile().toString()));
      }
      return null;
    }
    return new SignedBundleEntry(be);
  }
  
  public Enumeration<String> getEntryPaths(String path)
  {
    return wrappedBundleFile.getEntryPaths(path);
  }
  
  public void close()
    throws IOException
  {
    wrappedBundleFile.close();
  }
  
  public void open()
    throws IOException
  {
    wrappedBundleFile.open();
  }
  
  public boolean containsDir(String dir)
  {
    return wrappedBundleFile.containsDir(dir);
  }
  
  public File getBaseFile()
  {
    return wrappedBundleFile.getBaseFile();
  }
  
  class SignedBundleEntry
    extends BundleEntry
  {
    BundleEntry nestedEntry;
    
    SignedBundleEntry(BundleEntry nestedEntry)
    {
      this.nestedEntry = nestedEntry;
    }
    
    public InputStream getInputStream()
      throws IOException
    {
      InputStream in = signedContent.getDigestInputStream(nestedEntry);
      if (in == null) {
        throw new SecurityException("Corrupted file: the digest does not exist for the file " + nestedEntry.getName());
      }
      return in;
    }
    
    public long getSize()
    {
      return nestedEntry.getSize();
    }
    
    public String getName()
    {
      return nestedEntry.getName();
    }
    
    public long getTime()
    {
      return nestedEntry.getTime();
    }
    
    public URL getLocalURL()
    {
      return nestedEntry.getLocalURL();
    }
    
    public URL getFileURL()
    {
      return nestedEntry.getFileURL();
    }
  }
  
  BundleFile getWrappedBundleFile()
  {
    return wrappedBundleFile;
  }
  
  SignedContentImpl getSignedContent()
  {
    return signedContent;
  }
  
  public SignedContentEntry[] getSignedEntries()
  {
    return signedContent == null ? null : signedContent.getSignedEntries();
  }
  
  public SignedContentEntry getSignedEntry(String name)
  {
    return signedContent == null ? null : signedContent.getSignedEntry(name);
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return signedContent == null ? null : signedContent.getSignerInfos();
  }
  
  public Date getSigningTime(SignerInfo signerInfo)
  {
    return signedContent == null ? null : signedContent.getSigningTime(signerInfo);
  }
  
  public SignerInfo getTSASignerInfo(SignerInfo signerInfo)
  {
    return signedContent == null ? null : signedContent.getTSASignerInfo(signerInfo);
  }
  
  public boolean isSigned()
  {
    return signedContent == null ? false : signedContent.isSigned();
  }
  
  public void checkValidity(SignerInfo signerInfo)
    throws CertificateExpiredException, CertificateNotYetValidException
  {
    if (signedContent != null) {
      signedContent.checkValidity(signerInfo);
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedBundleFile
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.security.PrivilegedExceptionAction;
import org.eclipse.osgi.baseadaptor.BaseData;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleFile;
import org.eclipse.osgi.framework.adaptor.BundleData;
import org.eclipse.osgi.signedcontent.SignedContent;

class SignedBundleHook$1
  implements PrivilegedExceptionAction<SignedContent>
{
  final SignedBundleHook this$0;
  
  SignedBundleHook$1(SignedBundleHook paramSignedBundleHook, BundleData paramBundleData) {}
  
  public SignedContent run()
    throws Exception
  {
    return this$0.getSignedContent(((BaseData)val$data).getBundleFile().getBaseFile());
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedBundleHook.1
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Dictionary;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.StringTokenizer;
import org.eclipse.osgi.baseadaptor.BaseAdaptor;
import org.eclipse.osgi.baseadaptor.BaseData;
import org.eclipse.osgi.baseadaptor.HookConfigurator;
import org.eclipse.osgi.baseadaptor.HookRegistry;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleFile;
import org.eclipse.osgi.baseadaptor.bundlefile.DirBundleFile;
import org.eclipse.osgi.baseadaptor.bundlefile.ZipBundleFile;
import org.eclipse.osgi.baseadaptor.hooks.AdaptorHook;
import org.eclipse.osgi.baseadaptor.hooks.BundleFileWrapperFactoryHook;
import org.eclipse.osgi.framework.adaptor.BundleData;
import org.eclipse.osgi.framework.internal.core.AbstractBundle;
import org.eclipse.osgi.framework.internal.core.FilterImpl;
import org.eclipse.osgi.framework.internal.core.FrameworkProperties;
import org.eclipse.osgi.framework.log.FrameworkLog;
import org.eclipse.osgi.framework.log.FrameworkLogEntry;
import org.eclipse.osgi.internal.provisional.service.security.AuthorizationEngine;
import org.eclipse.osgi.internal.provisional.verifier.CertificateVerifierFactory;
import org.eclipse.osgi.internal.service.security.DefaultAuthorizationEngine;
import org.eclipse.osgi.internal.service.security.KeyStoreTrustEngine;
import org.eclipse.osgi.service.security.TrustEngine;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentFactory;
import org.eclipse.osgi.util.ManifestElement;
import org.eclipse.osgi.util.NLS;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.BundleException;
import org.osgi.framework.Filter;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.framework.ServiceRegistration;
import org.osgi.util.tracker.ServiceTracker;

public class SignedBundleHook
  implements AdaptorHook, BundleFileWrapperFactoryHook, HookConfigurator, SignedContentFactory
{
  static final int VERIFY_CERTIFICATE = 1;
  static final int VERIFY_TRUST = 2;
  static final int VERIFY_RUNTIME = 4;
  static final int VERIFY_AUTHORITY = 8;
  static final int VERIFY_ALL = 15;
  private static String SUPPORT_CERTIFICATE = "certificate";
  private static String SUPPORT_TRUST = "trust";
  private static String SUPPORT_RUNTIME = "runtime";
  private static String SUPPORT_AUTHORITY = "authority";
  private static String SUPPORT_ALL = "all";
  private static String SUPPORT_TRUE = "true";
  private static String CACERTS_PATH = System.getProperty("java.home") + File.separatorChar + "lib" + File.separatorChar + "security" + File.separatorChar + "cacerts";
  private static String CACERTS_TYPE = "JKS";
  private static ServiceTracker<TrustEngine, TrustEngine> trustEngineTracker;
  private static BaseAdaptor ADAPTOR;
  private static String SIGNED_BUNDLE_SUPPORT = "osgi.support.signature.verify";
  private static String SIGNED_CONTENT_SUPPORT = "osgi.signedcontent.support";
  private static String OSGI_KEYSTORE = "osgi.framework.keystore";
  private static int supportSignedBundles;
  private TrustEngineListener trustEngineListener;
  private BundleInstallListener installListener;
  private ServiceRegistration<?> signedContentFactoryReg;
  private ServiceRegistration<?> systemTrustEngineReg;
  private ServiceRegistration<?> defaultAuthEngineReg;
  private List<ServiceRegistration<?>> osgiTrustEngineReg;
  private ServiceRegistration<?> legacyFactoryReg;
  
  public void initialize(BaseAdaptor adaptor)
  {
    ADAPTOR = adaptor;
  }
  
  public void frameworkStart(BundleContext context)
    throws BundleException
  {
    if ((supportSignedBundles & 0x8) != 0)
    {
      installListener = new BundleInstallListener();
      context.addBundleListener(installListener);
      
      Dictionary<String, Object> properties = new Hashtable(7);
      properties.put("service.ranking", new Integer(Integer.MIN_VALUE));
      properties.put("osgi.signedcontent.authorization.engine", SignedContentConstants.DEFAULT_AUTHORIZATION_ENGINE);
      defaultAuthEngineReg = context.registerService(AuthorizationEngine.class.getName(), new DefaultAuthorizationEngine(context, ADAPTOR.getState()), properties);
    }
    Dictionary<String, Object> trustEngineProps = new Hashtable(7);
    trustEngineProps.put("service.ranking", new Integer(Integer.MIN_VALUE));
    trustEngineProps.put("osgi.signedcontent.trust.engine", SignedContentConstants.DEFAULT_TRUST_ENGINE);
    KeyStoreTrustEngine systemTrustEngine = new KeyStoreTrustEngine(CACERTS_PATH, CACERTS_TYPE, null, "System");
    systemTrustEngineReg = context.registerService(TrustEngine.class.getName(), systemTrustEngine, trustEngineProps);
    String osgiTrustPath = context.getProperty(OSGI_KEYSTORE);
    if (osgiTrustPath != null)
    {
      try
      {
        URL url = new URL(osgiTrustPath);
        if (!"file".equals(url.getProtocol())) {
          break label538;
        }
        trustEngineProps.put("osgi.signedcontent.trust.engine", OSGI_KEYSTORE);
        String path = url.getPath();
        osgiTrustEngineReg = new ArrayList(1);
        osgiTrustEngineReg.add(context.registerService(TrustEngine.class.getName(), new KeyStoreTrustEngine(path, CACERTS_TYPE, null, OSGI_KEYSTORE), trustEngineProps));
      }
      catch (MalformedURLException e)
      {
        log("Invalid setting for " + OSGI_KEYSTORE, 2, e);
      }
    }
    else
    {
      String osgiTrustRepoPaths = context.getProperty("org.osgi.framework.trust.repositories");
      if (osgiTrustRepoPaths != null)
      {
        trustEngineProps.put("osgi.signedcontent.trust.engine", "org.osgi.framework.trust.repositories");
        StringTokenizer st = new StringTokenizer(osgiTrustRepoPaths, File.pathSeparator);
        osgiTrustEngineReg = new ArrayList(1);
        while (st.hasMoreTokens())
        {
          String trustRepoPath = st.nextToken();
          osgiTrustEngineReg.add(context.registerService(TrustEngine.class.getName(), new KeyStoreTrustEngine(trustRepoPath, CACERTS_TYPE, null, OSGI_KEYSTORE), trustEngineProps));
        }
      }
    }
    label538:
    if ((supportSignedBundles & 0x2) != 0) {
      trustEngineListener = new TrustEngineListener(context);
    }
    signedContentFactoryReg = context.registerService(SignedContentFactory.class.getName(), this, null);
    legacyFactoryReg = context.registerService(CertificateVerifierFactory.class.getName(), new LegacyVerifierFactory(this), null);
  }
  
  public void frameworkStop(BundleContext context)
    throws BundleException
  {
    if (legacyFactoryReg != null)
    {
      legacyFactoryReg.unregister();
      legacyFactoryReg = null;
    }
    if (signedContentFactoryReg != null)
    {
      signedContentFactoryReg.unregister();
      signedContentFactoryReg = null;
    }
    if (systemTrustEngineReg != null)
    {
      systemTrustEngineReg.unregister();
      systemTrustEngineReg = null;
    }
    if (osgiTrustEngineReg != null)
    {
      for (Iterator<ServiceRegistration<?>> it = osgiTrustEngineReg.iterator(); it.hasNext();) {
        ((ServiceRegistration)it.next()).unregister();
      }
      osgiTrustEngineReg = null;
    }
    if (defaultAuthEngineReg != null)
    {
      defaultAuthEngineReg.unregister();
      defaultAuthEngineReg = null;
    }
    if (trustEngineListener != null)
    {
      trustEngineListener.stopTrustEngineListener();
      trustEngineListener = null;
    }
    if (installListener != null)
    {
      context.removeBundleListener(installListener);
      installListener = null;
    }
    if (trustEngineTracker != null)
    {
      trustEngineTracker.close();
      trustEngineTracker = null;
    }
  }
  
  public void frameworkStopping(BundleContext context) {}
  
  public void addProperties(Properties properties) {}
  
  public URLConnection mapLocationToURLConnection(String location)
    throws IOException
  {
    return null;
  }
  
  public void handleRuntimeError(Throwable error) {}
  
  public FrameworkLog createFrameworkLog()
  {
    return null;
  }
  
  public BundleFile wrapBundleFile(BundleFile bundleFile, Object content, BaseData data, boolean base)
  {
    try
    {
      if (bundleFile != null)
      {
        SignedStorageHook hook = (SignedStorageHook)data.getStorageHook(SignedStorageHook.KEY);
        SignedBundleFile signedBaseFile;
        if ((base) && (hook != null))
        {
          SignedBundleFile signedBaseFile = new SignedBundleFile(signedContent, supportSignedBundles);
          if (signedContent == null)
          {
            signedBaseFile.setBundleFile(bundleFile);
            SignedContentImpl signedContent = signedBaseFile.getSignedContent();
            signedContent = ((signedContent != null) && (signedContent.isSigned()) ? signedContent : null);
          }
        }
        else
        {
          signedBaseFile = new SignedBundleFile(null, supportSignedBundles);
        }
        signedBaseFile.setBundleFile(bundleFile);
        SignedContentImpl signedContent = signedBaseFile.getSignedContent();
        if ((signedContent != null) && (signedContent.isSigned()))
        {
          signedContent.setContent(signedBaseFile);
          bundleFile = signedBaseFile;
        }
      }
    }
    catch (IOException e)
    {
      log("Bad bundle file: " + bundleFile.getBaseFile(), 2, e);
    }
    catch (GeneralSecurityException e)
    {
      log("Bad bundle file: " + bundleFile.getBaseFile(), 2, e);
    }
    return bundleFile;
  }
  
  public void addHooks(HookRegistry hookRegistry)
  {
    hookRegistry.addAdaptorHook(this);
    String[] support = ManifestElement.getArrayFromList(FrameworkProperties.getProperty(SIGNED_CONTENT_SUPPORT, FrameworkProperties.getProperty(SIGNED_BUNDLE_SUPPORT)), ",");
    for (int i = 0; i < support.length; i++) {
      if (SUPPORT_CERTIFICATE.equals(support[i])) {
        supportSignedBundles |= 0x1;
      } else if (SUPPORT_TRUST.equals(support[i])) {
        supportSignedBundles |= 0x3;
      } else if (SUPPORT_RUNTIME.equals(support[i])) {
        supportSignedBundles |= 0x5;
      } else if (SUPPORT_AUTHORITY.equals(support[i])) {
        supportSignedBundles |= 0xB;
      } else if ((SUPPORT_TRUE.equals(support[i])) || (SUPPORT_ALL.equals(support[i]))) {
        supportSignedBundles |= 0xF;
      }
    }
    if ((supportSignedBundles & 0x1) != 0)
    {
      hookRegistry.addStorageHook(new SignedStorageHook());
      hookRegistry.addBundleFileWrapperFactoryHook(this);
    }
  }
  
  public SignedContent getSignedContent(File content)
    throws IOException, InvalidKeyException, SignatureException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException
  {
    if (content == null) {
      throw new IllegalArgumentException("null content");
    }
    BundleFile contentBundleFile;
    BundleFile contentBundleFile;
    if (content.isDirectory()) {
      contentBundleFile = new DirBundleFile(content);
    } else {
      contentBundleFile = new ZipBundleFile(content, null);
    }
    SignedBundleFile result = new SignedBundleFile(null, 15);
    try
    {
      result.setBundleFile(contentBundleFile);
    }
    catch (InvalidKeyException e)
    {
      throw ((InvalidKeyException)new InvalidKeyException(NLS.bind(SignedContentMessages.Factory_SignedContent_Error, content)).initCause(e));
    }
    catch (SignatureException e)
    {
      throw ((SignatureException)new SignatureException(NLS.bind(SignedContentMessages.Factory_SignedContent_Error, content)).initCause(e));
    }
    catch (CertificateException e)
    {
      throw ((CertificateException)new CertificateException(NLS.bind(SignedContentMessages.Factory_SignedContent_Error, content)).initCause(e));
    }
    catch (NoSuchAlgorithmException e)
    {
      throw ((NoSuchAlgorithmException)new NoSuchAlgorithmException(NLS.bind(SignedContentMessages.Factory_SignedContent_Error, content)).initCause(e));
    }
    catch (NoSuchProviderException e)
    {
      throw ((NoSuchProviderException)new NoSuchProviderException(NLS.bind(SignedContentMessages.Factory_SignedContent_Error, content)).initCause(e));
    }
    return new SignedContentFile(result.getSignedContent());
  }
  
  public SignedContent getSignedContent(Bundle bundle)
    throws IOException, InvalidKeyException, SignatureException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, IllegalArgumentException
  {
    final BundleData data = ((AbstractBundle)bundle).getBundleData();
    if (!(data instanceof BaseData)) {
      throw new IllegalArgumentException("Invalid bundle object.  No BaseData found.");
    }
    SignedStorageHook hook = (SignedStorageHook)((BaseData)data).getStorageHook(SignedStorageHook.KEY);
    SignedContent result = hook != null ? signedContent : null;
    if (result != null) {
      return result;
    }
    if (System.getSecurityManager() == null) {
      return getSignedContent(((BaseData)data).getBundleFile().getBaseFile());
    }
    try
    {
      (SignedContent)AccessController.doPrivileged(new PrivilegedExceptionAction()
      {
        public SignedContent run()
          throws Exception
        {
          return getSignedContent(((BaseData)data).getBundleFile().getBaseFile());
        }
      });
    }
    catch (PrivilegedActionException e)
    {
      if ((e.getException() instanceof IOException)) {
        throw ((IOException)e.getException());
      }
      if ((e.getException() instanceof InvalidKeyException)) {
        throw ((InvalidKeyException)e.getException());
      }
      if ((e.getException() instanceof SignatureException)) {
        throw ((SignatureException)e.getException());
      }
      if ((e.getException() instanceof CertificateException)) {
        throw ((CertificateException)e.getException());
      }
      if ((e.getException() instanceof NoSuchAlgorithmException)) {
        throw ((NoSuchAlgorithmException)e.getException());
      }
      if ((e.getException() instanceof NoSuchProviderException)) {
        throw ((NoSuchProviderException)e.getException());
      }
      throw new RuntimeException("Unknown error.", e.getException());
    }
  }
  
  public static void log(String msg, int severity, Throwable t)
  {
    if (ADAPTOR == null)
    {
      System.err.println(msg);
      t.printStackTrace();
      return;
    }
    FrameworkLogEntry entry = new FrameworkLogEntry("org.eclipse.osgi", severity, 0, msg, 0, t, null);
    ADAPTOR.getFrameworkLog().log(entry);
  }
  
  static BundleContext getContext()
  {
    if (ADAPTOR == null) {
      return null;
    }
    return ADAPTOR.getContext();
  }
  
  static TrustEngine[] getTrustEngines()
  {
    BundleContext context = getContext();
    if (context == null) {
      return new TrustEngine[0];
    }
    if (trustEngineTracker == null)
    {
      String trustEngineProp = FrameworkProperties.getProperty("osgi.signedcontent.trust.engine");
      Filter filter = null;
      if (trustEngineProp != null) {
        try
        {
          filter = FilterImpl.newInstance("(&(objectClass=" + TrustEngine.class.getName() + ")(" + "osgi.signedcontent.trust.engine" + "=" + trustEngineProp + "))");
        }
        catch (InvalidSyntaxException e)
        {
          log("Invalid trust engine filter", 2, e);
        }
      }
      if (filter != null) {
        trustEngineTracker = new ServiceTracker(context, filter, null);
      } else {
        trustEngineTracker = new ServiceTracker(context, TrustEngine.class.getName(), null);
      }
      trustEngineTracker.open();
    }
    Object[] services = trustEngineTracker.getServices();
    if (services != null)
    {
      TrustEngine[] engines = new TrustEngine[services.length];
      System.arraycopy(services, 0, engines, 0, services.length);
      return engines;
    }
    return new TrustEngine[0];
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedBundleHook
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

public abstract interface SignedContentConstants
{
  public static final String SHA1_STR = "SHA1";
  public static final String SHA256_STR = "SHA256";
  public static final String SHA384_STR = "SHA384";
  public static final String SHA512_STR = "SHA512";
  public static final String SHA224_STR = "SHA224";
  public static final String SHA512_224_STR = "SHA512-224";
  public static final String SHA512_256_STR = "SHA512-256";
  public static final String MD5_STR = "MD5";
  public static final String MD2_STR = "MD2";
  public static final String DOT_DSA = ".DSA";
  public static final String DOT_RSA = ".RSA";
  public static final String DOT_SF = ".SF";
  public static final String SIG_DASH = "SIG-";
  public static final String META_INF = "META-INF/";
  public static final String META_INF_MANIFEST_MF = "META-INF/MANIFEST.MF";
  public static final String[] EMPTY_STRING = new String[0];
  public static final String MF_ENTRY_NEWLN_NAME = "\nName: ";
  public static final String MF_ENTRY_NAME = "Name: ";
  public static final String MF_DIGEST_PART = "-Digest: ";
  public static final String digestManifestSearch = "-Digest-Manifest: ";
  public static final int digestManifestSearchLen = "-Digest-Manifest: ".length();
  public static final int[] SIGNEDDATA_OID = { 1, 2, 840, 113549, 1, 7, 2 };
  public static final int[] MD5_OID = { 1, 2, 840, 113549, 2, 5 };
  public static final int[] MD2_OID = { 1, 2, 840, 113549, 2, 2 };
  public static final int[] SHA1_OID = { 1, 3, 14, 3, 2, 26 };
  public static final int[] SHA256_OID = { 2, 16, 840, 1, 101, 3, 4, 2, 1 };
  public static final int[] SHA384_OID = { 2, 16, 840, 1, 101, 3, 4, 2, 2 };
  public static final int[] SHA512_OID = { 2, 16, 840, 1, 101, 3, 4, 2, 3 };
  public static final int[] SHA224_OID = { 2, 16, 840, 1, 101, 3, 4, 2, 4 };
  public static final int[] SHA512_224_OID = { 2, 16, 840, 1, 101, 3, 4, 2, 5 };
  public static final int[] SHA512_256_OID = { 2, 16, 840, 1, 101, 3, 4, 2, 6 };
  public static final int[] DSA_OID = { 1, 2, 840, 10040, 4, 1 };
  public static final int[] RSA_OID = { 1, 2, 840, 113549, 1, 1, 1 };
  public static final String TRUST_ENGINE = "osgi.signedcontent.trust.engine";
  public static final Object DEFAULT_TRUST_ENGINE = "org.eclipse.osgi";
  public static final String AUTHORIZATION_ENGINE = "osgi.signedcontent.authorization.engine";
  public static final Object DEFAULT_AUTHORIZATION_ENGINE = "org.eclipse.osgi";
  public static final int[] TIMESTAMP_OID = { 1, 2, 840, 113549, 1, 9, 16, 2, 14 };
  public static final int[] TIMESTAMP_TST_OID = { 1, 2, 840, 113549, 1, 9, 16, 1, 4 };
  public static final int[] SIGNING_TIME = { 1, 2, 840, 113549, 1, 9, 5 };
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentConstants
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.IOException;
import java.util.Map;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;

public class SignedContentFile$SignedContentFileEntry
  implements SignedContentEntry
{
  private final SignedContentEntry entry;
  final SignedContentFile this$0;
  
  public SignedContentFile$SignedContentFileEntry(SignedContentFile paramSignedContentFile, SignedContentEntry entry)
  {
    this.entry = entry;
  }
  
  public String getName()
  {
    return entry.getName();
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return entry.getSignerInfos();
  }
  
  public boolean isSigned()
  {
    return entry.isSigned();
  }
  
  public void verify()
    throws IOException, InvalidContentException
  {
    Map<String, Throwable> exceptions = this$0.getEntryExceptions(false);
    Throwable t = exceptions == null ? null : (Throwable)exceptions.get(entry.getName());
    if (t == null) {
      return;
    }
    if ((t instanceof IOException)) {
      throw ((IOException)t);
    }
    if ((t instanceof InvalidContentException)) {
      throw ((InvalidContentException)t);
    }
    if ((t instanceof Error)) {
      throw ((Error)t);
    }
    if ((t instanceof RuntimeException)) {
      throw ((RuntimeException)t);
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentFile.SignedContentFileEntry
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.IOException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;

public class SignedContentFile
  implements SignedContent
{
  private final SignedContentImpl signedContent;
  private Map<String, Throwable> entryExceptions = null;
  
  public SignedContentFile(SignedContentImpl signedContent)
  {
    try
    {
      content.close();
    }
    catch (IOException localIOException) {}
    this.signedContent = signedContent;
  }
  
  public void checkValidity(SignerInfo signerInfo)
    throws CertificateExpiredException, CertificateNotYetValidException
  {
    signedContent.checkValidity(signerInfo);
  }
  
  public synchronized SignedContentEntry[] getSignedEntries()
  {
    SignedContentEntry[] entries = signedContent.getSignedEntries();
    if (signedContent == null) {
      return null;
    }
    SignedContentEntry[] results = new SignedContentEntry[entries.length];
    Map<String, Throwable> exceptions = getEntryExceptions(true);
    for (int i = 0; i < entries.length; i++)
    {
      try
      {
        entries[i].verify();
      }
      catch (Throwable t)
      {
        exceptions.put(entries[i].getName(), t);
      }
      results[i] = new SignedContentFileEntry(entries[i]);
    }
    try
    {
      signedContent.content.close();
    }
    catch (IOException localIOException) {}
    return results;
  }
  
  public synchronized SignedContentEntry getSignedEntry(String name)
  {
    if (getEntryExceptions(false) == null) {
      getSignedEntries();
    }
    SignedContentEntry entry = signedContent.getSignedEntry(name);
    return entry == null ? null : new SignedContentFileEntry(entry);
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return signedContent.getSignerInfos();
  }
  
  public Date getSigningTime(SignerInfo signerInfo)
  {
    return signedContent.getSigningTime(signerInfo);
  }
  
  public SignerInfo getTSASignerInfo(SignerInfo signerInfo)
  {
    return signedContent.getTSASignerInfo(signerInfo);
  }
  
  public boolean isSigned()
  {
    return signedContent.isSigned();
  }
  
  synchronized Map<String, Throwable> getEntryExceptions(boolean create)
  {
    if ((create) && (entryExceptions == null)) {
      entryExceptions = new HashMap(5);
    }
    return entryExceptions;
  }
  
  public class SignedContentFileEntry
    implements SignedContentEntry
  {
    private final SignedContentEntry entry;
    
    public SignedContentFileEntry(SignedContentEntry entry)
    {
      this.entry = entry;
    }
    
    public String getName()
    {
      return entry.getName();
    }
    
    public SignerInfo[] getSignerInfos()
    {
      return entry.getSignerInfos();
    }
    
    public boolean isSigned()
    {
      return entry.isSigned();
    }
    
    public void verify()
      throws IOException, InvalidContentException
    {
      Map<String, Throwable> exceptions = getEntryExceptions(false);
      Throwable t = exceptions == null ? null : (Throwable)exceptions.get(entry.getName());
      if (t == null) {
        return;
      }
      if ((t instanceof IOException)) {
        throw ((IOException)t);
      }
      if ((t instanceof InvalidContentException)) {
        throw ((InvalidContentException)t);
      }
      if ((t instanceof Error)) {
        throw ((Error)t);
      }
      if ((t instanceof RuntimeException)) {
        throw ((RuntimeException)t);
      }
    }
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentFile
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.File;
import java.io.IOException;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleFile;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.eclipse.osgi.util.NLS;

public class SignedContentImpl$SignedContentEntryImpl
  implements SignedContentEntry
{
  private final String entryName;
  private final SignerInfo[] entrySigners;
  final SignedContentImpl this$0;
  
  public SignedContentImpl$SignedContentEntryImpl(SignedContentImpl paramSignedContentImpl, String entryName, SignerInfo[] entrySigners)
  {
    this.entryName = entryName;
    this.entrySigners = (entrySigners == null ? SignedContentImpl.EMPTY_SIGNERINFO : entrySigners);
  }
  
  public String getName()
  {
    return entryName;
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return entrySigners;
  }
  
  public boolean isSigned()
  {
    return entrySigners.length > 0;
  }
  
  public void verify()
    throws IOException, InvalidContentException
  {
    BundleFile currentContent = this$0.content;
    if (currentContent == null) {
      throw new InvalidContentException("The content was not set", null);
    }
    BundleEntry entry = null;
    SecurityException exception = null;
    try
    {
      entry = currentContent.getEntry(entryName);
    }
    catch (SecurityException e)
    {
      exception = e;
    }
    if (entry == null) {
      throw new InvalidContentException(NLS.bind(SignedContentMessages.file_is_removed_from_jar, entryName, currentContent.getBaseFile().toString()), exception);
    }
    entry.getBytes();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.signedcontent.SignedContentImpl.SignedContentEntryImpl
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.signedcontent;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleEntry;
import org.eclipse.osgi.baseadaptor.bundlefile.BundleFile;
import org.eclipse.osgi.signedcontent.InvalidContentException;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignedContentEntry;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.eclipse.osgi.util.NLS;

public class SignedContentImpl
  implements SignedContent
{
  static final SignerInfo[] EMPTY_SIGNERINFO = new SignerInfo[0];
  volatile SignedBundleFile content;
  private final Map<String, Object> contentMDResults;
  private final SignerInfo[] signerInfos;
  private Map<SignerInfo, Object[]> tsaSignerInfos;
  private volatile boolean checkedValid = false;
  
  public SignedContentImpl(SignerInfo[] signerInfos, Map<String, Object> contentMDResults)
  {
    this.signerInfos = (signerInfos == null ? EMPTY_SIGNERINFO : signerInfos);
    this.contentMDResults = contentMDResults;
  }
  
  public SignedContentEntry[] getSignedEntries()
  {
    if (contentMDResults == null) {
      return new SignedContentEntry[0];
    }
    List<SignedContentEntry> results = new ArrayList(contentMDResults.size());
    for (Iterator localIterator = contentMDResults.entrySet().iterator(); localIterator.hasNext();)
    {
      Map.Entry<String, Object> entry = (Map.Entry)localIterator.next();
      String entryName = (String)entry.getKey();
      Object[] mdResult = (Object[])entry.getValue();
      results.add(new SignedContentEntryImpl(entryName, (SignerInfo[])mdResult[0]));
    }
    return (SignedContentEntry[])results.toArray(new SignedContentEntry[results.size()]);
  }
  
  public SignedContentEntry getSignedEntry(String name)
  {
    if (contentMDResults == null) {
      return null;
    }
    Object[] mdResult = (Object[])contentMDResults.get(name);
    return mdResult == null ? null : new SignedContentEntryImpl(name, (SignerInfo[])mdResult[0]);
  }
  
  public SignerInfo[] getSignerInfos()
  {
    return signerInfos;
  }
  
  public Date getSigningTime(SignerInfo signerInfo)
  {
    if (tsaSignerInfos == null) {
      return null;
    }
    Object[] tsaInfo = (Object[])tsaSignerInfos.get(signerInfo);
    return tsaInfo == null ? null : (Date)tsaInfo[1];
  }
  
  public SignerInfo getTSASignerInfo(SignerInfo signerInfo)
  {
    if (tsaSignerInfos == null) {
      return null;
    }
    Object[] tsaInfo = (Object[])tsaSignerInfos.get(signerInfo);
    return tsaInfo == null ? null : (SignerInfo)tsaInfo[0];
  }
  
  public boolean isSigned()
  {
    return signerInfos.length > 0;
  }
  
  public void checkValidity(SignerInfo signer)
    throws CertificateExpiredException, CertificateNotYetValidException
  {
    Date signingTime = getSigningTime(signer);
    if (checkedValid) {
      return;
    }
    Certificate[] certs = signer.getCertificateChain();
    for (int i = 0; i < certs.length; i++) {
      if ((certs[i] instanceof X509Certificate)) {
        if (signingTime == null) {
          ((X509Certificate)certs[i]).checkValidity();
        } else {
          ((X509Certificate)certs[i]).checkValidity(signingTime);
        }
      }
    }
    checkedValid = true;
  }
  
  void setContent(SignedBundleFile content)
  {
    this.content = content;
  }
  
  void setTSASignerInfos(Map<SignerInfo, Object[]> tsaSignerInfos)
  {
    this.tsaSignerInfos = tsaSignerInfos;
  }
  
  void addTSASignerInfo(SignerInfo baseInfo, SignerInfo tsaSignerInfo, Date signingTime)
  {
    if (!containsInfo(baseInfo)) {
      throw new IllegalArgumentException("The baseInfo is not found");
    }
    if (tsaSignerInfos == null) {
      tsaSignerInfos = new HashMap(signerInfos.length);
    }
    tsaSignerInfos.put(baseInfo, new Object[] { tsaSignerInfo, signingTime });
  }
  
  Map<String, Object> getContentMDResults()
  {
    return contentMDResults;
  }
  
  private boolean containsInfo(SignerInfo signerInfo)
  {
    for (int i = 0; i < signerInfos.length; i++) {
      if (signerInfo == signerInfos[i]) {
        return true;
      }
    }
    return false;
  }
  
  InputStream getDigestInputStream(BundleEntry nestedEntry)
    throws IOException
  {
    if (contentMDResults == null) {
      return nestedEntry.getInputStream();
    }
    Object[] mdResult = (Object[])contentMDResults.get(nestedEntry.getName());
    if (mdResult == null) {
      return null;
    }
    return new DigestedInputStream(nestedEntry, content, (SignerInfo[])mdResult[0], (byte[][])mdResult[1], nestedEntry.getSize());
  }
  
  public class SignedContentEntryImpl
    implements SignedContentEntry
  {
    private final String entryName;
    private final SignerInfo[] entrySigners;
    
    public SignedContentEntryImpl(String entryName, SignerInfo[] entrySigners)
    {
      this.entryName = entryName;
      this.entrySigners = (entrySigners == null ? SignedContentImpl.EMPTY_SIGNERINFO : entrySigners);
    }
    
    public String getName()
    {
      return entryName;
    }
    
    public SignerInfo[] getSignerInfos()
    {
      return entrySigners;
    }
    
    public boolean isSigned()
    {
      return entrySigners.length > 0;
    }
    
    public void verify()
      throws IOException, InvalidContentException
    {
      BundleFile currentContent = content;
      if (currentContent == null) {
        throw new InvalidContentException("The content was not set", null);
      }
      BundleEntry entry = null;
      SecurityException exception = null;
      try
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87

Further reading...

For more information on Java 1.5 Tiger, you may find Java 1.5 Tiger, A developer's Notebook by D. Flanagan and B. McLaughlin from O'Reilly of interest.

New!JAR listings


Copyright 2006-2019. Infinite Loop Ltd