*** Welcome to piglix ***

JAR (file format)

Java Archive
KDE JAR file icon
Filename extension .jar
Internet media type application/java-archive
Uniform Type Identifier (UTI) com.sun.java-archive
Developed by Netscape, Sun Microsystems, Oracle Corporation
Type of format File archive, data compression
Extended from ZIP

A JAR (Java ARchive) is a package file format typically used to aggregate many Java class files and associated metadata and resources (text, images, etc.) into one file for distribution.

JAR files are archive files with which include a Java-specific manifest file. They are built on the ZIP format and typically have a .jar file extension.

A JAR file allows Java runtimes to efficiently deploy an entire application, including its classes and their associated resources, in a single request. JAR file elements may be compressed, shortening download times.

A JAR file may contain a manifest file, located at META-INF/MANIFEST.MF. The entries in the manifest file describe how to use the JAR file. For instance, a Classpath entry can be used to specify other JAR files to load with the JAR.

The contents of a JAR file may be extracted using any standard decompression software, or the jar command line utility: "jar -xf foo.jar".

Developers can digitally sign JAR files. In that case, the signature information becomes part of the embedded manifest file. The JAR itself is not signed, but instead every file inside the archive is listed along with its checksum; it is these checksums that are signed. Multiple entities may sign the JAR file, changing the JAR file itself with each signing, although the signed files themselves remain valid. When the Java runtime loads signed JAR files, it can validate the signatures and refuse to load classes that do not match the signature. It can also support 'sealed' packages, in which the Classloader will only permit Java classes to be loaded into the same package if they are all signed by the same entities. This prevents malicious code from being inserted into an existing package, and so gaining access to package-scoped classes and data.

The content of JAR files may be obfuscated to make reverse engineering more difficult.


...
Wikipedia

...