Package eu.europa.esig.dss.asic.common

Class SecureContainerHandler

java.lang.Object

eu.europa.esig.dss.asic.common.SecureContainerHandler

All Implemented Interfaces:

ZipContainerHandler

public class SecureContainerHandler
extends Object
implements ZipContainerHandler

The default implementation of ZipContainerHandler, providing utilities to prevent a denial of service attacks, such as zip-bombing

Constructor Summary

Constructors

Constructor	Description
SecureContainerHandler()	Default constructor instantiating handler with default configuration

Method Summary

Modifier and Type	Method	Description
protected void	buildZip(List<DSSDocument> containerEntries, Date creationTime, String zipComment, ZipOutputStream zos)	This method stores all containerEntries in a given order to a ZipOutputStream with the given parameters
DSSDocument	createZipArchive(List<DSSDocument> containerEntries, Date creationTime, String zipComment)	Creates a ZIP-Archive with the given containerEntries
List<DSSDocument>	extractContainerContent(DSSDocument zipArchive)	Extracts a list of DSSDocument from the given ZIP-archive
List<String>	extractEntryNames(DSSDocument zipArchive)	Returns a list of ZIP archive entry names
protected ZipEntry	getZipEntry(DSSDocument entry, Date creationTime)	Creates a new ZipEntry for the given DSSDocument at creationTime
protected DSSResourcesHandler	instantiateResourcesHandler()	This method instantiates a new DSSResourcesFactory
protected void	secureCopy(InputStream is, OutputStream os, long allowedSize)	Reads and copies InputStream in a secure way to OutputStream.
protected void	secureSkip(InputStream is, long allowedSize)	This method allows skipping securely InputStream without caching the content
void	setExtractComments(boolean extractComments)	Sets whether comments of ZIP entries shall be extracted.
void	setMaxAllowedFilesAmount(int maxAllowedFilesAmount)	Sets the maximum allowed amount of files inside a container Default : 1000
void	setMaxCompressionRatio(long maxCompressionRatio)	Sets the maximum allowed compression ratio If the container compression ratio exceeds the value, an exception is being thrown Default : 100
void	setMaxMalformedFiles(int maxMalformedFiles)	Sets the maximum allowed amount of malformed files Default : 100
void	setResourcesHandlerBuilder(DSSResourcesHandlerBuilder resourcesHandlerBuilder)	Sets DSSResourcesFactoryBuilder to be used for a DSSResourcesHandler creation in internal methods.
void	setThreshold(long threshold)	Sets the maximum allowed threshold after exceeding each the security checks are enforced Default : 1000000 (1 MB)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecureContainerHandler

public SecureContainerHandler()

Default constructor instantiating handler with default configuration

Method Details

setThreshold

public void setThreshold(long threshold)

Sets the maximum allowed threshold after exceeding each the security checks are enforced Default : 1000000 (1 MB)

Parameters:

threshold - in bytes

setMaxCompressionRatio

public void setMaxCompressionRatio(long maxCompressionRatio)

Sets the maximum allowed compression ratio If the container compression ratio exceeds the value, an exception is being thrown Default : 100

Parameters:

maxCompressionRatio - the maximum compression ratio

setMaxAllowedFilesAmount

public void setMaxAllowedFilesAmount(int maxAllowedFilesAmount)

Sets the maximum allowed amount of files inside a container Default : 1000

Parameters:

maxAllowedFilesAmount - the maximum number of allowed files

setMaxMalformedFiles

public void setMaxMalformedFiles(int maxMalformedFiles)

Sets the maximum allowed amount of malformed files Default : 100

Parameters:

maxMalformedFiles - the maximum number of malformed files

setExtractComments

public void setExtractComments(boolean extractComments)

Sets whether comments of ZIP entries shall be extracted. Enabling of the feature can be useful when editing an existing archive, in order to preserve the existing data (i.e. comments). When enabled, slightly decreases the performance (about 10% for extractContainerContent(zipArchive) method). Reason : All ZIP entries from a ZIP archive are extracted using java.util.zip.ZipInputStream, that is not able to extract comments for entries. In order to extract comments, the archive shall be read again using java.util.zip.ZipFile. For more information about limitations please see <a href="https://stackoverflow.com/a/70848140">the link</a>. Default : false (not extracted)

Parameters:

extractComments - whether comments shall be extracted

setResourcesHandlerBuilder

public void setResourcesHandlerBuilder(DSSResourcesHandlerBuilder resourcesHandlerBuilder)

Sets DSSResourcesFactoryBuilder to be used for a DSSResourcesHandler creation in internal methods. DSSResourcesHandler defines a way to operate with OutputStreams and create DSSDocuments. Default : eu.europa.esig.dss.signature.resources.InMemoryResourcesHandler. Works with data in memory.

Parameters:

resourcesHandlerBuilder - DSSResourcesHandlerBuilder

extractContainerContent

public List<DSSDocument> extractContainerContent(DSSDocument zipArchive)

Description copied from interface: ZipContainerHandler

Extracts a list of DSSDocument from the given ZIP-archive

Specified by:

extractContainerContent in interface ZipContainerHandler

Parameters:

zipArchive - DSSDocument

Returns:

a list of DSSDocuments

extractEntryNames

public List<String> extractEntryNames(DSSDocument zipArchive)

Description copied from interface: ZipContainerHandler

Returns a list of ZIP archive entry names

Specified by:

extractEntryNames in interface ZipContainerHandler

Parameters:

zipArchive - DSSDocument

Returns:

a list of String entry names

createZipArchive

public DSSDocument createZipArchive(List<DSSDocument> containerEntries,
 Date creationTime,
 String zipComment)

Description copied from interface: ZipContainerHandler

Creates a ZIP-Archive with the given containerEntries

Specified by:

createZipArchive in interface ZipContainerHandler

Parameters:

containerEntries - a list of DSSDocuments to embed into the new container instance

creationTime - (Optional) Date defined time of an archive creation, will be set for all embedded files. If null, the local current time will be used

zipComment - (Optional) String defined a zipComment

Returns:

DSSDocument ZIP-Archive

instantiateResourcesHandler

protected DSSResourcesHandler instantiateResourcesHandler()
                                                   throws IOException

This method instantiates a new DSSResourcesFactory

Returns:

DSSResourcesHandler

Throws:

IOException - if an error occurs on DSSResourcesHandler instantiation

buildZip

protected void buildZip(List<DSSDocument> containerEntries,
 Date creationTime,
 String zipComment,
 ZipOutputStream zos)
                 throws IOException

This method stores all containerEntries in a given order to a ZipOutputStream with the given parameters

Parameters:

containerEntries - a list of DSSDocuments to store

creationTime - Date ZIP archive creation time

zipComment - String zip comment (optional)

zos - ZipOutputStream to consume the ZIP entries

Throws:

IOException - in case an error occurs on ZipOutputStream update

getZipEntry

protected ZipEntry getZipEntry(DSSDocument entry,
 Date creationTime)

Creates a new ZipEntry for the given DSSDocument at creationTime

Parameters:

entry - DSSDocument to be placed within a ZIP container

creationTime - Date the creation time of ZIP container

Returns:

ZipEntry

secureCopy

protected void secureCopy(InputStream is,
 OutputStream os,
 long allowedSize)
                   throws IOException

Reads and copies InputStream in a secure way to OutputStream. Detects "ZipBombing" (large files inside a zip container) depending on the provided container size

Parameters:

is - InputStream of file

os - OutputStream where save file to.

allowedSize - defines an allowed size of the ZIP container entries, if -1 skips the validation

Throws:

IOException - if an exception occurs

secureSkip

protected void secureSkip(InputStream is,
 long allowedSize)
                   throws IOException

This method allows skipping securely InputStream without caching the content

Parameters:

is - InputStream to skip

allowedSize - the maximum allowed size of the extracted content

Throws:

IOException - if an exception occurs