code review request: 7012160: read SF file in signed jar in streaming mode

Weijun Wang weijun.wang at oracle.com
Fri Jan 14 08:31:34 UTC 2011 

Hi Sean

http://cr.openjdk.java.net/~weijun/7012160/webrev.00/

I've made changes to the following classes to enable streaming mode SF 
file reading:

- java/util/jar/JarVerifier.java:

1. New verifyBlock method.

2. Change the constructor from JarVerifier(byte[]) to 
JarVerifier(byte[], Manifest). In SignatureFileVerifier.processImpl(), 
if we already confirm the *-Digest-Manifest header in the SF file 
matches the whole MANIFEST.MF, there'se no need to parse the rest of the 
SF file, since we can be sure that entries in the SF file are identical 
to those in MANIFEST.MF. Of course, the content of the SF file still 
needs to be fed into PKCS7Verifier to verify the signature.

- java/util/jar/JarFile.java:

Read DSA file in byte[] and SF file in InputStream, and call 
JarVerifier.verifyBlock() to verify.

- java/util/jar/Manifest.java:

Adding update(byte[]) to read manifest in streaming mode. This is a new 
public API.

- sun/security/pkcs/PKCS7.java:

New PKCS7Verifier class to verify SignedData in streaming mode. I 
basically divide the SignerInfo.verify(PKCS7 block, byte[] data) method 
into 3 parts and make them the 3 methods of this class.

- sun/security/util/SignatureFileVerifier.java:

Rewrite the processImpl(*) method to make use of new methods in PKCS7 
and Manifest.

No new regression tests, use existing ones.

I've tried NetBeans profiler to look at the memory. The program simply 
calls JarSigner.main(new String[]{"-verify", "x.jar"}) and the signed 
jar x.jar has 10000 files inside.

               Before        After
byte[]        3.6MB         2.8MB
char[]        2.0MB         1.3MB
String        1.1MB         650KB

So it does have some difference.

Thanks
Max


-------- Original Message --------
*Change Request ID*: 7012160
*Synopsis*: read SF file in signed jar in streaming mode


=== *Description* 
============================================================
When a signed jar is verified, its SF file is read into a byte array and 
verified against the signature. When there are many files in the jar, 
the SF file can be very big. It will be better if the file can be read 
in streaming mode.

*** (#1 of 1): 2011-01-13 12:23:25 GMT+00:00 weijun.wang at oracle.com

More information about the security-dev mailing list