java.lang.Object
java.io.InputStream
java.io.FilterInputStream
java.util.zip.InflaterInputStream
java.util.zip.ZipInputStream
java.util.jar.JarInputStream
- All Implemented Interfaces:
Closeable,AutoCloseable
The
JarInputStream class, which extends ZipInputStream,
is used to read the contents of a JAR file from an input stream.
It provides support for reading an optional
Manifest
entry. The Manifest can be used to store
meta-information about the JAR file and its entries.
Accessing the Manifest
The getManifest method is used to return the
Manifest
from the entry META-INF/MANIFEST.MF when it is the first entry
in the stream (or the second entry if the first entry in the stream is
META-INF/ and the second entry is META-INF/MANIFEST.MF).
The getNextJarEntry() and getNextEntry() methods are
used to read JAR file entries from the stream. These methods skip over the
Manifest (META-INF/MANIFEST.MF) when it is at the beginning of the
stream. In other words, these methods do not return an entry for the Manifest
when the Manifest is the first entry in the stream. If the first entry is
META-INF/ and the second entry is the Manifest then both are skipped
over by these methods. Whether these methods skip over the Manifest when it
appears later in the stream is not specified.
Signed JAR Files
AJarInputStream verifies the signatures of entries in a
Signed JAR file
when:
-
The
Manifestis the first entry in the stream (or the second entry if the first entry in the stream isMETA-INF/and the second entry isMETA-INF/MANIFEST.MF). -
All signature-related entries immediately follow the
Manifest
Once the JarEntry has been completely verified, which is done by
reading until the end of the entry's input stream,
JarEntry.getCertificates() may be called to obtain the certificates
for this entry and JarEntry.getCodeSigners() may be called to obtain
the signers.
It is important to note that the verification process does not include validating
the signer's certificate. A caller should inspect the return value of
JarEntry.getCodeSigners() to further determine if the signature
can be trusted.
- API Note:
- If a
JarEntryis modified after the JAR file is signed, aSecurityExceptionwill be thrown when the entry is read. - Since:
- 1.2
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final intCentral directory (CEN) header internal file attributes field offset.static final intCentral directory (CEN) header external file attributes field offset.static final intCentral directory (CEN) header comment length field offset.static final intCentral directory (CEN) header uncompressed file crc-32 value field offset.static final intCentral directory (CEN) header disk number start field offset.static final intCentral directory (CEN) header extra field length field offset.static final intCentral directory (CEN) header encrypt, decrypt flags field offset.static final intCentral directory (CEN) header size in bytes (including signature).static final intCentral directory (CEN) header compression method field offset.static final intCentral directory (CEN) header uncompressed size field offset.static final intCentral directory (CEN) header filename length field offset.static final intCentral directory (CEN) header LOC header offset field offset.static final longCentral directory (CEN) header signature.static final intCentral directory (CEN) header compressed size field offset.static final intCentral directory (CEN) header modification time field offset.static final intCentral directory (CEN) header version made by field offset.static final intCentral directory (CEN) header version needed to extract field offset.static final intEnd of central directory (END) header zip file comment length field offset.static final intEnd of central directory (END) header size in bytes (including signature).static final intEnd of central directory (END) header offset for the first CEN header field offset.static final longEnd of central directory (END) header signature.static final intEnd of central directory (END) header central directory size in bytes field offset.static final intEnd of central directory (END) header number of entries on this disk field offset.static final intEnd of central directory (END) header total number of entries field offset.static final intExtra local (EXT) header uncompressed file crc-32 value field offset.static final intExtra local (EXT) header size in bytes (including signature).static final intExtra local (EXT) header uncompressed size field offset.static final longExtra local (EXT) header signature.static final intExtra local (EXT) header compressed size field offset.static final intLocal file (LOC) header uncompressed file crc-32 value field offset.static final intLocal file (LOC) header extra field length field offset.static final intLocal file (LOC) header general purpose bit flag field offset.static final intLocal file (LOC) header size in bytes (including signature).static final intLocal file (LOC) header compression method field offset.static final intLocal file (LOC) header uncompressed size field offset.static final intLocal file (LOC) header filename length field offset.static final longLocal file (LOC) header signature.static final intLocal file (LOC) header compressed size field offset.static final intLocal file (LOC) header modification time field offset.static final intLocal file (LOC) header version needed to extract field offset.Fields declared in class java.util.zip.InflaterInputStream
buf, inf, lenFields declared in class java.io.FilterInputStream
in -
Constructor Summary
ConstructorsConstructorDescriptionCreates a newJarInputStreamand reads the optional manifest.JarInputStream(InputStream in, boolean verify) Creates a newJarInputStreamand reads the optional manifest. -
Method Summary
Modifier and TypeMethodDescriptionprotected ZipEntrycreateZipEntry(String name) Creates a newJarEntry(ZipEntry) for the specified JAR file entry name.Returns theManifestfor this JAR file when it is the first entry in the stream (or the second entry if the first entry in the stream isMETA-INF/and the second entry isMETA-INF/MANIFEST.MF), ornullotherwise.Reads the next ZIP file entry and positions the stream at the beginning of the entry data.Reads the next JAR file entry and positions the stream at the beginning of the entry data.intread(byte[] b, int off, int len) Reads from the current JAR entry into an array of bytes, returning the number of inflated bytes.Methods declared in class java.util.zip.ZipInputStream
available, close, closeEntry, read, readAllBytes, readNBytes, readNBytes, skip, skipNBytes, transferToMethods declared in class java.util.zip.InflaterInputStream
fill, mark, markSupported, resetMethods declared in class java.io.FilterInputStream
readMethods declared in class java.io.InputStream
nullInputStream
-
Field Details
-
LOCSIG
static final long LOCSIGLocal file (LOC) header signature.- See Also:
-
EXTSIG
static final long EXTSIGExtra local (EXT) header signature.- See Also:
-
CENSIG
static final long CENSIGCentral directory (CEN) header signature.- See Also:
-
ENDSIG
static final long ENDSIGEnd of central directory (END) header signature.- See Also:
-
LOCHDR
static final int LOCHDRLocal file (LOC) header size in bytes (including signature).- See Also:
-
EXTHDR
static final int EXTHDRExtra local (EXT) header size in bytes (including signature).- See Also:
-
CENHDR
static final int CENHDRCentral directory (CEN) header size in bytes (including signature).- See Also:
-
ENDHDR
static final int ENDHDREnd of central directory (END) header size in bytes (including signature).- See Also:
-
LOCVER
static final int LOCVERLocal file (LOC) header version needed to extract field offset.- See Also:
-
LOCFLG
static final int LOCFLGLocal file (LOC) header general purpose bit flag field offset.- See Also:
-
LOCHOW
static final int LOCHOWLocal file (LOC) header compression method field offset.- See Also:
-
LOCTIM
static final int LOCTIMLocal file (LOC) header modification time field offset.- See Also:
-
LOCCRC
static final int LOCCRCLocal file (LOC) header uncompressed file crc-32 value field offset.- See Also:
-
LOCSIZ
static final int LOCSIZLocal file (LOC) header compressed size field offset.- See Also:
-
LOCLEN
static final int LOCLENLocal file (LOC) header uncompressed size field offset.- See Also:
-
LOCNAM
static final int LOCNAMLocal file (LOC) header filename length field offset.- See Also:
-
LOCEXT
static final int LOCEXTLocal file (LOC) header extra field length field offset.- See Also:
-
EXTCRC
static final int EXTCRCExtra local (EXT) header uncompressed file crc-32 value field offset.- See Also:
-
EXTSIZ
static final int EXTSIZExtra local (EXT) header compressed size field offset.- See Also:
-
EXTLEN
static final int EXTLENExtra local (EXT) header uncompressed size field offset.- See Also:
-
CENVEM
static final int CENVEMCentral directory (CEN) header version made by field offset.- See Also:
-
CENVER
static final int CENVERCentral directory (CEN) header version needed to extract field offset.- See Also:
-
CENFLG
static final int CENFLGCentral directory (CEN) header encrypt, decrypt flags field offset.- See Also:
-
CENHOW
static final int CENHOWCentral directory (CEN) header compression method field offset.- See Also:
-
CENTIM
static final int CENTIMCentral directory (CEN) header modification time field offset.- See Also:
-
CENCRC
static final int CENCRCCentral directory (CEN) header uncompressed file crc-32 value field offset.- See Also:
-
CENSIZ
static final int CENSIZCentral directory (CEN) header compressed size field offset.- See Also:
-
CENLEN
static final int CENLENCentral directory (CEN) header uncompressed size field offset.- See Also:
-
CENNAM
static final int CENNAMCentral directory (CEN) header filename length field offset.- See Also:
-
CENEXT
static final int CENEXTCentral directory (CEN) header extra field length field offset.- See Also:
-
CENCOM
static final int CENCOMCentral directory (CEN) header comment length field offset.- See Also:
-
CENDSK
static final int CENDSKCentral directory (CEN) header disk number start field offset.- See Also:
-
CENATT
static final int CENATTCentral directory (CEN) header internal file attributes field offset.- See Also:
-
CENATX
static final int CENATXCentral directory (CEN) header external file attributes field offset.- See Also:
-
CENOFF
static final int CENOFFCentral directory (CEN) header LOC header offset field offset.- See Also:
-
ENDSUB
static final int ENDSUBEnd of central directory (END) header number of entries on this disk field offset.- See Also:
-
ENDTOT
static final int ENDTOTEnd of central directory (END) header total number of entries field offset.- See Also:
-
ENDSIZ
static final int ENDSIZEnd of central directory (END) header central directory size in bytes field offset.- See Also:
-
ENDOFF
static final int ENDOFFEnd of central directory (END) header offset for the first CEN header field offset.- See Also:
-
ENDCOM
static final int ENDCOMEnd of central directory (END) header zip file comment length field offset.- See Also:
-
-
Constructor Details
-
JarInputStream
Creates a newJarInputStreamand reads the optional manifest. If a manifest is present, also attempts to verify the signatures if the JarInputStream is signed.- Parameters:
in- the actual input stream- Throws:
IOException- if an I/O error has occurred
-
JarInputStream
Creates a newJarInputStreamand reads the optional manifest. If a manifest is present and verify is true, also attempts to verify the signatures if the JarInputStream is signed.- Parameters:
in- the actual input streamverify- whether or not to verify the JarInputStream if it is signed.- Throws:
IOException- if an I/O error has occurred
-
-
Method Details
-
getManifest
Returns theManifestfor this JAR file when it is the first entry in the stream (or the second entry if the first entry in the stream isMETA-INF/and the second entry isMETA-INF/MANIFEST.MF), ornullotherwise.- Returns:
- the
Manifestfor this JAR file, ornullotherwise.
-
getNextEntry
Reads the next ZIP file entry and positions the stream at the beginning of the entry data. If verification has been enabled, any invalid signature detected while positioning the stream for the next entry will result in an exception.- Overrides:
getNextEntryin classZipInputStream- Returns:
- the next ZIP file entry, or null if there are no more entries
- Throws:
ZipException- if a ZIP file error has occurredIOException- if an I/O error has occurredSecurityException- if any of the jar file entries are incorrectly signed.
-
getNextJarEntry
Reads the next JAR file entry and positions the stream at the beginning of the entry data. If verification has been enabled, any invalid signature detected while positioning the stream for the next entry will result in an exception.- Returns:
- the next JAR file entry, or null if there are no more entries
- Throws:
ZipException- if a ZIP file error has occurredIOException- if an I/O error has occurredSecurityException- if any of the jar file entries are incorrectly signed.
-
read
Reads from the current JAR entry into an array of bytes, returning the number of inflated bytes. Iflenis not zero, the method blocks until some input is available; otherwise, no bytes are read and0is returned.If the current entry is compressed and this method returns a nonzero integer n then
buf[off]throughbuf[off+n-1]contain the uncompressed data. The content of elementsbuf[off+n]throughbuf[off+len-1]is undefined, contrary to the specification of theInputStreamsuperclass, so an implementation is free to modify these elements during the inflate operation. If this method returns-1or throws an exception then the content ofbuf[off]throughbuf[off+len-1]is undefined.If verification has been enabled, any invalid signature on the current entry will be reported at some point before the end of the entry is reached.
- Overrides:
readin classZipInputStream- Parameters:
b- the buffer into which the data is readoff- the start offset in the destination arrayblen- the maximum number of bytes to read- Returns:
- the actual number of bytes read, or -1 if the end of the entry is reached
- Throws:
NullPointerException- Ifbisnull.IndexOutOfBoundsException- Ifoffis negative,lenis negative, orlenis greater thanb.length - offZipException- if a ZIP file error has occurredIOException- if an I/O error has occurredSecurityException- if any of the jar file entries are incorrectly signed.- See Also:
-
createZipEntry
Creates a newJarEntry(ZipEntry) for the specified JAR file entry name. The manifest attributes of the specified JAR file entry name will be copied to the newJarEntry.- Overrides:
createZipEntryin classZipInputStream- Parameters:
name- the name of the JAR/ZIP file entry- Returns:
- the
JarEntryobject just created
-