lib/jar/jar.c
author Tim Taubert <ttaubert@mozilla.com>
Thu, 18 Feb 2016 18:39:47 +0100
changeset 11904 bda3307226f2a663cf21ba0fd92849dabd4ac6f1
parent 10685 6c43fe3ab5dd41803bbd6705979f73275d7668f6
child 11998 193964941a437c661aa30184ff4e8dd5b5f67c33
permissions -rw-r--r--
Bug 1247278 - s/uint16_t/PRUint16 to fix Windows build errors r=bustage

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/*
 *  JAR.C
 *
 *  Jarnature.
 *  Routines common to signing and validating.
 *
 */

#include "jar.h"
#include "jarint.h"
#include "portreg.h"

static void 
jar_destroy_list (ZZList *list);

static int 
jar_find_first_cert(JAR_Signer *signer, int type, JAR_Item **it);

/*
 *  J A R _ n e w
 *
 *  Create a new instantiation of a manifest representation.
 *  Use this as a token to any calls to this API.
 *
 */
JAR *
JAR_new(void)
{
    JAR *jar;

    if ((jar = (JAR*)PORT_ZAlloc (sizeof (JAR))) == NULL)
	goto loser;
    if ((jar->manifest = ZZ_NewList()) == NULL)
	goto loser;
    if ((jar->hashes = ZZ_NewList()) == NULL)
	goto loser;
    if ((jar->phy = ZZ_NewList()) == NULL)
	goto loser;
    if ((jar->metainfo = ZZ_NewList()) == NULL)
	goto loser;
    if ((jar->signers = ZZ_NewList()) == NULL)
	goto loser;
    return jar;

loser:
    if (jar) {
	if (jar->manifest)
	    ZZ_DestroyList (jar->manifest);
	if (jar->hashes)
	    ZZ_DestroyList (jar->hashes);
	if (jar->phy)
	    ZZ_DestroyList (jar->phy);
	if (jar->metainfo)
	    ZZ_DestroyList (jar->metainfo);
	if (jar->signers)
	    ZZ_DestroyList (jar->signers);
	PORT_Free (jar);
    }
    return NULL;
}

/*
 *  J A R _ d e s t r o y
 */
void PR_CALLBACK 
JAR_destroy(JAR *jar)
{
    PORT_Assert( jar != NULL );

    if (jar == NULL)
	return;

    if (jar->fp) 
    	JAR_FCLOSE ((PRFileDesc*)jar->fp);
    if (jar->url)      
    	PORT_Free (jar->url);
    if (jar->filename) 
    	PORT_Free (jar->filename);

    /* Free the linked list elements */
    jar_destroy_list (jar->manifest);
    ZZ_DestroyList (jar->manifest);
    jar_destroy_list (jar->hashes);
    ZZ_DestroyList (jar->hashes);
    jar_destroy_list (jar->phy);
    ZZ_DestroyList (jar->phy);
    jar_destroy_list (jar->metainfo);
    ZZ_DestroyList (jar->metainfo);
    jar_destroy_list (jar->signers);
    ZZ_DestroyList (jar->signers);
    PORT_Free (jar);
}

static void 
jar_destroy_list(ZZList *list)
{
    ZZLink *link, *oldlink;
    JAR_Item *it;
    JAR_Physical *phy;
    JAR_Digest *dig;
    JAR_Cert *fing;
    JAR_Metainfo *met;
    JAR_Signer *signer;

    if (list && !ZZ_ListEmpty (list)) {
	link = ZZ_ListHead (list);
	while (!ZZ_ListIterDone (list, link)) {
	    it = link->thing;
	    if (!it) 
	    	goto next;
	    if (it->pathname) 
	    	PORT_Free (it->pathname);

	    switch (it->type) {
	    case jarTypeMeta:
		met = (JAR_Metainfo *) it->data;
		if (met) {
		    if (met->header) 
		    	PORT_Free (met->header);
		    if (met->info) 
		    	PORT_Free (met->info);
		    PORT_Free (met);
		}
		break;

	    case jarTypePhy:
		phy = (JAR_Physical *) it->data;
		if (phy)
		    PORT_Free (phy);
		break;

	    case jarTypeSign:
		fing = (JAR_Cert *) it->data;
		if (fing) {
		    if (fing->cert)
			CERT_DestroyCertificate (fing->cert);
		    if (fing->key)
			PORT_Free (fing->key);
		    PORT_Free (fing);
		}
		break;

	    case jarTypeSect:
	    case jarTypeMF:
	    case jarTypeSF:
		dig = (JAR_Digest *) it->data;
		if (dig) {
		    PORT_Free (dig);
		}
		break;

	    case jarTypeOwner:
		signer = (JAR_Signer *) it->data;
		if (signer)
		    JAR_destroy_signer (signer);
		break;

	    default:
		/* PORT_Assert( 1 != 2 ); */
		break;
	    }
	    PORT_Free (it);

next:
	    oldlink = link;
	    link = link->next;
	    ZZ_DestroyLink (oldlink);
	}
    }
}

/*
 *  J A R _ g e t _ m e t a i n f o
 *
 *  Retrieve meta information from the manifest file.
 *  It doesn't matter whether it's from .MF or .SF, does it?
 *
 */

int 
JAR_get_metainfo(JAR *jar, char *name, char *header, void **info, 
                 unsigned long *length)
{
    JAR_Item *it;
    ZZLink *link;
    ZZList *list;

    PORT_Assert( jar != NULL && header != NULL );

    if (jar == NULL || header == NULL)
	return JAR_ERR_PNF;

    list = jar->metainfo;

    if (ZZ_ListEmpty (list))
	return JAR_ERR_PNF;

    for (link = ZZ_ListHead (list);
         !ZZ_ListIterDone (list, link);
         link = link->next) {
	it = link->thing;
	if (it->type == jarTypeMeta) {
	    JAR_Metainfo *met;

	    if ((name && !it->pathname) || (!name && it->pathname))
		continue;
	    if (name && it->pathname && strcmp (it->pathname, name))
		continue;
	    met = (JAR_Metainfo *) it->data;
	    if (!PORT_Strcasecmp (met->header, header)) {
		*info = PORT_Strdup (met->info);
		*length = PORT_Strlen (met->info);
		return 0;
	    }
	}
    }
    return JAR_ERR_PNF;
}

/*
 *  J A R _ f i n d
 *
 *  Establish the search pattern for use
 *  by JAR_find_next, to traverse the filenames
 *  or certificates in the JAR structure.
 *
 *  See jar.h for a description on how to use.
 *
 */
JAR_Context *
JAR_find (JAR *jar, char *pattern, jarType type)
{
    JAR_Context *ctx;

    PORT_Assert( jar != NULL );

    if (!jar)
	return NULL;

    ctx = (JAR_Context *) PORT_ZAlloc (sizeof (JAR_Context));
    if (ctx == NULL)
	return NULL;

    ctx->jar = jar;
    if (pattern) {
	if ((ctx->pattern = PORT_Strdup (pattern)) == NULL) {
	    PORT_Free (ctx);
	    return NULL;
	}
    }
    ctx->finding = type;

    switch (type) {
    case jarTypeMF:
	ctx->next = ZZ_ListHead (jar->hashes);
	break;

    case jarTypeSF:
    case jarTypeSign:
	ctx->next = NULL;
	ctx->nextsign = ZZ_ListHead (jar->signers);
	break;

    case jarTypeSect:
	ctx->next = ZZ_ListHead (jar->manifest);
	break;

    case jarTypePhy:
	ctx->next = ZZ_ListHead (jar->phy);
	break;

    case jarTypeOwner:
	if (jar->signers)
	    ctx->next = ZZ_ListHead (jar->signers);
	else
	    ctx->next = NULL;
	break;

    case jarTypeMeta:
	ctx->next = ZZ_ListHead (jar->metainfo);
	break;

    default:
	PORT_Assert( 1 != 2);
	break;
    }
    return ctx;
}

/*
 *  J A R _ f i n d _ e n d
 *
 *  Destroy the find iterator context.
 *
 */
void 
JAR_find_end (JAR_Context *ctx)
{
    PORT_Assert( ctx != NULL );
    if (ctx) {
	if (ctx->pattern)
	    PORT_Free (ctx->pattern);
	PORT_Free (ctx);
    }
}

/*
 *  J A R _ f i n d _ n e x t
 *
 *  Return the next item of the given type
 *  from one of the JAR linked lists.
 *
 */

int JAR_find_next (JAR_Context *ctx, JAR_Item **it)
{
    JAR *jar;
    ZZList *list = NULL;
    int finding;
    JAR_Signer *signer = NULL;

    PORT_Assert( ctx != NULL );
    PORT_Assert( ctx->jar != NULL );

    jar = ctx->jar;

    /* Internally, convert jarTypeSign to jarTypeSF, and return
       the actual attached certificate later */
    finding = (ctx->finding == jarTypeSign) ? jarTypeSF : ctx->finding;
    if (ctx->nextsign) {
	if (ZZ_ListIterDone (jar->signers, ctx->nextsign)) {
	    *it = NULL;
	    return -1;
	}
	PORT_Assert (ctx->nextsign->thing != NULL);
	signer = (JAR_Signer*)ctx->nextsign->thing->data;
    }

    /* Find out which linked list to traverse. Then if
       necessary, advance to the next linked list. */
    while (1) {
	switch (finding) {
	case jarTypeSign:    /* not any more */
	    PORT_Assert( finding != jarTypeSign );
	    list = signer->certs;
	    break;

	case jarTypeSect:
	    list = jar->manifest;
	    break;

	case jarTypePhy:
	    list = jar->phy;
	    break;

	case jarTypeSF:      /* signer, not jar */
	    PORT_Assert( signer != NULL );
	    list = signer ? signer->sf : NULL;
	    break;

	case jarTypeMF:
	    list = jar->hashes;
	    break;

	case jarTypeOwner:
	    list = jar->signers;
	    break;

	case jarTypeMeta:
	    list = jar->metainfo;
	    break;

	default:
	    PORT_Assert( 1 != 2 );
	    list = NULL;
	    break;
	}
	if (list == NULL) {
	    *it = NULL;
	    return -1;
	}
	/* When looping over lists of lists, advance to the next signer. 
	   This is done when multiple signers are possible. */
	if (ZZ_ListIterDone (list, ctx->next)) {
	    if (ctx->nextsign && jar->signers) {
		ctx->nextsign = ctx->nextsign->next;
		if (!ZZ_ListIterDone (jar->signers, ctx->nextsign)) {
		    PORT_Assert (ctx->nextsign->thing != NULL);
		    signer = (JAR_Signer*)ctx->nextsign->thing->data;
		    PORT_Assert( signer != NULL );
		    ctx->next = NULL;
		    continue;
		}
	    }
	    *it = NULL;
	    return -1;
	}

	/* if the signer changed, still need to fill in the "next" link */
	if (ctx->nextsign && ctx->next == NULL) {
	    switch (finding) {
	    case jarTypeSF:
		ctx->next = ZZ_ListHead (signer->sf);
		break;

	    case jarTypeSign:
		ctx->next = ZZ_ListHead (signer->certs);
		break;
	    }
	}
	PORT_Assert( ctx->next != NULL );
	if (ctx->next == NULL) {
	    *it = NULL;
	    return -1;
	}
	while (!ZZ_ListIterDone (list, ctx->next)) {
	    *it = ctx->next->thing;
	    ctx->next = ctx->next->next;
	    if (!*it || (*it)->type != finding)
		continue;
	    if (ctx->pattern && *ctx->pattern) {
		if (PORT_RegExpSearch ((*it)->pathname, ctx->pattern))
		    continue;
	    }
	    /* We have a valid match. If this is a jarTypeSign
	       return the certificate instead.. */
	    if (ctx->finding == jarTypeSign) {
		JAR_Item *itt;

		/* just the first one for now */
		if (jar_find_first_cert (signer, jarTypeSign, &itt) >= 0) {
		    *it = itt;
		    return 0;
		}
		continue;
	    }
	    return 0;
	}
    } /* end while */
}

static int 
jar_find_first_cert (JAR_Signer *signer, int type, JAR_Item **it)
{
    ZZLink *link;
    ZZList *list = signer->certs;
    int status = JAR_ERR_PNF;

    *it = NULL;
    if (ZZ_ListEmpty (list)) {
	/* empty list */
	return JAR_ERR_PNF;
    }

    for (link = ZZ_ListHead (list);
	 !ZZ_ListIterDone (list, link);
	 link = link->next) {
	if (link->thing->type == type) {
	    *it = link->thing;
	    status = 0;
	    break;
	}
    }
    return status;
}

JAR_Signer *
JAR_new_signer (void) 
{
    JAR_Signer *signer = (JAR_Signer *) PORT_ZAlloc (sizeof (JAR_Signer));
    if (signer == NULL)
	goto loser;

    /* certs */
    signer->certs = ZZ_NewList();
    if (signer->certs == NULL)
	goto loser;

    /* sf */
    signer->sf = ZZ_NewList();
    if (signer->sf == NULL)
	goto loser;
    return signer;

loser:
    if (signer) {
	if (signer->certs)
	    ZZ_DestroyList (signer->certs);
	if (signer->sf)
	    ZZ_DestroyList (signer->sf);
	PORT_Free (signer);
    }
    return NULL;
}

void 
JAR_destroy_signer(JAR_Signer *signer)
{
    if (signer) {
	if (signer->owner) 
	    PORT_Free (signer->owner);
	if (signer->digest) 
	    PORT_Free (signer->digest);
	jar_destroy_list (signer->sf);
	ZZ_DestroyList (signer->sf);
	jar_destroy_list (signer->certs);
	ZZ_DestroyList (signer->certs);
	PORT_Free (signer);
    }
}

JAR_Signer *
jar_get_signer(JAR *jar, char *basename)
{
    JAR_Item *it;
    JAR_Context *ctx = JAR_find (jar, NULL, jarTypeOwner);
    JAR_Signer *candidate;
    JAR_Signer *signer = NULL;

    if (ctx == NULL)
	return NULL;

    while (JAR_find_next (ctx, &it) >= 0) {
	candidate = (JAR_Signer *) it->data;
	if (*basename == '*' || !PORT_Strcmp (candidate->owner, basename)) {
	    signer = candidate;
	    break;
	}
    }
    JAR_find_end (ctx);
    return signer;
}

/*
 *  J A R _ g e t _ f i l e n a m e
 *
 *  Returns the filename associated with
 *  a JAR structure.
 *
 */
char *
JAR_get_filename(JAR *jar)
{
    return jar->filename;
}

/*
 *  J A R _ g e t _ u r l
 *
 *  Returns the URL associated with
 *  a JAR structure. Nobody really uses this now.
 *
 */
char *
JAR_get_url(JAR *jar)
{
    return jar->url;
}

/*
 *  J A R _ s e t _ c a l l b a c k
 *
 *  Register some manner of callback function for this jar.
 *
 */
int 
JAR_set_callback(int type, JAR *jar, jar_settable_callback_fn *fn)
{
    if (type == JAR_CB_SIGNAL) {
	jar->signal = fn;
	return 0;
    }
    return -1;
}

/*
 *  Callbacks
 *
 */

/* To return an error string */
char *(*jar_fn_GetString) (int) = NULL;

/* To return an MWContext for Java */
void *(*jar_fn_FindSomeContext) (void) = NULL;

/* To fabricate an MWContext for FE_GetPassword */
void *(*jar_fn_GetInitContext) (void) = NULL;

void
JAR_init_callbacks(char *(*string_cb)(int), 
                   void *(*find_cx)(void),
                   void *(*init_cx)(void))
{
    jar_fn_GetString = string_cb;
    jar_fn_FindSomeContext = find_cx;
    jar_fn_GetInitContext = init_cx;
}

/*
 *  J A R _ g e t _ e r r o r
 *
 *  This is provided to map internal JAR errors to strings for
 *  the Java console. Also, a DLL may call this function if it does
 *  not have access to the XP_GetString function.
 *
 *  These strings aren't UI, since they are Java console only.
 *
 */
char *
JAR_get_error(int status)
{
    char *errstring = NULL;

    switch (status) {
    case JAR_ERR_GENERAL:
	errstring = "General JAR file error";
	break;

    case JAR_ERR_FNF:
	errstring = "JAR file not found";
	break;

    case JAR_ERR_CORRUPT:
	errstring = "Corrupt JAR file";
	break;

    case JAR_ERR_MEMORY:
	errstring = "Out of memory";
	break;

    case JAR_ERR_DISK:
	errstring = "Disk error (perhaps out of space)";
	break;

    case JAR_ERR_ORDER:
	errstring = "Inconsistent files in META-INF directory";
	break;

    case JAR_ERR_SIG:
	errstring = "Invalid digital signature file";
	break;

    case JAR_ERR_METADATA:
	errstring = "JAR metadata failed verification";
	break;

    case JAR_ERR_ENTRY:
	errstring = "No Manifest entry for this JAR entry";
	break;

    case JAR_ERR_HASH:
	errstring = "Invalid Hash of this JAR entry";
	break;

    case JAR_ERR_PK7:
	errstring = "Strange PKCS7 or RSA failure";
	break;

    case JAR_ERR_PNF:
	errstring = "Path not found inside JAR file";
	break;

    default:
	if (jar_fn_GetString) {
	    errstring = jar_fn_GetString (status);
	} else {
	    /* this is not a normal situation, and would only be
	       called in cases of improper initialization */
	    char *err = (char*)PORT_Alloc (40);
	    if (err)
		PR_snprintf (err, 39,  "Error %d\n", status); /* leak me! */
	    else
		err = "Error! Bad! Out of memory!";
	    return err;
	}
	break;
    }
    return errstring;
}