Methods Summary |
---|
private void | checkSignature()
if (classnames == null || signature == null || certificate == null) {
secureCS = defaultCS;
}
else {
try {
// In 1.2 beta 4, we must pass an argument to the getInstance
// method
KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
ks.load(new FileInputStream(System.getProperty("user.home") + File.separator + ".keystore"), null);
String alias = ks.getCertificateAlias(certificate);
if (alias == null) {
if (printLoadMessages)
System.out.println("Didn't find signer in database");
secureCS = defaultCS;
return;
}
Signature sig = Signature.getInstance("DSA");
sig.initVerify(certificate.getPublicKey());
for (int i = 0; i < classnames.length; i++) {
sig.update((byte [])
classArrays.get(classnames[i].substring(0,
classnames[i].length() - 6)));
}
if (!sig.verify(signature)) {
System.out.println("Signature is invalid");
secureCS = defaultCS;
return;
}
// In 1.2 beta 4, we use certificates instead of identities
// ids = new XYZIdentity[1];
// ids[0] = new XYZIdentity(alias, certificate);
// secureCS = getCodeSource(urlBase, ids);
secureCS = new CodeSource(urlBase, ks.getCertificateChain(alias));
} catch (Exception e) {
System.out.println("Treating as unsigned");
e.printStackTrace();
secureCS = defaultCS;
return;
}
}
|
protected java.lang.Class | findClass(java.lang.String name)
String urlName = name.replace('.", '/");
byte buf[];
Class cl;
buf = (byte[]) classArrays.get(urlName);
if (buf != null) {
// In 1.2 beta 4, the signature of the defineClass method has
// changed
if (isSecure(urlName))
cl = defineClass(name, buf, 0, buf.length, secureCS);
else cl = defineClass(name, buf, 0, buf.length, defaultCS);
return cl;
}
try {
URL url = new URL(urlBase, urlName + ".class");
if (printLoadMessages)
System.out.println("Loading " + url);
InputStream is = url.openConnection().getInputStream();
buf = getClassBytes(is);
cl = defineClass(name, buf, 0, buf.length, defaultCS);
return cl;
} catch (Exception e) {
System.out.println("Can't load " + name + ": " + e);
return null;
}
|
private byte[] | getClassBytes(java.io.InputStream is)
ByteArrayOutputStream baos = new ByteArrayOutputStream();
BufferedInputStream bis = new BufferedInputStream(is);
boolean eof = false;
while (!eof) {
try {
int i = bis.read();
if (i == -1)
eof = true;
else baos.write(i);
} catch (IOException e) {
return null;
}
}
return baos.toByteArray();
|
java.lang.String | getHost()
return urlBase.getHost();
|
java.lang.ThreadGroup | getThreadGroup()
if (threadGroup == null)
threadGroup = new ThreadGroup("JavaRuner ThreadGroup-" +
groupNum++);
return threadGroup;
|
private boolean | isSecure(java.lang.String name)
String tmpName = name + ".class";
if (classnames == null)
return false;
for (int i = 0; i < classnames.length; i++) {
if (tmpName.equals(classnames[i]))
return true;
}
return false;
|
private void | loadClassBytes(java.util.zip.ZipInputStream zis, java.lang.String zipName)
if (printLoadMessages)
System.out.println("\t" + zipName);
BufferedInputStream zipBuf = new BufferedInputStream(zis);
ByteArrayOutputStream zipOut = new ByteArrayOutputStream();
int b;
try {
while ((b = zipBuf.read()) != -1)
zipOut.write(b);
classArrays.put(zipName.substring(0, zipName.length() - 6),
zipOut.toByteArray());
} catch (IOException ioe) {
System.out.println("Error reading entry " + zipName);
}
|
private void | processCertificate(java.util.zip.ZipInputStream zis)
try {
ObjectInputStream ois = new ObjectInputStream(zis);
// In 1.2 beta 4, we must use a CertificateFactory instead of
// the X509 class directly
// certificate = X509Certificate.getInstance(((byte []) ois.readObject()));
CertificateFactory cf = CertificateFactory.getInstance("X509");
byte buf[] = (byte[]) ois.readObject();
ByteArrayInputStream bais = new ByteArrayInputStream(buf);
certificate = (X509Certificate) cf.generateCertificate(bais);
} catch (Exception e) {
System.out.println("Can't process certificate");
}
|
private void | processManifest(java.util.zip.ZipInputStream zis)
try {
ObjectInputStream ois = new ObjectInputStream(zis);
classnames = (String []) ois.readObject();
} catch (Exception e) {
System.out.println("Can't process manifest");
}
|
private void | processSignature(java.util.zip.ZipInputStream zis)
try {
ObjectInputStream ois = new ObjectInputStream(zis);
signature = (byte []) ois.readObject();
} catch (Exception e) {
System.out.println("Can't process signature");
}
|
public void | readZipFile(java.lang.String name)
URL zipUrl = null;
ZipInputStream zis;
ZipEntry ze;
try {
zipUrl = new URL(urlBase, name);
} catch (MalformedURLException mue) {
System.out.println("Unknown zip file " + name);
return;
}
if (printLoadMessages)
System.out.println("Loading zip file " + zipUrl);
try {
zis = new ZipInputStream(zipUrl.openConnection().getInputStream());
} catch (IOException ioe) {
System.out.println("Can't open zip file " + zipUrl);
return;
}
try {
while ((ze = zis.getNextEntry()) != null) {
String zipName = ze.getName();
if (zipName.endsWith(".class"))
loadClassBytes(zis, zipName);
else if (zipName.equals("SIGNATURE"))
processSignature(zis);
else if (zipName.equals("CERTIFICATE"))
processCertificate(zis);
else if (zipName.equals("CLASSNAMES"))
processManifest(zis);
// else ignore it; it could be an image or audio file
zis.closeEntry();
}
checkSignature();
} catch (IOException ioe) {
System.out.println("Badly formatted zip file");
}
|