下面列出了java.util.jar.JarEntry#getCertificates ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* Validate the security certificates (signers) for the class data.
*/
private Certificate[] getSigners(String className, JarEntry je) throws IOException {
try {
Certificate[] list = je.getCertificates();
if ((list == null) || (list.length == 0)) {
return null;
}
for (Certificate aList : list) {
if (!(aList instanceof X509Certificate)) {
String msg = MessageService.getTextMessage(
MessageId.CM_UNKNOWN_CERTIFICATE, className,
getJarName());
throw new SecurityException(msg);
}
X509Certificate cert = (X509Certificate) aList;
cert.checkValidity();
}
return list;
} catch (GeneralSecurityException gse) {
// convert this into an unchecked security
// exception. Unchecked as eventually it has
// to pass through a method that's only throwing
// ClassNotFoundException
throw handleException(gse, className);
}
}
/**
* 加载文件, 获取签名信息
* @param jarFile {@link JarFile}
* @param jarEntry {@link JarEntry}
* @param readBuffer 文件 Buffer
* @return {@link Certificate}[]
*/
private static Certificate[] loadCertificates(final JarFile jarFile, final JarEntry jarEntry, final byte[] readBuffer) {
try {
InputStream is = jarFile.getInputStream(jarEntry);
while (is.read(readBuffer, 0, readBuffer.length) != -1) {
}
CloseUtils.closeIOQuietly(is);
return jarEntry != null ? jarEntry.getCertificates() : null;
} catch (Exception e) {
LogPrintUtils.eTag(TAG, e, "loadCertificates");
}
return null;
}
/**
* 获取apk包签名基本信息
* @return string[0]证书发行者,string[1]证书所有者,string[2]序列号
* string[3]证书起始时间 string[4]证书结束时间
*/
public static @NonNull String[] getAPKSignInfo(String filePath) {
String subjectDN = "";
String issuerDN = "";
String serial = "";
String notBefore="";
String notAfter="";
try {
JarFile JarFile = new JarFile(filePath);
JarEntry JarEntry = JarFile.getJarEntry("AndroidManifest.xml");
if (JarEntry != null) {
byte[] readBuffer = new byte[8192];
InputStream is = new BufferedInputStream(JarFile.getInputStream(JarEntry));
while (is.read(readBuffer, 0, readBuffer.length) != -1) {
//notusing
}
Certificate[] certs = JarEntry.getCertificates();
if (certs != null && certs.length > 0) {
//获取证书
X509Certificate x509cert = (X509Certificate) certs[0];
//获取证书发行者
issuerDN = x509cert.getIssuerDN().toString();
//System.out.println("发行者:" + issuerDN);
//获取证书所有者
subjectDN = x509cert.getSubjectDN().toString();
//System.out.println("所有者:" + subjectDN);
//证书序列号
serial = x509cert.getSerialNumber().toString();
//System.out.println("publicKey:" + publicKey);
//证书起始有效期
notBefore=x509cert.getNotBefore().toString();
//证书结束有效期
notAfter=x509cert.getNotAfter().toString();
}
}
} catch (Exception e) {
e.printStackTrace();
}
return new String[]{subjectDN,issuerDN,serial,notBefore,notAfter};
}
/**
* 获取apk包签名基本信息
* @return string[0]证书发行者,string[1]证书所有者,string[2]序列号
* string[3]证书起始时间 string[4]证书结束时间
*/
public static @NonNull String[] getAPKSignInfo(String filePath) {
String subjectDN = "";
String issuerDN = "";
String serial = "";
String notBefore="";
String notAfter="";
try {
JarFile JarFile = new JarFile(filePath);
JarEntry JarEntry = JarFile.getJarEntry("AndroidManifest.xml");
if (JarEntry != null) {
byte[] readBuffer = new byte[8192];
InputStream is = new BufferedInputStream(JarFile.getInputStream(JarEntry));
while (is.read(readBuffer, 0, readBuffer.length) != -1) {
//notusing
}
Certificate[] certs = JarEntry.getCertificates();
if (certs != null && certs.length > 0) {
//获取证书
X509Certificate x509cert = (X509Certificate) certs[0];
//获取证书发行者
issuerDN = x509cert.getIssuerDN().toString();
//System.out.println("发行者:" + issuerDN);
//获取证书所有者
subjectDN = x509cert.getSubjectDN().toString();
//System.out.println("所有者:" + subjectDN);
//证书序列号
serial = x509cert.getSerialNumber().toString();
//System.out.println("publicKey:" + publicKey);
//证书起始有效期
notBefore=x509cert.getNotBefore().toString();
//证书结束有效期
notAfter=x509cert.getNotAfter().toString();
}
}
} catch (Exception e) {
e.printStackTrace();
}
return new String[]{subjectDN,issuerDN,serial,notBefore,notAfter};
}
/**
* Validate the security certificates (signers) for the class data.
*/
private Certificate[] getSigners(String className, JarEntry je) throws IOException {
try {
Certificate[] list = je.getCertificates();
if ((list == null) || (list.length == 0)) {
return null;
}
for (int i = 0; i < list.length; i++) {
if (!(list[i] instanceof X509Certificate)) {
String msg = MessageService.getTextMessage(
MessageId.CM_UNKNOWN_CERTIFICATE, className,
getJarName());
throw new SecurityException(msg);
}
X509Certificate cert = (X509Certificate) list[i];
cert.checkValidity();
}
return list;
} catch (GeneralSecurityException gse) {
// convert this into an unchecked security
// exception. Unchecked as eventually it has
// to pass through a method that's only throwing
// ClassNotFoundException
throw handleException(gse, className);
}
}
@SuppressWarnings({"StatementWithEmptyBody", "BooleanMethodIsAlwaysInverted"})
private static boolean isSigned(JarFile jarFile, PublicKey publicKey) throws IOException {
for (Enumeration<JarEntry> e = jarFile.entries(); e.hasMoreElements(); ) {
// Iterator over all the entries in the jar except directories and
// signature files
JarEntry jarEntry = e.nextElement();
String entryName = jarEntry.getName().toUpperCase();
if (jarEntry.isDirectory() || entryName.endsWith(".SF") || entryName.endsWith(".DSA") || entryName.endsWith(".EC") || entryName.endsWith(".RSA")) {
continue;
}
// Read the entry fully, otherwise the certificates won't be available
byte[] buffer = new byte[BUFFER_SIZE];
try (InputStream in = jarFile.getInputStream(jarEntry)) {
while (in.read(buffer) != -1) ;
}
// Get the signing certificate chain and check if one of them is the
// WorldPainter plugin signing certificate
Certificate[] certificates = jarEntry.getCertificates();
boolean signed = false;
if (certificates != null) {
for (Certificate certificate: certificates) {
if (certificate.getPublicKey().equals(publicKey)) {
signed = true;
break;
}
}
}
if (! signed) {
return false;
}
}
return true;
}
/**
* Validate the security certificates (signers) for the class data.
*/
private Certificate[] getSigners(String className, JarEntry je) throws IOException {
try {
Certificate[] list = je.getCertificates();
if ((list == null) || (list.length == 0)) {
return null;
}
for (int i = 0; i < list.length; i++) {
if (!(list[i] instanceof X509Certificate)) {
String msg = MessageService.getTextMessage(
MessageId.CM_UNKNOWN_CERTIFICATE, className,
getJarName());
throw new SecurityException(msg);
}
X509Certificate cert = (X509Certificate) list[i];
cert.checkValidity();
}
return list;
} catch (GeneralSecurityException gse) {
// convert this into an unchecked security
// exception. Unchecked as eventually it has
// to pass through a method that's only throwing
// ClassNotFoundException
throw handleException(gse, className);
}
}
/**
* Returns any certificates.
*/
public Certificate []getCertificates(String path)
{
if (! isSigned())
return null;
if (path.length() > 0 && path.charAt(0) == '/')
path = path.substring(1);
try {
if (! getBacking().canRead())
return null;
JarFile jarFile = getJarFile();
JarEntry entry;
InputStream is = null;
try {
entry = jarFile.getJarEntry(path);
if (entry != null) {
is = jarFile.getInputStream(entry);
while (is.skip(65536) > 0) {
}
is.close();
return entry.getCertificates();
}
} finally {
closeJarFile(jarFile);
}
} catch (IOException e) {
log.log(Level.FINE, e.toString(), e);
return null;
}
return null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return {@code null}
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}
/**
* Return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise. This method
* can only be called once
* the connection has been completely verified by reading
* from the input stream until the end of the stream has been
* reached. Otherwise, this method will return <code>null</code>
*
* @return the Certificate object for this connection if the URL
* for it points to a JAR file entry, null otherwise.
*
* @exception IOException if getting the JAR entry causes an
* IOException to be thrown.
*
* @see #getJarEntry
*/
public java.security.cert.Certificate[] getCertificates()
throws IOException
{
JarEntry e = getJarEntry();
return e != null ? e.getCertificates() : null;
}