OpenE2K
/
gcc
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
gcc/libjava/java/security/CodeSource.java

328 lines
10 KiB
Java
Raw Blame History

/* CodeSource.java -- Code location and certifcates
Copyright (C) 1998 Free Software Foundation, Inc.
This file is part of GNU Classpath.
GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Classpath; see the file COPYING. If not, write to the
Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA.
Linking this library statically or dynamically with other modules is
making a combined work based on this library. Thus, the terms and
conditions of the GNU General Public License cover the whole
combination.
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent
modules, and to copy and distribute the resulting executable under
terms of your choice, provided that you also meet, for each linked
independent module, the terms and conditions of the license of that
module. An independent module is a module which is not derived from
or based on this library. If you modify this library, you may extend
this exception to your version of the library, but you are not
obligated to do so. If you do not wish to do so, delete this
exception statement from your version. */
package java.security;
import java.io.Serializable;
import java.net.URL;
import java.net.SocketPermission;
/**
* This class represents a location from which code is loaded (as
* represented by a URL) and the list of certificates that are used to
* check the signatures of signed code loaded from this source.
*
* @version 0.0
*
* @author Aaron M. Renn (arenn@urbanophile.com)
*/
public class CodeSource implements Serializable
{
private static final String linesep = System.getProperty("line.separator");
/**
* This is the URL that represents the code base from which code will
* be loaded.
*/
private URL location;
/**
* This is the list of certificates for this code base
*/
// What is the serialized form of this?
private java.security.cert.Certificate[] certs;
/**
* This method initializes a new instance of <code>CodeSource</code> that
* loads code from the specified URL location and which uses the
* specified certificates for verifying signatures.
*
* @param location The location from which code will be loaded
* @param certs The list of certificates used for verifying signatures on code from this source
*/
public CodeSource(URL location, java.security.cert.Certificate[] certs)
{
this.location = location;
this.certs = certs;
}
/**
* This method returns the URL specifying the location from which code
* will be loaded under this <code>CodeSource</code>.
*
* @return The code location for this <code>CodeSource</code>.
*/
public final URL getLocation()
{
return location;
}
/**
* This method returns the list of digital certificates that can be used
* to verify the signatures of code loaded under this <code>CodeSource</code>.
*
* @return The certifcate list for this <code>CodeSource</code>.
*/
public final java.security.cert.Certificate[] getCertificates()
{
return certs;
}
/**
* This method tests to see if a specified <code>CodeSource</code> is
* implied by this object. Effectively, to meet this test, the specified
* object must have all the certifcates this object has (but may have
* more) and must have a location that is a subset of this object's. In order
* for this object to imply the specified object, the following must be
* true:
* <p>
* <ol>
* <li>The specified <code>CodeSource</code> must not be <code>null</code>.
* <li>If the specified <code>CodeSource</code> has a certificate list,
* all of that object's certificates must be present in the certificate
* list of this object.
* <li>If this object does not have a <code>null</code> location, then
* the following addtional tests must be passed.
* <ol>
* <li>The specified <code>CodeSource</code> must not have a <code>null</code> location.
* <li>The specified <code>CodeSource</code>'s location must be equal to
* this object's location, or<br>
* <ul>
* <li>The specifiec <code>CodeSource</code>'s location protocol, port,
* and ref (aka, anchor) must equal this objects, and
* <li>The specified <code>CodeSource</code>'s location host must imply this
* object's location host, as determined by contructing
* <code>SocketPermission</code> objects from each with no action list and
* using that classes's <code>implies</code> method. And,
* <li>If this object's location file ends with a '/', then the specified
* object's location file must start with this object's location file.
* Otherwise, the specified object's location file must start with this
* object's location file with the '/' character appended to it.
* </ul>
* </ol>
* </ol>
*
* @param cs The <code>CodeSource</code> to test against this object
*
* @return <code>true</code> if this specified <code>CodeSource</code> is specified by this object, <code>false</code> otherwise.
*/
public boolean implies(CodeSource cs)
{
if (cs == null)
return false;
// First check the certificate list
java.security.cert.Certificate[] their_certs = cs.getCertificates();
java.security.cert.Certificate[] our_certs = getCertificates();
if (our_certs != null)
{
if (their_certs == null)
return false;
for (int i = 0; i < our_certs.length; i++)
{
int j;
for (j = 0; j < their_certs.length; j++)
if (our_certs[i].equals(their_certs[j]))
break;
if (j == their_certs.length)
return false;
}
}
// Next check the location
URL their_loc = getLocation();
URL our_loc = getLocation();
if (our_loc == null)
return true;
else if (their_loc == null)
return false;
if (!our_loc.getProtocol().equals(their_loc.getProtocol()))
return false;
if (our_loc.getPort() != -1)
if (our_loc.getPort() != their_loc.getPort())
return false;
if (our_loc.getRef() != null)
if (!our_loc.getRef().equals(their_loc.getRef()))
return false;
// See javadoc comments for what we are doing here.
if (our_loc.getHost() != null)
{
String their_host = their_loc.getHost();
if (their_host == null)
return false;
SocketPermission our_sockperm =
new SocketPermission(our_loc.getHost(), "accept");
SocketPermission their_sockperm =
new SocketPermission(their_host, "accept");
if (!our_sockperm.implies(their_sockperm))
return false;
}
String our_file = our_loc.getFile();
if (our_file != null)
{
if (!our_file.endsWith("/"))
our_file = our_file + "/";
String their_file = their_loc.getFile();
if (their_file == null)
return false;
if (!their_file.startsWith(our_file))
return false;
}
return true;
}
/**
* This method tests the specified <code>Object</code> for equality with
* this object. This will be true if and only if:
* <p>
* <ul>
* <li>The specified object is not <code>null</code>.
* <li>The specified object is an instance of <code>CodeSource</code>.
* <li>The specified object's location is the same as this object's.
* <li>The specified object's certificate list contains the exact same
* entries as the object's. Note that the order of the certificate lists
* is not significant.
* </ul>
*
* @param obj The <code>Object</code> to test against.
*
* @return <code>true</code> if the specified object is equal to this one, <code>false</code> otherwise.
*/
public boolean equals(Object obj)
{
if (obj == null)
return false;
if (!(obj instanceof CodeSource))
return false;
CodeSource cs = (CodeSource) obj;
// First check the certificate list
java.security.cert.Certificate[] their_certs = cs.getCertificates();
java.security.cert.Certificate[] our_certs = getCertificates();
if ((our_certs == null) && (their_certs != null))
return false;
else if ((our_certs != null) && (their_certs == null))
return false;
if (our_certs != null)
{
if (our_certs.length != their_certs.length)
return false;
for (int i = 0; i < our_certs.length; i++)
{
int j;
for (j = 0; j < their_certs.length; j++)
if (our_certs[i].equals(their_certs[j]))
break;
if (j == their_certs.length)
return false;
}
}
// Now the location
URL their_loc = cs.getLocation();
URL our_loc = getLocation();
if ((our_loc == null) && (their_loc != null))
return false;
if (!our_loc.equals(their_loc))
return false;
return true;
}
/**
* This method returns a hash value for this object.
*
* @return A hash value for this object.
*/
public int hashCode()
{
URL location = getLocation();
if (location == null)
return System.identityHashCode(this);
return location.hashCode();
}
/**
* This method returns a <code>String</code> that represents this object.
* This <code>String</code> will contain the object's hash code, location,
* and certificate list.
*
* @return A <code>String</code> for this object
*/
public String toString()
{
StringBuffer sb = new StringBuffer("");
sb.append(super.toString() + " (" + linesep);
sb.append("Location: " + getLocation() + linesep);
java.security.cert.Certificate[] certs = getCertificates();
if (certs == null)
sb.append("<none>" + linesep);
else
for (int i = 0; i < certs.length; i++)
sb.append(certs[i] + linesep);
sb.append(")" + linesep);
return sb.toString();
}
}
Reference in New Issue View Git Blame Copy Permalink