4

Currently we use jarsigner to sign our jar. We then display some SHA1-Digest values for some specific classes to prove to an external auditor that the code has not changed between releases.

We only rely on the META-INF/xxx.SF file to get the digest information and we never use the META-INF/xxx.DSA signature block file.

As we only need the digest calculation in our code, I was wondering if this is possible to have the .SF file generated with some java tool without actually using a key.

I read http://docs.oracle.com/javase/6/docs/technotes/tools/windows/jarsigner.html but it looks like the key is mandatory.

cbliard
  • 7,051
  • 5
  • 41
  • 47

2 Answers2

8

This should be possible. The MANIFEST.MF file contains a Base64-encoded SHA-1 of the respective class file.

From your document:

In the manifest file, the SHA digest value for each source file is the
digest (hash) of the binary data in the source file. In the .SF file,
on the other hand, the digest value for a given source file is the
hash of the three lines in the manifest file for the source file.

So, iterate over all class files, compute the SHA-1, format that as it appears in MANIFEST.MF, then hash that and format as it appears in the SF file.

There is no key involved with the computation.

Example: consider "jce1_2_2.jar" (or whatever you have properly signed). This contains

  1. MANIFEST.MF entries of the form

    Name: javax/crypto/KeyAgreement.class
SHA1-Digest: c2p0JimzpV0dG+NChGLl5cI7MuY=
<empty line>

  2. which are the Base64(SHA1-1) of "KeyAgreement.class" (path is not relevant). Note the third empty line. Line endings are CRLF (Windows).

  3. META-INF/4JCEJARS.SF entry

    Name: javax/crypto/KeyAgreement.class
SHA1-Digest: whGBXE+AvYO6wAoVCdnocOPIrsE=

which is the hash not of the file, but of those three lines above.

mgaert
  • 2,338
  • 21
  • 27
  • 1
    So you mean that no tool exists and I should write up some code to compute the META-INF/4JCEJARS.SF file during my packaging? Additionally, I looked at tha Java 6 source and it looks like the jarsigner is the only tool that generates these SHA1-Digest lines. – cbliard Feb 14 '12 at 14:26
  • I am not aware of such a tool. As you found out, jarsigner only does signing-plus-hashing, not hasing alone. Should not be too difficult to write such "jarhash" tool, though. It surely does not have to be Java, of course. My test for above answer was done using other commmand line tools, i.e. unzip.exe, base64.exe, hex2bin.exe etc. A bit of batch scripting should do the job as well. Are you sure you *need* a Java solution? – mgaert Feb 14 '12 at 15:18
  • Correct, I do not need a Java solution. Indeed I also used a couple of command line tools to check how the digest are computed and to see if I could compute the same value easily. It chould not be too complicated to write a 'jarhash' tool. Many thanks! – cbliard Feb 16 '12 at 10:18
  • have you made any progress with this? – Redoman Aug 01 '13 at 08:11
  • I've tried to study the theory behind this too, but before I could programmatically get at it, I've become stuck at "step-2": no problem at computing a valid sha1-hash for a java class, but then I can't come up with a corresponding valid entry for .sf file. Whenever I try to compute hash for those 3-lines-above (carriage ret. included) I get a "wrong" sha1 hash (compared to the one from the .sf file in a jar I create with jar command and jarsigner). Does anyone know how to exactly compute that? Googling around I found that there seem to be slightly different opinions in what exactly to hash! – Redoman Aug 01 '13 at 08:31
  • In some more detail: (1) Hash the MANIFEST.MF file with SHA1: Result is C211815C4F80BD83BAC00A1509D9E870E3C8AEC1 (2) Turn this has into a binary file of length 20. (3) Base64-encode this file. Result is whGBXE+AvYO6wAoVCdnocOPIrsE= – mgaert Aug 20 '13 at 21:09
  • FYI: The MANIFEST.MF file has length 84 bytes. Binary content is: 4E 61 6D 65 3A 20 6A 61 76 61 78 2F 63 72 79 70 74 6F 2F 4B 65 79 41 67 72 65 65 6D 65 6E 74 2E 63 6C 61 73 73 0D 0A 53 48 41 31 2D 44 69 67 65 73 74 3A 20 63 32 70 30 4A 69 6D 7A 70 56 30 64 47 2B 4E 43 68 47 4C 6C 35 63 49 37 4D 75 59 3D 0D 0A 0D 0A – mgaert Aug 20 '13 at 21:15
1

Signature verification will fail...

Why?

JAR File Verification -> Verify the signature of the .SF file itself.

That is, the verification ensures that the signature stored in each signature block (.DSA) file was in fact generated using the private key corresponding to the public key whose certificate (or certificate chain) also appears in the .DSA file. It also ensures that the signature is a valid signature of the corresponding signature (.SF) file, and thus the .SF file has not been tampered with.

For more info http://docs.oracle.com/javase/7/docs/technotes/tools/windows/jarsigner.html

Nik theGeeK
  • 181
  • 12