Major merge with Classpath.
Removed many duplicate files. * HACKING: Updated.x * classpath: Imported new directory. * standard.omit: New file. * Makefile.in, aclocal.m4, configure: Rebuilt. * sources.am: New file. * configure.ac: Run Classpath configure script. Moved code around to support. Disable xlib AWT peers (temporarily). * Makefile.am (SUBDIRS): Added 'classpath' (JAVAC): Removed. (AM_CPPFLAGS): Added more -I options. (BOOTCLASSPATH): Simplified. Completely redid how sources are built. Include sources.am. * include/Makefile.am (tool_include__HEADERS): Removed jni.h. * include/jni.h: Removed (in Classpath). * scripts/classes.pl: Updated to look at built classes. * scripts/makemake.tcl: New file. * testsuite/libjava.jni/jni.exp (gcj_jni_compile_c_to_so): Added -I options. (gcj_jni_invocation_compile_c_to_binary): Likewise. From-SVN: r102082
This commit is contained in:
@@ -1,97 +0,0 @@
|
||||
/* AccessControlException.java -- Permission is denied
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception is thrown when the <code>AccessController</code> denies
|
||||
* an attempt to perform an operation. This often keeps track of the
|
||||
* permission that was not granted.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see AccessController
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class AccessControlException extends SecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 5138225684096988535L;
|
||||
|
||||
/**
|
||||
* The <code>Permission</code> associated with this exception.
|
||||
*
|
||||
* @serial the permission
|
||||
*/
|
||||
private final Permission perm;
|
||||
|
||||
/**
|
||||
* Create a new instance with a descriptive error message, and a null
|
||||
* <code>Permission</code> object.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
*/
|
||||
public AccessControlException(String msg)
|
||||
{
|
||||
this(msg, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with a descriptive error message and an associated
|
||||
* <code>Permission</code> object.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
* @param perm the permission that caused this
|
||||
*/
|
||||
public AccessControlException(String msg, Permission perm)
|
||||
{
|
||||
super(msg);
|
||||
this.perm = perm;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns the <code>Permission</code> object that caused
|
||||
* this exception to be thrown.
|
||||
*
|
||||
* @return the denied permission, or null
|
||||
*/
|
||||
public Permission getPermission()
|
||||
{
|
||||
return perm;
|
||||
}
|
||||
}
|
||||
@@ -1,302 +0,0 @@
|
||||
/* AlgorithmParameterGenerator.java --- Algorithm Parameter Generator
|
||||
Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
|
||||
/**
|
||||
* <p>The <code>AlgorithmParameterGenerator</code> class is used to generate a
|
||||
* set of parameters to be used with a certain algorithm. Parameter generators
|
||||
* are constructed using the <code>getInstance()</code> factory methods (static
|
||||
* methods that return instances of a given class).</p>
|
||||
*
|
||||
* <p>The object that will generate the parameters can be initialized in two
|
||||
* different ways: in an algorithm-independent manner, or in an
|
||||
* algorithm-specific manner:</p>
|
||||
*
|
||||
* <ul>
|
||||
* <li>The algorithm-independent approach uses the fact that all parameter
|
||||
* generators share the concept of a <i>"size"</i> and a <i>source of
|
||||
* randomness</i>. The measure of <i>size</i> is universally shared by all
|
||||
* algorithm parameters, though it is interpreted differently for different
|
||||
* algorithms. For example, in the case of parameters for the <i>DSA</i>
|
||||
* algorithm, <i>"size"</i> corresponds to the size of the prime modulus (in
|
||||
* bits). When using this approach, algorithm-specific parameter generation
|
||||
* values - if any - default to some standard values, unless they can be
|
||||
* derived from the specified size.</li>
|
||||
* <li>The other approach initializes a parameter generator object using
|
||||
* algorithm-specific semantics, which are represented by a set of
|
||||
* algorithm-specific parameter generation values. To generate Diffie-Hellman
|
||||
* system parameters, for example, the parameter generation values usually
|
||||
* consist of the size of the prime modulus and the size of the random
|
||||
* exponent, both specified in number of bits.</li>
|
||||
* </ul>
|
||||
*
|
||||
* <p>In case the client does not explicitly initialize the
|
||||
* <code>AlgorithmParameterGenerator</code> (via a call to an <code>init()</code>
|
||||
* method), each provider must supply (and document) a default initialization.
|
||||
* For example, the <b>GNU</b> provider uses a default modulus prime size of
|
||||
* <code>1024</code> bits for the generation of <i>DSA</i> parameters.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @since 1.2
|
||||
* @see AlgorithmParameters
|
||||
* @see AlgorithmParameterSpec
|
||||
*/
|
||||
public class AlgorithmParameterGenerator
|
||||
{
|
||||
/** Service name for algorithm parameter generators. */
|
||||
private static final String ALGORITHM_PARAMETER_GENERATOR =
|
||||
"AlgorithmParameterGenerator";
|
||||
|
||||
private AlgorithmParameterGeneratorSpi paramGenSpi;
|
||||
private Provider provider;
|
||||
private String algorithm;
|
||||
|
||||
/**
|
||||
* Creates an <code>AlgorithmParameterGenerator</code> object.
|
||||
*
|
||||
* @param paramGenSpi the delegate.
|
||||
* @param provider the provider.
|
||||
* @param algorithm the algorithm.
|
||||
*/
|
||||
protected AlgorithmParameterGenerator(AlgorithmParameterGeneratorSpi
|
||||
paramGenSpi, Provider provider,
|
||||
String algorithm)
|
||||
{
|
||||
this.paramGenSpi = paramGenSpi;
|
||||
this.provider = provider;
|
||||
this.algorithm = algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the standard name of the algorithm this parameter generator is
|
||||
* associated with.
|
||||
*
|
||||
* @return the string name of the algorithm.
|
||||
*/
|
||||
public final String getAlgorithm()
|
||||
{
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates an <code>AlgorithmParameterGenerator</code> object that
|
||||
* implements the specified digest algorithm. If the default provider package
|
||||
* provides an implementation of the requested digest algorithm, an instance
|
||||
* of <code>AlgorithmParameterGenerator</code> containing that implementation
|
||||
* is returned. If the algorithm is not available in the default package,
|
||||
* other packages are searched.
|
||||
*
|
||||
* @param algorithm the string name of the algorithm this parameter generator
|
||||
* is associated with.
|
||||
* @return the new <code>AlgorithmParameterGenerator</code> object.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available in the
|
||||
* environment.
|
||||
*/
|
||||
public static AlgorithmParameterGenerator getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
for (int i = 0; i < p.length; i++)
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignore.
|
||||
}
|
||||
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates an <code>AlgorithmParameterGenerator</code> object for the
|
||||
* requested algorithm, as supplied from the specified provider, if such a
|
||||
* parameter generator is available from the provider.
|
||||
*
|
||||
* @param algorithm the string name of the algorithm.
|
||||
* @param provider the string name of the provider.
|
||||
* @return the new <code>AlgorithmParameterGenerator</code> object.
|
||||
* @throws NoSuchAlgorithmException if the <code>algorithm</code> is not
|
||||
* available from the <code>provider</code>.
|
||||
* @throws NoSuchProviderException if the <code>provider</code> is not
|
||||
* available in the environment.
|
||||
* @throws IllegalArgumentException if the <code>provider</code> name is
|
||||
* <code>null</code> or empty.
|
||||
* @see Provider
|
||||
*/
|
||||
public static AlgorithmParameterGenerator getInstance(String algorithm,
|
||||
String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
if (provider == null || provider.length() == 0)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates an AlgorithmParameterGenerator object for the requested
|
||||
* algorithm, as supplied from the specified provider, if such a parameter
|
||||
* generator is available from the provider. Note: the <code>provider</code>
|
||||
* doesn't have to be registered.
|
||||
*
|
||||
* @param algorithm the string name of the algorithm.
|
||||
* @param provider the provider.
|
||||
* @return the new AlgorithmParameterGenerator object.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available from
|
||||
* the provider.
|
||||
* @throws IllegalArgumentException if the provider is null.
|
||||
* @since 1.4
|
||||
* @see Provider
|
||||
*/
|
||||
public static AlgorithmParameterGenerator getInstance(String algorithm,
|
||||
Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
try
|
||||
{
|
||||
return new AlgorithmParameterGenerator(
|
||||
(AlgorithmParameterGeneratorSpi) Engine.getInstance(
|
||||
ALGORITHM_PARAMETER_GENERATOR, algorithm, provider),
|
||||
provider, algorithm);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the provider of this algorithm parameter generator object.
|
||||
*
|
||||
* @return the provider of this algorithm parameter generator object.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this parameter generator for a certain <i>size</i>. To create
|
||||
* the parameters, the {@link SecureRandom} implementation of the
|
||||
* highest-priority installed provider is used as the source of randomness.
|
||||
* (If none of the installed providers supply an implementation of
|
||||
* {@link SecureRandom}, a system-provided source of randomness is used.)
|
||||
*
|
||||
* @param size the size (number of bits).
|
||||
*/
|
||||
public final void init(int size)
|
||||
{
|
||||
init(size, new SecureRandom());
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this parameter generator for a certain size and source of
|
||||
* randomness.
|
||||
*
|
||||
* @param size the size (number of bits).
|
||||
* @param random the source of randomness.
|
||||
*/
|
||||
public final void init(int size, SecureRandom random)
|
||||
{
|
||||
paramGenSpi.engineInit(size, random);
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this parameter generator with a set of algorithm-specific
|
||||
* parameter generation values. To generate the parameters, the {@link
|
||||
* SecureRandom} implementation of the highest-priority installed provider is
|
||||
* used as the source of randomness. (If none of the installed providers
|
||||
* supply an implementation of {@link SecureRandom}, a system-provided source
|
||||
* of randomness is used.)
|
||||
*
|
||||
* @param genParamSpec the set of algorithm-specific parameter generation
|
||||
* values.
|
||||
* @throws InvalidAlgorithmParameterException if the given parameter
|
||||
* generation values are inappropriate for this parameter generator.
|
||||
*/
|
||||
public final void init(AlgorithmParameterSpec genParamSpec)
|
||||
throws InvalidAlgorithmParameterException
|
||||
{
|
||||
init(genParamSpec, new SecureRandom());
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this parameter generator with a set of algorithm-specific
|
||||
* parameter generation values.
|
||||
*
|
||||
* @param genParamSpec the set of algorithm-specific parameter generation
|
||||
* values.
|
||||
* @param random the source of randomness.
|
||||
* @throws InvalidAlgorithmParameterException if the given parameter
|
||||
* generation values are inappropriate for this parameter generator.
|
||||
*/
|
||||
public final void init(AlgorithmParameterSpec genParamSpec,
|
||||
SecureRandom random)
|
||||
throws InvalidAlgorithmParameterException
|
||||
{
|
||||
paramGenSpi.engineInit(genParamSpec, random);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates the parameters.
|
||||
*
|
||||
* @return the new {@link AlgorithmParameters} object.
|
||||
*/
|
||||
public final AlgorithmParameters generateParameters()
|
||||
{
|
||||
return paramGenSpi.engineGenerateParameters();
|
||||
}
|
||||
}
|
||||
@@ -1,94 +0,0 @@
|
||||
/* AlgorithmParameterGeneratorSpi.java --- Algorithm Parameter Generator SPI
|
||||
Copyright (C) 1999 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
|
||||
/**
|
||||
AlgorithmParameterGeneratorSpi is the Service Provider
|
||||
Interface for the AlgorithmParameterGenerator class.
|
||||
This class is used to generate the algorithm parameters
|
||||
for a specific algorithm.
|
||||
|
||||
@since JDK 1.2
|
||||
@author Mark Benvenuto
|
||||
*/
|
||||
public abstract class AlgorithmParameterGeneratorSpi
|
||||
{
|
||||
|
||||
/**
|
||||
Constructs a new AlgorithmParameterGeneratorSpi
|
||||
*/
|
||||
public AlgorithmParameterGeneratorSpi()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
Initializes the parameter generator with the specified size
|
||||
and SecureRandom
|
||||
|
||||
@param size the size( in number of bits)
|
||||
@param random the SecureRandom class to use for randomness
|
||||
*/
|
||||
protected abstract void engineInit(int size, SecureRandom random);
|
||||
|
||||
/**
|
||||
Initializes the parameter generator with the specified
|
||||
AlgorithmParameterSpec and SecureRandom classes.
|
||||
|
||||
If genParamSpec is an invalid AlgorithmParameterSpec for this
|
||||
AlgorithmParameterGeneratorSpi then it throws
|
||||
InvalidAlgorithmParameterException
|
||||
|
||||
@param genParamSpec the AlgorithmParameterSpec class to use
|
||||
@param random the SecureRandom class to use for randomness
|
||||
|
||||
@throws InvalidAlgorithmParameterException genParamSpec is invalid
|
||||
*/
|
||||
protected abstract void engineInit(AlgorithmParameterSpec genParamSpec,
|
||||
SecureRandom random) throws
|
||||
InvalidAlgorithmParameterException;
|
||||
|
||||
|
||||
/**
|
||||
Generate a new set of AlgorithmParameters.
|
||||
|
||||
@returns a new set of algorithm parameters
|
||||
*/
|
||||
protected abstract AlgorithmParameters engineGenerateParameters();
|
||||
|
||||
}
|
||||
@@ -1,340 +0,0 @@
|
||||
/* AlgorithmParameters.java --- Algorithm Parameters Implementation Class
|
||||
Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
import java.security.spec.InvalidParameterSpecException;
|
||||
|
||||
/**
|
||||
* <p>This class is used as an opaque representation of cryptographic
|
||||
* parameters.</p>
|
||||
*
|
||||
* <p>An <code>AlgorithmParameters</code> object for managing the parameters
|
||||
* for a particular algorithm can be obtained by calling one of the
|
||||
* <code>getInstance()</code> factory methods (static methods that return
|
||||
* instances of a given class).</p>
|
||||
*
|
||||
* <p>There are two ways to request such an implementation: by specifying
|
||||
* either just an algorithm name, or both an algorithm name and a package
|
||||
* provider.</p>
|
||||
*
|
||||
* <ul>
|
||||
* <li>If just an algorithm name is specified, the system will determine if
|
||||
* there is an AlgorithmParameters implementation for the algorithm requested
|
||||
* available in the environment, and if there is more than one, if there is
|
||||
* a preferred one.</li>
|
||||
* <li>If both an algorithm name and a package provider are specified, the
|
||||
* system will determine if there is an implementation in the package
|
||||
* requested, and throw an exception if there is not.</li>
|
||||
* </ul>
|
||||
*
|
||||
* <p>Once an <code>AlgorithmParameters</code> object is returned, it must be
|
||||
* initialized via a call to <code>init()</code>, using an appropriate
|
||||
* parameter specification or parameter encoding.</p>
|
||||
*
|
||||
* <p>A transparent parameter specification is obtained from an
|
||||
* <code>AlgorithmParameters</code> object via a call to
|
||||
* <code>getParameterSpec()</code>, and a byte encoding of the parameters is
|
||||
* obtained via a call to <code>getEncoded()</code>.</p>
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @since 1.2
|
||||
* @see AlgorithmParameterSpec
|
||||
* @see java.security.spec.DSAParameterSpec
|
||||
* @see KeyPairGenerator
|
||||
*/
|
||||
public class AlgorithmParameters
|
||||
{
|
||||
/** Service name for algorithm parameters. */
|
||||
private static final String ALGORITHM_PARAMETERS = "AlgorithmParameters";
|
||||
|
||||
private AlgorithmParametersSpi paramSpi;
|
||||
private Provider provider;
|
||||
private String algorithm;
|
||||
|
||||
/**
|
||||
* Creates an <code>AlgorithmParameters</code> object.
|
||||
*
|
||||
* @param paramSpi the delegate.
|
||||
* @param provider the provider.
|
||||
* @param algorithm the algorithm.
|
||||
*/
|
||||
protected AlgorithmParameters(AlgorithmParametersSpi paramSpi,
|
||||
Provider provider, String algorithm)
|
||||
{
|
||||
this.paramSpi = paramSpi;
|
||||
this.provider = provider;
|
||||
this.algorithm = algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the name of the algorithm associated with this parameter object.
|
||||
*
|
||||
* @return the algorithm name.
|
||||
*/
|
||||
public final String getAlgorithm()
|
||||
{
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Generates a parameter object for the specified algorithm.</p>
|
||||
*
|
||||
* <p>If the default provider package provides an implementation of the
|
||||
* requested algorithm, an instance of <code>AlgorithmParameters</code>
|
||||
* containing that implementation is returned. If the algorithm is not
|
||||
* available in the default package, other packages are searched.</p>
|
||||
*
|
||||
* <p>The returned parameter object must be initialized via a call to
|
||||
* <code>init()</code>, using an appropriate parameter specification or
|
||||
* parameter encoding.</p>
|
||||
*
|
||||
* @param algorithm the name of the algorithm requested.
|
||||
* @return the new parameter object.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available in the
|
||||
* environment.
|
||||
*/
|
||||
public static AlgorithmParameters getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
|
||||
for (int i = 0; i < p.length; i++)
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignore this.
|
||||
}
|
||||
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Generates a parameter object for the specified algorithm, as supplied
|
||||
* by the specified provider, if such an algorithm is available from the
|
||||
* provider.</p>
|
||||
*
|
||||
* <p>The returned parameter object must be initialized via a call to
|
||||
* <code>init()</code>, using an appropriate parameter specification or
|
||||
* parameter encoding.</p>
|
||||
*
|
||||
* @param algorithm the name of the algorithm requested.
|
||||
* @param provider the name of the provider.
|
||||
* @return the new parameter object.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available in the
|
||||
* package supplied by the requested provider.
|
||||
* @throws NoSuchProviderException if the provider is not available in the
|
||||
* environment.
|
||||
* @throws IllegalArgumentException if the provider name is null or empty.
|
||||
* @see Provider
|
||||
*/
|
||||
public static AlgorithmParameters getInstance(String algorithm, String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
if (provider == null || provider.length() == 0)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates an <code>AlgorithmParameterGenerator</code> object for the
|
||||
* requested algorithm, as supplied from the specified provider, if such a
|
||||
* parameter generator is available from the provider. Note: the
|
||||
* <code>provider</code> doesn't have to be registered.
|
||||
*
|
||||
* @param algorithm the string name of the algorithm.
|
||||
* @param provider the provider.
|
||||
* @return the new <code>AlgorithmParameterGenerator</code> object.
|
||||
* @throws NoSuchAlgorithmException if the <code>algorithm</code> is not
|
||||
* available from the <code>provider</code>.
|
||||
* @throws IllegalArgumentException if the <code>provider</code> is
|
||||
* <code>null</code>.
|
||||
* @since 1.4
|
||||
*/
|
||||
public static AlgorithmParameters getInstance(String algorithm,
|
||||
Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
try
|
||||
{
|
||||
return new AlgorithmParameters((AlgorithmParametersSpi)
|
||||
Engine.getInstance(ALGORITHM_PARAMETERS, algorithm, provider),
|
||||
provider, algorithm);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the provider of this parameter object.
|
||||
*
|
||||
* @return the provider of this parameter object.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this parameter object using the parameters specified in
|
||||
* <code>paramSpec</code>.
|
||||
*
|
||||
* @param paramSpec the parameter specification.
|
||||
* @throws InvalidParameterSpecException if the given parameter specification
|
||||
* is inappropriate for the initialization of this parameter object, or if
|
||||
* this parameter object has already been initialized.
|
||||
*/
|
||||
public final void init(AlgorithmParameterSpec paramSpec)
|
||||
throws InvalidParameterSpecException
|
||||
{
|
||||
paramSpi.engineInit(paramSpec);
|
||||
}
|
||||
|
||||
/**
|
||||
* Imports the specified parameters and decodes them according to the primary
|
||||
* decoding format for parameters. The primary decoding format for parameters
|
||||
* is ASN.1, if an ASN.1 specification for this type of parameters exists.
|
||||
*
|
||||
* @param params the encoded parameters.
|
||||
* @throws IOException on decoding errors, or if this parameter object has
|
||||
* already been initialized.
|
||||
*/
|
||||
public final void init(byte[]params) throws IOException
|
||||
{
|
||||
paramSpi.engineInit(params);
|
||||
}
|
||||
|
||||
/**
|
||||
* Imports the parameters from params and decodes them according to the
|
||||
* specified decoding scheme. If <code>format</code> is <code>null</code>,
|
||||
* the primary decoding format for parameters is used. The primary decoding
|
||||
* format is ASN.1, if an ASN.1 specification for these parameters exists.
|
||||
*
|
||||
* @param params the encoded parameters.
|
||||
* @param format the name of the decoding scheme.
|
||||
* @throws IOException on decoding errors, or if this parameter object has
|
||||
* already been initialized.
|
||||
*/
|
||||
public final void init(byte[]params, String format) throws IOException
|
||||
{
|
||||
paramSpi.engineInit(params, format);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a (transparent) specification of this parameter object.
|
||||
* <code>paramSpec</code> identifies the specification class in which the
|
||||
* parameters should be returned. It could, for example, be
|
||||
* <code>DSAParameterSpec.class</code>, to indicate that the parameters should
|
||||
* be returned in an instance of the {@link java.security.spec.DSAParameterSpec}
|
||||
* class.
|
||||
*
|
||||
* @param paramSpec the specification class in which the parameters should be
|
||||
* returned.
|
||||
* @return the parameter specification.
|
||||
* @throws InvalidParameterSpecException if the requested parameter
|
||||
* specification is inappropriate for this parameter object, or if this
|
||||
* parameter object has not been initialized.
|
||||
*/
|
||||
public final AlgorithmParameterSpec getParameterSpec(Class paramSpec)
|
||||
throws InvalidParameterSpecException
|
||||
{
|
||||
return paramSpi.engineGetParameterSpec(paramSpec);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the parameters in their primary encoding format. The primary
|
||||
* encoding format for parameters is ASN.1, if an ASN.1 specification for
|
||||
* this type of parameters exists.
|
||||
*
|
||||
* @return the parameters encoded using their primary encoding format.
|
||||
* @throws IOException on encoding errors, or if this parameter object has not
|
||||
* been initialized.
|
||||
*/
|
||||
public final byte[] getEncoded() throws IOException
|
||||
{
|
||||
return paramSpi.engineGetEncoded();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the parameters encoded in the specified scheme. If format is
|
||||
* <code>null</code>, the primary encoding format for parameters is used. The
|
||||
* primary encoding format is ASN.1, if an ASN.1 specification for these
|
||||
* parameters exists.
|
||||
*
|
||||
* @param format the name of the encoding format.
|
||||
* @return the parameters encoded using the specified encoding scheme.
|
||||
* @throws IOException on encoding errors, or if this parameter object has
|
||||
* not been initialized.
|
||||
*/
|
||||
public final byte[] getEncoded(String format) throws IOException
|
||||
{
|
||||
return paramSpi.engineGetEncoded(format);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a formatted string describing the parameters.
|
||||
*
|
||||
* @return a formatted string describing the parameters, or <code>null</code>
|
||||
* if this parameter object has not been initialized.
|
||||
*/
|
||||
public final String toString()
|
||||
{
|
||||
return paramSpi.engineToString();
|
||||
}
|
||||
}
|
||||
@@ -1,149 +0,0 @@
|
||||
/* AlgorithmParametersSpi.java --- Algorithm Parameters SPI
|
||||
Copyright (C) 1999, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
import java.security.spec.InvalidParameterSpecException;
|
||||
|
||||
/**
|
||||
* AlgorithmParametersSpi is the Service Provider Interface
|
||||
* for the Algorithm Parameters class. This class is used
|
||||
* to manage the algorithm parameters.
|
||||
*
|
||||
* @since 1.2
|
||||
* @author Mark Benvenuto
|
||||
*/
|
||||
public abstract class AlgorithmParametersSpi
|
||||
{
|
||||
/**
|
||||
* Creates a new instance of AlgorithmParametersSpi
|
||||
*/
|
||||
public AlgorithmParametersSpi()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes the engine with the specified
|
||||
* AlgorithmParameterSpec class.
|
||||
*
|
||||
* @param paramSpec A AlgorithmParameterSpec to initialize with
|
||||
*
|
||||
* @throws InvalidParameterSpecException For an inapporiate
|
||||
* ParameterSpec class
|
||||
*/
|
||||
protected abstract void engineInit(AlgorithmParameterSpec paramSpec)
|
||||
throws InvalidParameterSpecException;
|
||||
|
||||
/**
|
||||
* Initializes the engine with the specified
|
||||
* parameters stored in the byte array and decodes them
|
||||
* according to the ASN.1 specification. If the ASN.1
|
||||
* specification exists then it succeeds or else it throws
|
||||
* IOException.
|
||||
*
|
||||
* @param params Parameters to initialize with
|
||||
*
|
||||
* @throws IOException Decoding Error
|
||||
*/
|
||||
protected abstract void engineInit(byte[]params) throws IOException;
|
||||
|
||||
/**
|
||||
* Initializes the engine with the specified
|
||||
* parameters stored in the byte array and decodes them
|
||||
* according to the specified decoding specification.
|
||||
* If format is null, then it is decoded using the ASN.1
|
||||
* specification if it exists or else it throws
|
||||
* IOException.
|
||||
*
|
||||
* @param params Parameters to initialize with
|
||||
* @param format Name of decoding format to use
|
||||
*
|
||||
* @throws IOException Decoding Error
|
||||
*/
|
||||
protected abstract void engineInit(byte[]params, String format)
|
||||
throws IOException;
|
||||
|
||||
|
||||
/**
|
||||
* Returns a specification of this AlgorithmParameters object.
|
||||
* paramSpec identifies the class to return the AlgortihmParameters
|
||||
* in.
|
||||
*
|
||||
* @param paramSpec Class to return AlgorithmParameters in
|
||||
*
|
||||
* @return the parameter specification
|
||||
*
|
||||
* @throws InvalidParameterSpecException if the paramSpec is an
|
||||
* invalid parameter class
|
||||
*/
|
||||
protected abstract AlgorithmParameterSpec engineGetParameterSpec(Class
|
||||
paramSpec)
|
||||
throws InvalidParameterSpecException;
|
||||
|
||||
|
||||
/**
|
||||
* Returns the parameters in the default encoding format.
|
||||
* The primary encoding format is ASN.1 format if it exists
|
||||
* for the specified type.
|
||||
*
|
||||
* @return byte array representing the parameters
|
||||
*/
|
||||
protected abstract byte[] engineGetEncoded() throws IOException;
|
||||
|
||||
|
||||
/**
|
||||
* Returns the parameters in the specified encoding format.
|
||||
* If <code>format</code> is <code>null</code> then the
|
||||
* primary encoding format is used, the ASN.1 format,
|
||||
* if it exists for the specified type.
|
||||
*
|
||||
* @return byte array representing the parameters
|
||||
*/
|
||||
protected abstract byte[] engineGetEncoded(String format)
|
||||
throws IOException;
|
||||
|
||||
/**
|
||||
* Returns a string describing the parameters in the
|
||||
* AlgorithmParametersSpi class.
|
||||
*
|
||||
* @return A string representing the format of the parameters.
|
||||
*/
|
||||
protected abstract String engineToString();
|
||||
}
|
||||
@@ -1,198 +0,0 @@
|
||||
/* AllPermission.java -- Permission to do anything
|
||||
Copyright (C) 1998, 2001, 2002, 2004, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.util.EmptyEnumeration;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* This class is a permission that implies all other permissions. Granting
|
||||
* this permission effectively grants all others. Extreme caution should
|
||||
* be exercised in granting this permission.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @see AccessController
|
||||
* @see Permissions
|
||||
* @see SecurityManager
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public final class AllPermission extends Permission
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -2916474571451318075L;
|
||||
|
||||
/**
|
||||
* Create a new AllPermission object.
|
||||
*/
|
||||
public AllPermission()
|
||||
{
|
||||
super("*");
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new AllPermission object. The parameters are ignored, as all
|
||||
* permission implies ALL PERMISSION.
|
||||
*
|
||||
* @param name ignored
|
||||
* @param actions ignored
|
||||
*/
|
||||
public AllPermission(String name, String actions)
|
||||
{
|
||||
super("*");
|
||||
}
|
||||
|
||||
/**
|
||||
* This method always returns <code>true</code> to indicate that this
|
||||
* permission always implies that any other permission is also granted.
|
||||
*
|
||||
* @param perm ignored
|
||||
* @return true, the permission is implied
|
||||
*/
|
||||
public boolean implies(Permission perm)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks an object for equality. All AllPermissions are equal.
|
||||
*
|
||||
* @param obj the <code>Object</code> to test for equality
|
||||
*/
|
||||
public boolean equals(Object obj)
|
||||
{
|
||||
return obj instanceof AllPermission;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a hash code for this object. This returns 1.
|
||||
*
|
||||
* @return a hash value for this object
|
||||
*/
|
||||
public int hashCode()
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns the list of actions associated with this object.
|
||||
* This will always be the empty string ("") for this class.
|
||||
*
|
||||
* @return the action list
|
||||
*/
|
||||
public String getActions()
|
||||
{
|
||||
return "";
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a PermissionCollection which can hold AllPermission.
|
||||
*
|
||||
* @return a permission collection
|
||||
*/
|
||||
public PermissionCollection newPermissionCollection()
|
||||
{
|
||||
return new AllPermissionCollection();
|
||||
}
|
||||
|
||||
/**
|
||||
* Implements AllPermission.newPermissionCollection, and obeys serialization
|
||||
* of JDK.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
*/
|
||||
private static final class AllPermissionCollection extends PermissionCollection
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -4023755556366636806L;
|
||||
|
||||
/**
|
||||
* Whether an AllPermission has been added to the collection.
|
||||
*
|
||||
* @serial if all permission is in the collection yet
|
||||
*/
|
||||
private boolean all_allowed;
|
||||
|
||||
/**
|
||||
* Add an AllPermission.
|
||||
*
|
||||
* @param perm the permission to add
|
||||
* @throws IllegalArgumentException if perm is not an AllPermission
|
||||
* @throws SecurityException if the collection is read-only
|
||||
*/
|
||||
public void add(Permission perm)
|
||||
{
|
||||
if (isReadOnly())
|
||||
throw new SecurityException();
|
||||
if (! (perm instanceof AllPermission))
|
||||
throw new IllegalArgumentException();
|
||||
all_allowed = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if this collection implies a permission.
|
||||
*
|
||||
* @param perm the permission to check
|
||||
* @return true if this collection contains an AllPermission
|
||||
*/
|
||||
public boolean implies(Permission perm)
|
||||
{
|
||||
return all_allowed;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an enumeration of the elements in the collection.
|
||||
*
|
||||
* @return the elements in the collection
|
||||
*/
|
||||
public Enumeration elements()
|
||||
{
|
||||
return all_allowed
|
||||
? Collections.enumeration(Collections.singleton(new AllPermission()))
|
||||
: EmptyEnumeration.getInstance();
|
||||
}
|
||||
} // class AllPermissionCollection
|
||||
} // class AllPermission
|
||||
@@ -1,308 +0,0 @@
|
||||
/* BasicPermission.java -- implements a simple named permission
|
||||
Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Enumeration;
|
||||
import java.util.Hashtable;
|
||||
|
||||
/**
|
||||
* This class implements a simple model for named permissions without an
|
||||
* associated action list. That is, either the named permission is granted
|
||||
* or it is not.
|
||||
*
|
||||
* <p>It also supports trailing wildcards to allow the easy granting of
|
||||
* permissions in a hierarchical fashion. (For example, the name "org.gnu.*"
|
||||
* might grant all permissions under the "org.gnu" permissions hierarchy).
|
||||
* The only valid wildcard character is a '*' which matches anything. It
|
||||
* must be the rightmost element in the permission name and must follow a
|
||||
* '.' or else the Permission name must consist of only a '*'. Any other
|
||||
* occurrence of a '*' is not valid.
|
||||
*
|
||||
* <p>This class ignores the action list. Subclasses can choose to implement
|
||||
* actions on top of this class if desired.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @see Permission
|
||||
* @see Permissions
|
||||
* @see PermissionCollection
|
||||
* @see RuntimePermission
|
||||
* @see SecurityPermission
|
||||
* @see PropertyPermission
|
||||
* @see AWTPermission
|
||||
* @see NetPermission
|
||||
* @see SecurityManager
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public abstract class BasicPermission extends java.security.Permission
|
||||
implements Serializable
|
||||
// FIXME extends with fully qualified classname as workaround for gcj 3.3.
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 6279438298436773498L;
|
||||
|
||||
/**
|
||||
* Create a new instance with the specified permission name. If the
|
||||
* name is empty an exception is thrown.
|
||||
*
|
||||
* @param name the name of this permission
|
||||
* @throws NullPointerException if name is null
|
||||
* @throws IllegalArgumentException if name is invalid
|
||||
*/
|
||||
public BasicPermission(String name)
|
||||
{
|
||||
super(name);
|
||||
|
||||
// This routine used to check for illegal wildcards, but no such
|
||||
// requirement exists in the specification and Sun's runtime
|
||||
// doesn't appear to do it.
|
||||
|
||||
if ("".equals(name))
|
||||
throw new IllegalArgumentException("Empty name");
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with the specified permission name. If the name
|
||||
* is empty, or contains an illegal wildcard character, an exception is
|
||||
* thrown. The actions parameter is ignored.
|
||||
*
|
||||
* @param name the name of this permission
|
||||
* @param actions ignored
|
||||
* @throws NullPointerException if name is null
|
||||
* @throws IllegalArgumentException if name is invalid
|
||||
*/
|
||||
public BasicPermission(String name, String actions)
|
||||
{
|
||||
this(name);
|
||||
}
|
||||
|
||||
/**
|
||||
* This method tests to see if the specified permission is implied by this
|
||||
* permission. This will be true if the following conditions are met:<ul>
|
||||
* <li>The specified object is an instance of the same class as this
|
||||
* object.</li>
|
||||
* <li>The name of the specified permission is implied by this permission's
|
||||
* name based on wildcard matching. For example, "a.*" implies "a.b".</li>
|
||||
* </ul>
|
||||
*
|
||||
* @param perm the <code>Permission</code> object to test against
|
||||
* @return true if the specified permission is implied
|
||||
*/
|
||||
public boolean implies(Permission perm)
|
||||
{
|
||||
if (! getClass().isInstance(perm))
|
||||
return false;
|
||||
|
||||
String otherName = perm.getName();
|
||||
String name = getName();
|
||||
|
||||
if (name.equals(otherName))
|
||||
return true;
|
||||
|
||||
int last = name.length() - 1;
|
||||
return name.charAt(last) == '*'
|
||||
&& otherName.startsWith(name.substring(0, last));
|
||||
}
|
||||
|
||||
/**
|
||||
* This method tests to see if this object is equal to the specified
|
||||
* <code>Object</code>. This will be true if and only if the specified
|
||||
* object meets the following conditions:<ul>
|
||||
* <li>It is an instance of the same class as this.</li>
|
||||
* <li>It has the same name as this permission.</li>
|
||||
* </ul>
|
||||
*
|
||||
* @param obj the <code>Object</code> to test for equality
|
||||
* @return true if obj is semantically equal to this
|
||||
*/
|
||||
public boolean equals(Object obj)
|
||||
{
|
||||
return getClass().isInstance(obj)
|
||||
&& getName().equals(((BasicPermission) obj).getName());
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a hash code for this permission object. The hash
|
||||
* code returned is the value returned by calling the <code>hashCode</code>
|
||||
* method on the <code>String</code> that is the name of this permission.
|
||||
*
|
||||
* @return a hash value for this object
|
||||
*/
|
||||
public int hashCode()
|
||||
{
|
||||
return getName().hashCode();
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a list of the actions associated with this
|
||||
* permission. This method always returns the empty string ("") since
|
||||
* this class ignores actions.
|
||||
*
|
||||
* @return the action list
|
||||
*/
|
||||
public String getActions()
|
||||
{
|
||||
return "";
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns an instance of <code>PermissionCollection</code>
|
||||
* suitable for storing <code>BasicPermission</code> objects. The
|
||||
* collection returned can only store objects of the same type as this.
|
||||
* Subclasses which use actions must override this method; but a class with
|
||||
* no actions will work fine with this.
|
||||
*
|
||||
* @return a new empty <code>PermissionCollection</code> object
|
||||
*/
|
||||
public PermissionCollection newPermissionCollection()
|
||||
{
|
||||
return new BasicPermissionCollection(getClass());
|
||||
}
|
||||
|
||||
/**
|
||||
* Implements AllPermission.newPermissionCollection, and obeys serialization
|
||||
* of JDK.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
*/
|
||||
private static final class BasicPermissionCollection extends PermissionCollection
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 739301742472979399L;
|
||||
|
||||
/**
|
||||
* The permissions in the collection.
|
||||
*
|
||||
* @serial a hash mapping name to permissions, all of type permClass
|
||||
*/
|
||||
private final Hashtable permissions = new Hashtable();
|
||||
|
||||
/**
|
||||
* If "*" is in the collection.
|
||||
*
|
||||
* @serial true if a permission named "*" is in the collection
|
||||
*/
|
||||
private boolean all_allowed;
|
||||
|
||||
/**
|
||||
* The runtime class which all entries in the table must belong to.
|
||||
*
|
||||
* @serial the limiting subclass of this collection
|
||||
*/
|
||||
private final Class permClass;
|
||||
|
||||
/**
|
||||
* Construct a collection over the given runtime class.
|
||||
*
|
||||
* @param c the class
|
||||
*/
|
||||
BasicPermissionCollection(Class c)
|
||||
{
|
||||
permClass = c;
|
||||
}
|
||||
|
||||
/**
|
||||
* Add a Permission. It must be of the same type as the permission which
|
||||
* created this collection.
|
||||
*
|
||||
* @param perm the permission to add
|
||||
* @throws IllegalArgumentException if perm is not the correct type
|
||||
* @throws SecurityException if the collection is read-only
|
||||
*/
|
||||
public void add(Permission perm)
|
||||
{
|
||||
if (isReadOnly())
|
||||
throw new SecurityException("readonly");
|
||||
if (! permClass.isInstance(perm))
|
||||
throw new IllegalArgumentException("Expecting instance of " + permClass);
|
||||
BasicPermission bp = (BasicPermission) perm;
|
||||
String name = bp.getName();
|
||||
if (name.equals("*"))
|
||||
all_allowed = true;
|
||||
permissions.put(name, bp);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if this collection implies the given permission.
|
||||
*
|
||||
* @param permission the permission to check
|
||||
* @return true if it is implied by this
|
||||
*/
|
||||
public boolean implies(Permission permission)
|
||||
{
|
||||
if (! permClass.isInstance(permission))
|
||||
return false;
|
||||
if (all_allowed)
|
||||
return true;
|
||||
BasicPermission toImply = (BasicPermission) permission;
|
||||
String name = toImply.getName();
|
||||
if (name.equals("*"))
|
||||
return false;
|
||||
int prefixLength = name.length();
|
||||
if (name.endsWith("*"))
|
||||
prefixLength -= 2;
|
||||
|
||||
while (true)
|
||||
{
|
||||
if (permissions.get(name) != null)
|
||||
return true;
|
||||
prefixLength = name.lastIndexOf('.', prefixLength);
|
||||
if (prefixLength < 0)
|
||||
return false;
|
||||
name = name.substring(0, prefixLength + 1) + '*';
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Enumerate over the collection.
|
||||
*
|
||||
* @return an enumeration of the collection contents
|
||||
*/
|
||||
public Enumeration elements()
|
||||
{
|
||||
return permissions.elements();
|
||||
}
|
||||
} // class BasicPermissionCollection
|
||||
} // class BasicPermission
|
||||
@@ -1,125 +0,0 @@
|
||||
/* Certificate.java -- deprecated interface for modeling digital certificates
|
||||
Copyright (C) 1998, 2002, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
|
||||
/**
|
||||
* This interface models a digital certificate which verifies the
|
||||
* authenticity of a party. This class simply allows certificate
|
||||
* information to be queried, it does not guarantee that the certificate
|
||||
* is valid.
|
||||
*
|
||||
* <p>This class is deprecated in favor of the new java.security.cert package.
|
||||
* It exists for backward compatibility only.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @since 1.1
|
||||
* @deprecated use {@link java.security.cert} instead
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface Certificate
|
||||
{
|
||||
/**
|
||||
* This method returns the <code>Principal</code> that is guaranteeing
|
||||
* this certificate.
|
||||
*
|
||||
* @return the <code>Principal</code> guaranteeing the certificate
|
||||
*/
|
||||
Principal getGuarantor();
|
||||
|
||||
/**
|
||||
* This method returns the <code>Principal</code> being guaranteed by
|
||||
* this certificate.
|
||||
*
|
||||
* @return the <code>Principal</code> guaranteed by this certificate
|
||||
*/
|
||||
Principal getPrincipal();
|
||||
|
||||
/**
|
||||
* This method returns the public key for the <code>Principal</code> that
|
||||
* is being guaranteed.
|
||||
*
|
||||
* @return the <code>PublicKey</code> of the Principal being guaranteed
|
||||
*/
|
||||
PublicKey getPublicKey();
|
||||
|
||||
/**
|
||||
* This method writes the certificate to an <code>OutputStream</code> in
|
||||
* a format that can be understood by the <code>decode</code> method.
|
||||
*
|
||||
* @param out the <code>OutputStream</code> to write to
|
||||
* @throws KeyException if there is a problem with the certificate
|
||||
* @throws IOException if an error occurs writing to the stream
|
||||
* @see #decode(InputStream)
|
||||
* @see #getFormat()
|
||||
*/
|
||||
void encode(OutputStream out) throws KeyException, IOException;
|
||||
|
||||
/**
|
||||
* This method reads an encoded certificate from an <code>InputStream</code>.
|
||||
*
|
||||
* @param in the <code>InputStream</code> to read from
|
||||
* @throws KeyException if there is a problem with the certificate data
|
||||
* @throws IOException if an error occurs reading from the stream
|
||||
* @see #encode(OutputStream)
|
||||
* @see #getFormat()
|
||||
*/
|
||||
void decode(InputStream in) throws KeyException, IOException;
|
||||
|
||||
/**
|
||||
* This method returns the encoding format of the certificate (e.g., "PGP",
|
||||
* "X.509"). This format is used by the <code>encode</code> and
|
||||
* <code>decode</code> methods.
|
||||
*
|
||||
* @return the encoding format being used
|
||||
*/
|
||||
String getFormat();
|
||||
|
||||
/**
|
||||
* This method returns a <code>String</code> representation of the contents
|
||||
* of this certificate.
|
||||
*
|
||||
* @param detail true to provided more detailed information
|
||||
* @return the string representation
|
||||
*/
|
||||
String toString(boolean detail);
|
||||
} // interface Certificate
|
||||
@@ -1,354 +0,0 @@
|
||||
/* CodeSource.java -- Code location and certifcates
|
||||
Copyright (C) 1998, 2002, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.ObjectInputStream;
|
||||
import java.io.ObjectOutputStream;
|
||||
import java.io.Serializable;
|
||||
import java.net.SocketPermission;
|
||||
import java.net.URL;
|
||||
// Note that this overrides Certificate in this package.
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.CertificateEncodingException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.CertificateFactory;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
|
||||
/**
|
||||
* This class represents a location from which code is loaded (as
|
||||
* represented by a URL), and the list of certificates that are used to
|
||||
* check the signatures of signed code loaded from this source.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CodeSource implements Serializable
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 4977541819976013951L;
|
||||
|
||||
/**
|
||||
* This is the URL that represents the code base from which code will
|
||||
* be loaded.
|
||||
*
|
||||
* @serial the code location
|
||||
*/
|
||||
private final URL location;
|
||||
|
||||
/** The set of certificates for this code base. */
|
||||
private transient HashSet certs;
|
||||
|
||||
/**
|
||||
* This creates a new instance of <code>CodeSource</code> that loads code
|
||||
* from the specified URL location and which uses the specified certificates
|
||||
* for verifying signatures.
|
||||
*
|
||||
* @param location the location from which code will be loaded
|
||||
* @param certs the list of certificates
|
||||
*/
|
||||
public CodeSource(URL location, Certificate[] certs)
|
||||
{
|
||||
this.location = location;
|
||||
if (certs != null)
|
||||
this.certs = new HashSet(Arrays.asList(certs));
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a hash value for this object.
|
||||
*
|
||||
* @return a hash value for this object
|
||||
*/
|
||||
public int hashCode()
|
||||
{
|
||||
return (location == null ? 0 : location.hashCode())
|
||||
^ (certs == null ? 0 : certs.hashCode());
|
||||
}
|
||||
|
||||
/**
|
||||
* This method tests the specified <code>Object</code> for equality with
|
||||
* this object. This will be true if and only if the locations are equal
|
||||
* and the certificate sets are identical (ignoring order).
|
||||
*
|
||||
* @param obj the <code>Object</code> to test against
|
||||
* @return true if the specified object is equal to this one
|
||||
*/
|
||||
public boolean equals(Object obj)
|
||||
{
|
||||
if (! (obj instanceof CodeSource))
|
||||
return false;
|
||||
CodeSource cs = (CodeSource) obj;
|
||||
return (certs == null ? cs.certs == null : certs.equals(cs.certs))
|
||||
&& (location == null ? cs.location == null
|
||||
: location.equals(cs.location));
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns the URL specifying the location from which code
|
||||
* will be loaded under this <code>CodeSource</code>.
|
||||
*
|
||||
* @return the code location for this <code>CodeSource</code>
|
||||
*/
|
||||
public final URL getLocation()
|
||||
{
|
||||
return location;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns the list of digital certificates that can be used
|
||||
* to verify the signatures of code loaded under this
|
||||
* <code>CodeSource</code>.
|
||||
*
|
||||
* @return the certifcate list for this <code>CodeSource</code>
|
||||
*/
|
||||
public final Certificate[] getCertificates()
|
||||
{
|
||||
if (certs == null)
|
||||
return null;
|
||||
Certificate[] c = new Certificate[certs.size()];
|
||||
certs.toArray(c);
|
||||
return c;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method tests to see if a specified <code>CodeSource</code> is
|
||||
* implied by this object. Effectively, to meet this test, the specified
|
||||
* object must have all the certifcates this object has (but may have more),
|
||||
* and must have a location that is a subset of this object's. In order
|
||||
* for this object to imply the specified object, the following must be
|
||||
* true:
|
||||
*
|
||||
* <ol>
|
||||
* <li><em>codesource</em> must not be <code>null</code>.</li>
|
||||
* <li>If <em>codesource</em> has a certificate list, all of it's
|
||||
* certificates must be present in the certificate list of this
|
||||
* code source.</li>
|
||||
* <li>If this object does not have a <code>null</code> location, then
|
||||
* the following addtional tests must be passed.
|
||||
*
|
||||
* <ol>
|
||||
* <li><em>codesource</em> must not have a <code>null</code>
|
||||
* location.</li>
|
||||
* <li><em>codesource</em>'s location must be equal to this object's
|
||||
* location, or
|
||||
* <ul>
|
||||
* <li><em>codesource</em>'s location protocol, port, and ref (aka,
|
||||
* anchor) must equal this objects</li>
|
||||
* <li><em>codesource</em>'s location host must imply this object's
|
||||
* location host, as determined by contructing
|
||||
* <code>SocketPermission</code> objects from each with no
|
||||
* action list and using that classes's <code>implies</code>
|
||||
* method</li>
|
||||
* <li>If this object's location file ends with a '/', then the
|
||||
* specified object's location file must start with this
|
||||
* object's location file. Otherwise, the specified object's
|
||||
* location file must start with this object's location file
|
||||
* with the '/' character appended to it.</li>
|
||||
* </ul></li>
|
||||
* </ol></li>
|
||||
* </ol>
|
||||
*
|
||||
* <p>For example, each of these locations imply the location
|
||||
* "http://java.sun.com/classes/foo.jar":</p>
|
||||
*
|
||||
* <pre>
|
||||
* http:
|
||||
* http://*.sun.com/classes/*
|
||||
* http://java.sun.com/classes/-
|
||||
* http://java.sun.com/classes/foo.jar
|
||||
* </pre>
|
||||
*
|
||||
* <p>Note that the code source with null location and null certificates implies
|
||||
* all other code sources.</p>
|
||||
*
|
||||
* @param cs the <code>CodeSource</code> to test against this object
|
||||
* @return true if this specified <code>CodeSource</code> is implied
|
||||
*/
|
||||
public boolean implies(CodeSource cs)
|
||||
{
|
||||
if (cs == null)
|
||||
return false;
|
||||
// First check the certificate list.
|
||||
if (certs != null && (cs.certs == null || ! certs.containsAll(cs.certs)))
|
||||
return false;
|
||||
// Next check the location.
|
||||
if (location == null)
|
||||
return true;
|
||||
if (cs.location == null
|
||||
|| ! location.getProtocol().equals(cs.location.getProtocol())
|
||||
|| (location.getPort() != -1
|
||||
&& location.getPort() != cs.location.getPort())
|
||||
|| (location.getRef() != null
|
||||
&& ! location.getRef().equals(cs.location.getRef())))
|
||||
return false;
|
||||
if (location.getHost() != null)
|
||||
{
|
||||
String their_host = cs.location.getHost();
|
||||
if (their_host == null)
|
||||
return false;
|
||||
SocketPermission our_sockperm =
|
||||
new SocketPermission(location.getHost(), "accept");
|
||||
SocketPermission their_sockperm =
|
||||
new SocketPermission(their_host, "accept");
|
||||
if (! our_sockperm.implies(their_sockperm))
|
||||
return false;
|
||||
}
|
||||
String our_file = location.getFile();
|
||||
if (our_file != null)
|
||||
{
|
||||
if (! our_file.endsWith("/"))
|
||||
our_file += "/";
|
||||
String their_file = cs.location.getFile();
|
||||
if (their_file == null
|
||||
|| ! their_file.startsWith(our_file))
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a <code>String</code> that represents this object.
|
||||
* The result is in the format <code>"(" + getLocation()</code> followed
|
||||
* by a space separated list of certificates (or "<no certificates>"),
|
||||
* followed by <code>")"</code>.
|
||||
*
|
||||
* @return a <code>String</code> for this object
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
StringBuffer sb = new StringBuffer("(").append(location);
|
||||
if (certs == null || certs.isEmpty())
|
||||
sb.append(" <no certificates>");
|
||||
else
|
||||
{
|
||||
Iterator iter = certs.iterator();
|
||||
for (int i = certs.size(); --i >= 0; )
|
||||
sb.append(' ').append(iter.next());
|
||||
}
|
||||
return sb.append(")").toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Reads this object from a serialization stream.
|
||||
*
|
||||
* @param s the input stream
|
||||
* @throws IOException if reading fails
|
||||
* @throws ClassNotFoundException if deserialization fails
|
||||
* @serialData this reads the location, then expects an int indicating the
|
||||
* number of certificates. Each certificate is a String type
|
||||
* followed by an int encoding length, then a byte[] encoding
|
||||
*/
|
||||
private void readObject(ObjectInputStream s)
|
||||
throws IOException, ClassNotFoundException
|
||||
{
|
||||
s.defaultReadObject();
|
||||
int count = s.readInt();
|
||||
certs = new HashSet();
|
||||
while (--count >= 0)
|
||||
{
|
||||
String type = (String) s.readObject();
|
||||
int bytes = s.readInt();
|
||||
byte[] encoded = new byte[bytes];
|
||||
for (int i = 0; i < bytes; i++)
|
||||
encoded[i] = s.readByte();
|
||||
ByteArrayInputStream stream = new ByteArrayInputStream(encoded);
|
||||
try
|
||||
{
|
||||
CertificateFactory factory = CertificateFactory.getInstance(type);
|
||||
certs.add(factory.generateCertificate(stream));
|
||||
}
|
||||
catch (CertificateException e)
|
||||
{
|
||||
// XXX Should we ignore this certificate?
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Writes this object to a serialization stream.
|
||||
*
|
||||
* @param s the output stream
|
||||
* @throws IOException if writing fails
|
||||
* @serialData this writes the location, then writes an int indicating the
|
||||
* number of certificates. Each certificate is a String type
|
||||
* followed by an int encoding length, then a byte[] encoding
|
||||
*/
|
||||
private void writeObject(ObjectOutputStream s) throws IOException
|
||||
{
|
||||
s.defaultWriteObject();
|
||||
if (certs == null)
|
||||
s.writeInt(0);
|
||||
else
|
||||
{
|
||||
int count = certs.size();
|
||||
s.writeInt(count);
|
||||
Iterator iter = certs.iterator();
|
||||
while (--count >= 0)
|
||||
{
|
||||
Certificate c = (Certificate) iter.next();
|
||||
s.writeObject(c.getType());
|
||||
byte[] encoded;
|
||||
try
|
||||
{
|
||||
encoded = c.getEncoded();
|
||||
}
|
||||
catch (CertificateEncodingException e)
|
||||
{
|
||||
// XXX Should we ignore this certificate?
|
||||
encoded = null;
|
||||
}
|
||||
if (encoded == null)
|
||||
s.writeInt(0);
|
||||
else
|
||||
{
|
||||
s.writeInt(encoded.length);
|
||||
for (int i = 0; i < encoded.length; i++)
|
||||
s.writeByte(encoded[i]);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} // class CodeSource
|
||||
@@ -1,70 +0,0 @@
|
||||
/* DigestException.java -- A generic message digest exception
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception indicates that a generic message digest exception has
|
||||
* occurred.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class DigestException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 5821450303093652515L;
|
||||
|
||||
/**
|
||||
* Create a new instance with no descriptive message.
|
||||
*/
|
||||
public DigestException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with a descriptive error message.
|
||||
*
|
||||
* @param msg the descriptive message
|
||||
*/
|
||||
public DigestException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,167 +0,0 @@
|
||||
/* DigestInputStream.java --- An Input stream tied to a message digest
|
||||
Copyright (C) 1999, 2003, 2004, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.FilterInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
||||
/**
|
||||
* DigestInputStream is a class that ties an InputStream with a
|
||||
* MessageDigest. The Message Digest is used by the class to
|
||||
* update it self as bytes are read from the InputStream.
|
||||
*
|
||||
* The updating to the digest depends on the on flag which is set
|
||||
* to true by default to tell the class to update the data
|
||||
* in the message digest.
|
||||
*
|
||||
* @version 0.0
|
||||
* @author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
*/
|
||||
public class DigestInputStream extends FilterInputStream
|
||||
{
|
||||
/**
|
||||
* The message digest for the DigestInputStream
|
||||
*/
|
||||
protected MessageDigest digest;
|
||||
|
||||
//Manages the on flag
|
||||
private boolean state = true;
|
||||
|
||||
/**
|
||||
* Constructs a new DigestInputStream.
|
||||
* It associates a MessageDigest with the stream to
|
||||
* compute the stream as data is written.
|
||||
*
|
||||
* @param stream An InputStream to associate this stream with
|
||||
* @param digest A MessageDigest to hash the stream with
|
||||
*/
|
||||
public DigestInputStream(InputStream stream, MessageDigest digest)
|
||||
{
|
||||
super(stream);
|
||||
//this.in = stream;
|
||||
this.digest = digest;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the MessageDigest associated with this DigestInputStream
|
||||
*
|
||||
* @return The MessageDigest used to hash this stream
|
||||
*/
|
||||
public MessageDigest getMessageDigest()
|
||||
{
|
||||
return digest;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the current MessageDigest to current parameter
|
||||
*
|
||||
* @param digest A MessageDigest to associate with this stream
|
||||
*/
|
||||
public void setMessageDigest(MessageDigest digest)
|
||||
{
|
||||
this.digest = digest;
|
||||
}
|
||||
|
||||
/**
|
||||
* Reads a byte from the input stream and updates the digest.
|
||||
* This method reads the underlying input stream and if the
|
||||
* on flag is true then updates the message digest.
|
||||
*
|
||||
* @return Returns a byte from the input stream, -1 is returned to indicate that
|
||||
* the end of stream was reached before this read call
|
||||
*
|
||||
* @throws IOException if an IO error occurs in the underlying input stream,
|
||||
* this error is thrown
|
||||
*/
|
||||
public int read() throws IOException
|
||||
{
|
||||
int temp = in.read();
|
||||
|
||||
if (state == true && temp != -1)
|
||||
digest.update((byte) temp);
|
||||
|
||||
return temp;
|
||||
}
|
||||
|
||||
/**
|
||||
* Reads bytes from the input stream and updates the digest.
|
||||
* This method reads the underlying input stream and if the
|
||||
* on flag is true then updates the message digest.
|
||||
*
|
||||
* @param b a byte array to store the data from the input stream
|
||||
* @param off an offset to start at in the array
|
||||
* @param len length of data to read
|
||||
* @return Returns count of bytes read, -1 is returned to indicate that
|
||||
* the end of stream was reached before this read call
|
||||
*
|
||||
* @throws IOException if an IO error occurs in the underlying input stream,
|
||||
* this error is thrown
|
||||
*/
|
||||
public int read(byte[]b, int off, int len) throws IOException
|
||||
{
|
||||
int temp = in.read(b, off, len);
|
||||
|
||||
if (state == true && temp != -1)
|
||||
digest.update(b, off, temp);
|
||||
|
||||
return temp;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the flag specifing if this DigestInputStream updates the
|
||||
* digest in the write() methods. The default is on;
|
||||
*
|
||||
* @param on True means it digests stream, false means it does not
|
||||
*/
|
||||
public void on(boolean on)
|
||||
{
|
||||
state = on;
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts the input stream and underlying message digest to a string.
|
||||
*
|
||||
* @return A string representing the input stream and message digest.
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return "[Digest Input Stream] " + digest.toString();
|
||||
}
|
||||
}
|
||||
@@ -1,158 +0,0 @@
|
||||
/* DigestOutputStream.java --- An output stream tied to a message digest
|
||||
Copyright (C) 1999, 2004, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.FilterOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.OutputStream;
|
||||
|
||||
/**
|
||||
* DigestOutputStream is a class that ties an OutputStream with a
|
||||
* MessageDigest. The Message Digest is used by the class to update it
|
||||
* self as bytes are written to the OutputStream.
|
||||
*
|
||||
* The updating to the digest depends on the on flag which is set to
|
||||
* true by default that tells the class to update the data in the
|
||||
* message digest.
|
||||
*
|
||||
* @version 0.0
|
||||
* @author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
*/
|
||||
public class DigestOutputStream extends FilterOutputStream
|
||||
{
|
||||
/**
|
||||
* The message digest for the DigestOutputStream
|
||||
*/
|
||||
protected MessageDigest digest;
|
||||
|
||||
//Manages the on flag
|
||||
private boolean state = true;
|
||||
|
||||
/**
|
||||
* Constructs a new DigestOutputStream. It associates a
|
||||
* MessageDigest with the stream to compute the stream as data is
|
||||
* written.
|
||||
*
|
||||
* @param stream An OutputStream to associate this stream with
|
||||
* @param digest A MessageDigest to hash the stream with
|
||||
*/
|
||||
public DigestOutputStream(OutputStream stream, MessageDigest digest)
|
||||
{
|
||||
super(stream);
|
||||
this.digest = digest;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the MessageDigest associated with this DigestOutputStream
|
||||
*
|
||||
* @return The MessageDigest used to hash this stream
|
||||
*/
|
||||
public MessageDigest getMessageDigest()
|
||||
{
|
||||
return digest;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the current MessageDigest to current parameter
|
||||
*
|
||||
* @param digest A MessageDigest to associate with this stream
|
||||
*/
|
||||
public void setMessageDigest(MessageDigest digest)
|
||||
{
|
||||
this.digest = digest;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Updates the hash if the on flag is true and then writes a byte to
|
||||
* the underlying output stream.
|
||||
*
|
||||
* @param b A byte to write to the output stream
|
||||
*
|
||||
* @exception IOException if the underlying output stream
|
||||
* cannot write the byte, this is thrown.
|
||||
*/
|
||||
public void write(int b) throws IOException
|
||||
{
|
||||
if (state)
|
||||
digest.update((byte) b);
|
||||
|
||||
out.write(b);
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the hash if the on flag is true and then writes the bytes
|
||||
* to the underlying output stream.
|
||||
*
|
||||
* @param b Bytes to write to the output stream
|
||||
* @param off Offset to start to start at in array
|
||||
* @param len Length of data to write
|
||||
*
|
||||
* @exception IOException if the underlying output stream
|
||||
* cannot write the bytes, this is thrown.
|
||||
*/
|
||||
public void write(byte[]b, int off, int len) throws IOException
|
||||
{
|
||||
if (state)
|
||||
digest.update(b, off, len);
|
||||
|
||||
out.write(b, off, len);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the flag specifying if this DigestOutputStream updates the
|
||||
* digest in the write() methods. The default is on;
|
||||
*
|
||||
* @param on True means it digests stream, false means it does not
|
||||
*/
|
||||
public void on(boolean on)
|
||||
{
|
||||
state = on;
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts the output stream and underlying message digest to a string.
|
||||
*
|
||||
* @return A string representing the output stream and message digest.
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return "[Digest Output Stream] " + digest.toString();
|
||||
}
|
||||
}
|
||||
@@ -1,67 +0,0 @@
|
||||
/* DomainCombiner.java -- Combines ProtectionDomains
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* A public interface used to combine two ProtectionDomains in a new
|
||||
* ProtectionDomain and update the current Protection Domains
|
||||
* associated with the current AccessControlContext.
|
||||
*
|
||||
* It can add, subtract, or update ProtectionDomains or possibly
|
||||
* remove duplicates or any possible complex action but just not add
|
||||
* ones that do not already exist in either array.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @see AccessControlContext
|
||||
* @see AccessController
|
||||
* @since 1.3
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface DomainCombiner
|
||||
{
|
||||
/**
|
||||
* Combines the current ProtectionDomains of the Thread with new
|
||||
* ProtectionDomains.
|
||||
*
|
||||
* @param currentDomains - the ProtectionDomains for the current thread.
|
||||
* @param assignedDomains - ProtectionsDomains to add
|
||||
* @return a new array of all the ProtectionDomains
|
||||
*/
|
||||
ProtectionDomain[] combine(ProtectionDomain[] currentDomains,
|
||||
ProtectionDomain[] assignedDomains);
|
||||
} // interface DomainCombiner
|
||||
@@ -1,75 +0,0 @@
|
||||
/* DummyKeyPairGenerator.java - Wrapper for KeyPairGeneratorSpi
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
|
||||
final class DummyKeyPairGenerator extends KeyPairGenerator
|
||||
{
|
||||
private KeyPairGeneratorSpi kpgSpi = null;
|
||||
|
||||
public DummyKeyPairGenerator(KeyPairGeneratorSpi kpgSpi, String algorithm)
|
||||
{
|
||||
super(algorithm);
|
||||
this.kpgSpi = kpgSpi;
|
||||
}
|
||||
|
||||
public Object clone() throws CloneNotSupportedException
|
||||
{
|
||||
KeyPairGenerator result = new DummyKeyPairGenerator
|
||||
((KeyPairGeneratorSpi) kpgSpi.clone(), this.getAlgorithm());
|
||||
result.provider = this.getProvider();
|
||||
return result;
|
||||
}
|
||||
|
||||
public void initialize(int keysize, SecureRandom random)
|
||||
{
|
||||
kpgSpi.initialize(keysize, random);
|
||||
}
|
||||
|
||||
public void initialize(AlgorithmParameterSpec params, SecureRandom random)
|
||||
throws InvalidAlgorithmParameterException
|
||||
{
|
||||
kpgSpi.initialize(params, random);
|
||||
}
|
||||
|
||||
public KeyPair generateKeyPair()
|
||||
{
|
||||
return kpgSpi.generateKeyPair();
|
||||
}
|
||||
}
|
||||
@@ -1,90 +0,0 @@
|
||||
/* DummyMessageDigest.java - Wrapper for MessageDigestSpi
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
final class DummyMessageDigest extends MessageDigest
|
||||
{
|
||||
private MessageDigestSpi mdSpi = null;
|
||||
|
||||
public DummyMessageDigest(MessageDigestSpi mdSpi, String algorithm)
|
||||
{
|
||||
super(algorithm);
|
||||
this.mdSpi = mdSpi;
|
||||
}
|
||||
|
||||
public Object clone() throws CloneNotSupportedException
|
||||
{
|
||||
MessageDigest result = new DummyMessageDigest
|
||||
((MessageDigestSpi) mdSpi.clone(), this.getAlgorithm());
|
||||
result.provider = this.getProvider();
|
||||
return result;
|
||||
}
|
||||
|
||||
// java.security.MessageDigestSpi abstract methods implementation ---------
|
||||
|
||||
public byte[] engineDigest()
|
||||
{
|
||||
return mdSpi.engineDigest();
|
||||
}
|
||||
|
||||
public int engineDigest(byte[] buf, int offset, int len)
|
||||
throws DigestException
|
||||
{
|
||||
return mdSpi.engineDigest(buf, offset, len);
|
||||
}
|
||||
|
||||
public int engineGetDigestLength()
|
||||
{
|
||||
return mdSpi.engineGetDigestLength();
|
||||
}
|
||||
|
||||
public void engineReset()
|
||||
{
|
||||
mdSpi.engineReset();
|
||||
}
|
||||
|
||||
public void engineUpdate(byte input)
|
||||
{
|
||||
mdSpi.engineUpdate(input);
|
||||
}
|
||||
|
||||
public void engineUpdate(byte[] input, int offset, int len)
|
||||
{
|
||||
mdSpi.engineUpdate(input, offset, len);
|
||||
}
|
||||
}
|
||||
@@ -1,102 +0,0 @@
|
||||
/* DummySignature.java - Signature wrapper for SignatureSpi.
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
final class DummySignature extends Signature
|
||||
{
|
||||
private SignatureSpi sigSpi = null;
|
||||
|
||||
public DummySignature(SignatureSpi sigSpi, String algorithm)
|
||||
{
|
||||
super(algorithm);
|
||||
this.sigSpi = sigSpi;
|
||||
}
|
||||
|
||||
public Object clone() throws CloneNotSupportedException
|
||||
{
|
||||
Signature result = new DummySignature
|
||||
((SignatureSpi) sigSpi.clone(), this.getAlgorithm());
|
||||
result.provider = this.getProvider();
|
||||
return result;
|
||||
}
|
||||
|
||||
protected void engineInitVerify(PublicKey publicKey)
|
||||
throws InvalidKeyException
|
||||
{
|
||||
sigSpi.engineInitVerify(publicKey);
|
||||
}
|
||||
|
||||
protected void engineInitSign(PrivateKey privateKey)
|
||||
throws InvalidKeyException
|
||||
{
|
||||
sigSpi.engineInitSign(privateKey);
|
||||
}
|
||||
|
||||
protected void engineUpdate(byte b) throws SignatureException
|
||||
{
|
||||
sigSpi.engineUpdate(b);
|
||||
}
|
||||
|
||||
protected void engineUpdate(byte[]b, int off, int len)
|
||||
throws SignatureException
|
||||
{
|
||||
sigSpi.engineUpdate(b, off, len);
|
||||
}
|
||||
|
||||
protected byte[] engineSign() throws SignatureException
|
||||
{
|
||||
return sigSpi.engineSign();
|
||||
}
|
||||
|
||||
protected boolean engineVerify(byte[]sigBytes) throws SignatureException
|
||||
{
|
||||
return sigSpi.engineVerify(sigBytes);
|
||||
}
|
||||
|
||||
protected void engineSetParameter(String param, Object value)
|
||||
throws InvalidParameterException
|
||||
{
|
||||
sigSpi.engineSetParameter(param, value);
|
||||
}
|
||||
|
||||
protected Object engineGetParameter(String param)
|
||||
throws InvalidParameterException
|
||||
{
|
||||
return sigSpi.engineGetParameter(param);
|
||||
}
|
||||
}
|
||||
@@ -1,75 +0,0 @@
|
||||
/* GeneralSecurityException.java -- Common superclass of security exceptions
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This class is the common superclass of all security exceptions. All
|
||||
* exceptions in java.security extend this class with the exception (no
|
||||
* pun intended) of <code>AccessControlException</code> and
|
||||
* <code>CertificateException</code> (which extend
|
||||
* <code>SecurityException</code>), <code>ProviderException</code>
|
||||
* (<code>RuntimeException</code>), and <code>InvalidParamterException</code>
|
||||
* (<code>IllegalArgumentException</code>).
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class GeneralSecurityException extends Exception
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 894798122053539237L;
|
||||
|
||||
/**
|
||||
* Create a new instance with no descriptive error message.
|
||||
*/
|
||||
public GeneralSecurityException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with a descriptive error message.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
*/
|
||||
public GeneralSecurityException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,60 +0,0 @@
|
||||
/* Guard.java -- Check access to a guarded object
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This interface specifies a mechanism for querying whether or not
|
||||
* access is allowed to a guarded object.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see GuardedObject
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface Guard
|
||||
{
|
||||
/**
|
||||
* This method tests whether or not access is allowed to the specified
|
||||
* guarded object. Access is allowed if this method returns silently. If
|
||||
* access is denied, an exception is generated.
|
||||
*
|
||||
* @param obj the <code>Object</code> to test
|
||||
* @throws SecurityException if access to the object is denied
|
||||
*/
|
||||
void checkGuard(Object obj);
|
||||
} // interface Guard
|
||||
@@ -1,121 +0,0 @@
|
||||
/* GuardedObject.java -- An object protected by a Guard
|
||||
Copyright (C) 1998, 2002, 2004, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.ObjectOutputStream;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* This class is an object that is guarded by a <code>Guard</code> object.
|
||||
* The object that is being guarded is retrieved by a call to the only
|
||||
* method in this class - <code>getObject</code>. That method returns the
|
||||
* guarded <code>Object</code> after first checking with the
|
||||
* <code>Guard</code>. If the <code>Guard</code> disallows access, an
|
||||
* exception will be thrown.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class GuardedObject implements Serializable
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -5240450096227834308L;
|
||||
|
||||
/**
|
||||
* This is the Guard that is protecting the object.
|
||||
*
|
||||
* @serial the guard
|
||||
*/
|
||||
private final Guard guard;
|
||||
|
||||
/**
|
||||
* This is the object that is being guarded.
|
||||
*
|
||||
* @serial the protected object
|
||||
*/
|
||||
private final Object object;
|
||||
|
||||
/**
|
||||
* This method initializes a new instance of <code>GuardedObject</code>
|
||||
* that protects the specified <code>Object</code> using the specified
|
||||
* <code>Guard</code>. A null guard means there are no restrictions on
|
||||
* accessing the object.
|
||||
*
|
||||
* @param object the <code>Object</code> to guard
|
||||
* @param guard the <code>Guard</code> that is protecting the object
|
||||
*/
|
||||
public GuardedObject(Object object, Guard guard)
|
||||
{
|
||||
this.object = object;
|
||||
this.guard = guard;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method first call the <code>checkGuard</code> method on the
|
||||
* <code>Guard</code> object protecting the guarded object. If the
|
||||
* <code>Guard</code> disallows access, an exception is thrown, otherwise
|
||||
* the <code>Object</code> is returned.
|
||||
*
|
||||
* @return The object being guarded
|
||||
* @throws SecurityException if access is denied
|
||||
*/
|
||||
public Object getObject()
|
||||
{
|
||||
if (guard != null)
|
||||
guard.checkGuard(object);
|
||||
return object;
|
||||
}
|
||||
|
||||
/**
|
||||
* Ensures that serialization is legal, by checking the guard.
|
||||
*
|
||||
* @param s the stream to write to
|
||||
* @throws IOException if the underlying stream fails
|
||||
*/
|
||||
private void writeObject(ObjectOutputStream s) throws IOException
|
||||
{
|
||||
if (guard != null)
|
||||
guard.checkGuard(object);
|
||||
s.defaultWriteObject();
|
||||
}
|
||||
} // class GuardedObject
|
||||
@@ -1,407 +0,0 @@
|
||||
/* Identity.java --- Identity Class
|
||||
Copyright (C) 1999, 2003, Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Vector;
|
||||
|
||||
/**
|
||||
* <p>This class represents identities: real-world objects such as people,
|
||||
* companies or organizations whose identities can be authenticated using their
|
||||
* public keys. Identities may also be more abstract (or concrete) constructs,
|
||||
* such as daemon threads or smart cards.</p>
|
||||
*
|
||||
* <p>All Identity objects have a <i>name</i> and a <i>public key</i>. Names
|
||||
* are immutable. <i>Identities</i> may also be <b>scoped</b>. That is, if an
|
||||
* <i>Identity</i> is specified to have a particular <i>scope</i>, then the
|
||||
* <i>name</i> and <i>public key</i> of the <i>Identity</i> are unique within
|
||||
* that <i>scope</i>.</p>
|
||||
*
|
||||
* <p>An <i>Identity</i> also has a <i>set of certificates</i> (all certifying
|
||||
* its own <i>public key</i>). The <i>Principal</i> names specified in these
|
||||
* certificates need not be the same, only the key.</p>
|
||||
*
|
||||
* <p>An <i>Identity</i> can be subclassed, to include postal and email
|
||||
* addresses, telephone numbers, images of faces and logos, and so on.</p>
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @see IdentityScope
|
||||
* @see Signer
|
||||
* @see Principal
|
||||
* @deprecated This class is no longer used. Its functionality has been replaced
|
||||
* by <code>java.security.KeyStore</code>, the <code>java.security.cert</code>
|
||||
* package, and <code>java.security.Principal</code>.
|
||||
*/
|
||||
public abstract class Identity implements Principal, Serializable
|
||||
{
|
||||
private static final long serialVersionUID = 3609922007826600659L;
|
||||
|
||||
private String name;
|
||||
private IdentityScope scope;
|
||||
private PublicKey publicKey;
|
||||
private String info;
|
||||
private Vector certificates;
|
||||
|
||||
/** Constructor for serialization only. */
|
||||
protected Identity()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an identity with the specified name and scope.
|
||||
*
|
||||
* @param name the identity name.
|
||||
* @param scope the scope of the identity.
|
||||
* @throws KeyManagementException if there is already an identity with the
|
||||
* same name in the scope.
|
||||
*/
|
||||
public Identity(String name, IdentityScope scope)
|
||||
throws KeyManagementException
|
||||
{
|
||||
this.name = name;
|
||||
this.scope = scope;
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an identity with the specified name and no scope.
|
||||
*
|
||||
* @param name the identity name.
|
||||
*/
|
||||
public Identity(String name)
|
||||
{
|
||||
this.name = name;
|
||||
this.scope = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns this identity's name.
|
||||
*
|
||||
* @return the name of this identity.
|
||||
*/
|
||||
public final String getName()
|
||||
{
|
||||
return name;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns this identity's scope.
|
||||
*
|
||||
* @return the scope of this identity.
|
||||
*/
|
||||
public final IdentityScope getScope()
|
||||
{
|
||||
return scope;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns this identity's public key.
|
||||
*
|
||||
* @return the public key for this identity.
|
||||
* @see #setPublicKey(java.security.PublicKey)
|
||||
*/
|
||||
public PublicKey getPublicKey()
|
||||
{
|
||||
return publicKey;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Sets this identity's public key. The old key and all of this identity's
|
||||
* certificates are removed by this operation.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"setIdentityPublicKey"</code> as its
|
||||
* argument to see if it's ok to set the public key.</p>
|
||||
*
|
||||
* @param key the public key for this identity.
|
||||
* @throws KeyManagementException if another identity in the identity's scope
|
||||
* has the same public key, or if another exception occurs.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow setting the public
|
||||
* key.
|
||||
* @see #getPublicKey()
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public void setPublicKey(PublicKey key) throws KeyManagementException
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("setIdentityPublicKey");
|
||||
|
||||
this.publicKey = key;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Specifies a general information string for this identity.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"setIdentityInfo"</code> as its
|
||||
* argument to see if it's ok to specify the information string.</p>
|
||||
*
|
||||
* @param info the information string.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow setting the
|
||||
* information string.
|
||||
* @see #getInfo()
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public void setInfo(String info)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("setIdentityInfo");
|
||||
|
||||
this.info = info;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns general information previously specified for this identity.
|
||||
*
|
||||
* @return general information about this identity.
|
||||
* @see #setInfo(String)
|
||||
*/
|
||||
public String getInfo()
|
||||
{
|
||||
return info;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Adds a certificate for this identity. If the identity has a public key,
|
||||
* the public key in the certificate must be the same, and if the identity
|
||||
* does not have a public key, the identity's public key is set to be that
|
||||
* specified in the certificate.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"addIdentityCertificate"</code> as its
|
||||
* argument to see if it's ok to add a certificate.</p>
|
||||
*
|
||||
* @param certificate the certificate to be added.
|
||||
* @throws KeyManagementException if the certificate is not valid, if the
|
||||
* public key in the certificate being added conflicts with this identity's
|
||||
* public key, or if another exception occurs.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow adding a
|
||||
* certificate.
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public void addCertificate(Certificate certificate)
|
||||
throws KeyManagementException
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("addIdentityCertificate");
|
||||
|
||||
// Check public key of this certificate against the first one in the vector
|
||||
if (certificates.size() > 0)
|
||||
{
|
||||
if (((Certificate) certificates.firstElement()).getPublicKey() != publicKey)
|
||||
throw new KeyManagementException("Public key does not match");
|
||||
}
|
||||
certificates.addElement(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Removes a certificate from this identity.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"removeIdentityCertificate"</code> as
|
||||
* its argument to see if it's ok to remove a certificate.</p>
|
||||
*
|
||||
* @param certificate the certificate to be removed.
|
||||
* @throws KeyManagementException if the certificate is missing, or if
|
||||
* another exception occurs.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow removing a
|
||||
* certificate.
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public void removeCertificate(Certificate certificate)
|
||||
throws KeyManagementException
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("removeIdentityCertificate");
|
||||
|
||||
if (certificates.contains(certificate) == false)
|
||||
throw new KeyManagementException("Certificate not found");
|
||||
|
||||
certificates.removeElement(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a copy of all the certificates for this identity.
|
||||
*
|
||||
* @return a copy of all the certificates for this identity.
|
||||
*/
|
||||
public Certificate[] certificates()
|
||||
{
|
||||
Certificate[] certs = new Certificate[certificates.size()];
|
||||
int max = certificates.size();
|
||||
for (int i = 0; i < max; i++)
|
||||
certs[i] = (Certificate) certificates.elementAt(i);
|
||||
|
||||
return certs;
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests for equality between the specified object and this identity. This
|
||||
* first tests to see if the entities actually refer to the same object, in
|
||||
* which case it returns <code>true</code>. Next, it checks to see if the
|
||||
* entities have the same <i>name</i> and the same <i>scope</i>. If they do,
|
||||
* the method returns <code>true</code>. Otherwise, it calls
|
||||
* <code>identityEquals()</code>, which subclasses should override.
|
||||
*
|
||||
* @param identity the object to test for equality with this identity.
|
||||
* @return <code>true</code> if the objects are considered equal, <code>false
|
||||
* </code>otherwise.
|
||||
* @see #identityEquals(Identity)
|
||||
*/
|
||||
public final boolean equals(Object identity)
|
||||
{
|
||||
if (identity instanceof Identity)
|
||||
{
|
||||
if (identity == this)
|
||||
return true;
|
||||
|
||||
if ((((Identity) identity).getName() == this.name) &&
|
||||
(((Identity) identity).getScope() == this.scope))
|
||||
return true;
|
||||
|
||||
return identityEquals((Identity) identity);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests for equality between the specified <code>identity</code> and this
|
||||
* <i>identity</i>. This method should be overriden by subclasses to test for
|
||||
* equality. The default behavior is to return <code>true</code> if the names
|
||||
* and public keys are equal.
|
||||
*
|
||||
* @param identity the identity to test for equality with this identity.
|
||||
* @return <code>true</code> if the identities are considered equal,
|
||||
* <code>false</code> otherwise.
|
||||
* @see #equals(Object)
|
||||
*/
|
||||
protected boolean identityEquals(Identity identity)
|
||||
{
|
||||
return ((identity.getName() == this.name) &&
|
||||
(identity.getPublicKey() == this.publicKey));
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns a short string describing this identity, telling its name and
|
||||
* its scope (if any).</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"printIdentity"</code> as its argument
|
||||
* to see if it's ok to return the string.</p>
|
||||
*
|
||||
* @return information about this identity, such as its name and the name of
|
||||
* its scope (if any).
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow returning a string
|
||||
* describing this identity.
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("printIdentity");
|
||||
|
||||
/* TODO: Insert proper format here */
|
||||
return (name + ":@" + scope + " Public Key: " + publicKey);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns a string representation of this identity, with optionally more
|
||||
* details than that provided by the <code>toString()</code> method without
|
||||
* any arguments.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"printIdentity"</code> as its argument
|
||||
* to see if it's ok to return the string.</p>
|
||||
*
|
||||
* @param detailed whether or not to provide detailed information.
|
||||
* @return information about this identity. If detailed is <code>true</code>,
|
||||
* then this method returns more information than that provided by the
|
||||
* <code>toString()</code> method without any arguments.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow returning a string
|
||||
* describing this identity.
|
||||
* @see #toString()
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public String toString(boolean detailed)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("printIdentity");
|
||||
|
||||
if (detailed)
|
||||
{
|
||||
/* TODO: Insert proper detailed format here */
|
||||
return (name + ":@" + scope + " Public Key: " + publicKey);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* TODO: Insert proper format here */
|
||||
return (name + ":@" + scope + " Public Key: " + publicKey);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a hashcode for this identity.
|
||||
*
|
||||
* @return a hashcode for this identity.
|
||||
*/
|
||||
public int hashCode()
|
||||
{
|
||||
int ret = name.hashCode();
|
||||
if (publicKey != null)
|
||||
ret |= publicKey.hashCode();
|
||||
if (scope != null)
|
||||
ret |= scope.hashCode();
|
||||
if (info != null)
|
||||
ret |= info.hashCode();
|
||||
if (certificates != null)
|
||||
ret |= certificates.hashCode();
|
||||
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
@@ -1,226 +0,0 @@
|
||||
/* IdentityScope.java --- IdentityScope Class
|
||||
Copyright (C) 1999, 2003, Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* <p>This class represents a scope for identities. It is an Identity itself,
|
||||
* and therefore has a name and can have a scope. It can also optionally have a
|
||||
* public key and associated certificates.</p>
|
||||
*
|
||||
* <p>An <code>IdentityScope</code> can contain {@link Identity} objects of all
|
||||
* kinds, including {@link Signer}s. All types of <code>Identity</code> objects
|
||||
* can be retrieved, added, and removed using the same methods. Note that it is
|
||||
* possible, and in fact expected, that different types of identity scopes will
|
||||
* apply different policies for their various operations on the various types of
|
||||
* Identities.</p>
|
||||
*
|
||||
* <p>There is a one-to-one mapping between keys and identities, and there can
|
||||
* only be one copy of one key per scope. For example, suppose Acme Software,
|
||||
* Inc is a software publisher known to a user. Suppose it is an <i>Identity</i>,
|
||||
* that is, it has a public key, and a set of associated certificates. It is
|
||||
* named in the scope using the name "Acme Software". No other named <i>Identity
|
||||
* </i> in the scope has the same public key. Of course, none has the same name
|
||||
* as well.</p>
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @see Identity
|
||||
* @see Signer
|
||||
* @see Principal
|
||||
* @see Key
|
||||
* @deprecated This class is no longer used. Its functionality has been replaced
|
||||
* by <code>java.security.KeyStore</code>, the <code>java.security.cert</code>
|
||||
* package, and <code>java.security.Principal</code>.
|
||||
*/
|
||||
public abstract class IdentityScope extends Identity
|
||||
{
|
||||
private static final long serialVersionUID = -2337346281189773310L;
|
||||
private static IdentityScope systemScope;
|
||||
|
||||
/**
|
||||
* This constructor is used for serialization only and should not be used by
|
||||
* subclasses.
|
||||
*/
|
||||
protected IdentityScope()
|
||||
{
|
||||
super();
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs a new identity scope with the specified name.
|
||||
*
|
||||
* @param name the scope name.
|
||||
*/
|
||||
public IdentityScope(String name)
|
||||
{
|
||||
super(name);
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs a new identity scope with the specified name and scope.
|
||||
*
|
||||
* @param name the scope name.
|
||||
* @param scope the scope for the new identity scope.
|
||||
* @throws KeyManagementException if there is already an identity with the
|
||||
* same name in the scope.
|
||||
*/
|
||||
public IdentityScope(String name, IdentityScope scope)
|
||||
throws KeyManagementException
|
||||
{
|
||||
super(name, scope);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the system's identity scope.
|
||||
*
|
||||
* @return the system's identity scope.
|
||||
* @see #setSystemScope(IdentityScope)
|
||||
*/
|
||||
public static IdentityScope getSystemScope()
|
||||
{
|
||||
if (systemScope == null)
|
||||
{
|
||||
//Load it
|
||||
//systemScope;
|
||||
}
|
||||
return systemScope;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the system's identity scope.
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"setSystemScope"</code> as its argument
|
||||
* to see if it's ok to set the identity scope.</p>
|
||||
*
|
||||
* @param scope the scope to set.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow setting the
|
||||
* identity scope.
|
||||
* @see #getSystemScope()
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
protected static void setSystemScope(IdentityScope scope)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("setSystemScope");
|
||||
|
||||
systemScope = scope;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the number of identities within this identity scope.
|
||||
*
|
||||
* @return the number of identities within this identity scope.
|
||||
*/
|
||||
public abstract int size();
|
||||
|
||||
/**
|
||||
* Returns the identity in this scope with the specified name (if any).
|
||||
*
|
||||
* @param name the name of the identity to be retrieved.
|
||||
* @return the identity named name, or <code>null</code> if there are no
|
||||
* identities named name in this scope.
|
||||
*/
|
||||
public abstract Identity getIdentity(String name);
|
||||
|
||||
/**
|
||||
* Retrieves the identity whose name is the same as that of the specified
|
||||
* principal. (Note: <code>Identity</code> implements <code>Principal</code>.)
|
||||
*
|
||||
* @param principal the principal corresponding to the identity to be
|
||||
* retrieved.
|
||||
* @return the identity whose name is the same as that of the principal, or
|
||||
* <code>null</code> if there are no identities of the same name in this scope.
|
||||
*/
|
||||
public Identity getIdentity(Principal principal)
|
||||
{
|
||||
return getIdentity(principal.getName());
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the identity with the specified public key.
|
||||
*
|
||||
* @param key the public key for the identity to be returned.
|
||||
* @return the identity with the given key, or <code>null</code> if there are
|
||||
* no identities in this scope with that key.
|
||||
*/
|
||||
public abstract Identity getIdentity(PublicKey key);
|
||||
|
||||
/**
|
||||
* Adds an identity to this identity scope.
|
||||
*
|
||||
* @param identity the identity to be added.
|
||||
* @throws KeyManagementException if the identity is not valid, a name
|
||||
* conflict occurs, another identity has the same public key as the identity
|
||||
* being added, or another exception occurs.
|
||||
*/
|
||||
public abstract void addIdentity(Identity identity)
|
||||
throws KeyManagementException;
|
||||
|
||||
/**
|
||||
* Removes an identity from this identity scope.
|
||||
*
|
||||
* @param identity the identity to be removed.
|
||||
* @throws KeyManagementException if the identity is missing, or another
|
||||
* exception occurs.
|
||||
*/
|
||||
public abstract void removeIdentity(Identity identity)
|
||||
throws KeyManagementException;
|
||||
|
||||
/**
|
||||
* Returns an enumeration of all identities in this identity scope.
|
||||
*
|
||||
* @return an enumeration of all identities in this identity scope.
|
||||
*/
|
||||
public abstract Enumeration identities();
|
||||
|
||||
/**
|
||||
* Returns a string representation of this identity scope, including its name,
|
||||
* its scope name, and the number of identities in this identity scope.
|
||||
*
|
||||
* @return a string representation of this identity scope.
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return (super.getName() + " " + super.getScope().getName() + " " + size());
|
||||
}
|
||||
}
|
||||
@@ -1,73 +0,0 @@
|
||||
/* InvalidAlgorithmParameterException.java -- an invalid parameter to a
|
||||
security algorithm
|
||||
Copyright (C) 2000, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* Thrown for an invalid security algorithm parameter.
|
||||
*
|
||||
* @author Warren Levy (warrenl@cygnus.com)
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class InvalidAlgorithmParameterException
|
||||
extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = 2864672297499471472L;
|
||||
|
||||
/**
|
||||
* Construct an exception with no message.
|
||||
*/
|
||||
public InvalidAlgorithmParameterException()
|
||||
{
|
||||
super();
|
||||
}
|
||||
|
||||
/**
|
||||
* Construct an exception with a message.
|
||||
*
|
||||
* @param msg the message
|
||||
*/
|
||||
public InvalidAlgorithmParameterException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,69 +0,0 @@
|
||||
/* InvalidKeyException -- thrown for an invalid key
|
||||
Copyright (C) 2000, 2002 Free Software Foundation
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* Thrown for an invalid key.
|
||||
*
|
||||
* @author Warren Levy (warrenl@cygnus.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class InvalidKeyException extends KeyException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 5698479920593359816L;
|
||||
|
||||
/**
|
||||
* Construct an exception with no message.
|
||||
*/
|
||||
public InvalidKeyException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Construct an exception with a message.
|
||||
*
|
||||
* @param msg the message
|
||||
*/
|
||||
public InvalidKeyException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,70 +0,0 @@
|
||||
/* InvalidParameterException.java -- an invalid parameter in the JCA/JCE engine
|
||||
Copyright (C) 2000, 2002 Free Software Foundation
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* Thrown when an invalid parameter is passed to a method of the JCA/JCE
|
||||
* engine classes.
|
||||
*
|
||||
* @author Warren Levy (warrenl@cygnus.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class InvalidParameterException extends IllegalArgumentException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -857968536935667808L;
|
||||
|
||||
/**
|
||||
* Construct an exception with no message.
|
||||
*/
|
||||
public InvalidParameterException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Construct an exception with a message.
|
||||
*
|
||||
* @param msg the message
|
||||
*/
|
||||
public InvalidParameterException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,94 +0,0 @@
|
||||
/* Key.java -- A abstract representation of a digital key
|
||||
Copyright (C) 1998, 2000, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* This interfaces models the base characteristics that all keys must
|
||||
* have. These are: a key algorithm, an encoded form, and a format used
|
||||
* to encode the key. Specific key types inherit from this interface.
|
||||
* Note that since this interface extends <code>Serializable</code>, all
|
||||
* keys may be serialized. Keys are generally obtained through key generators,
|
||||
* including {@link KeyFactory}.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see PublicKey
|
||||
* @see PrivateKey
|
||||
* @see KeyPair
|
||||
* @see KeyPairGenerator
|
||||
* @see KeyFactory
|
||||
* @see KeySpec
|
||||
* @see Identity
|
||||
* @see Signer
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface Key extends Serializable
|
||||
{
|
||||
/**
|
||||
* The version identifier used for serialization.
|
||||
*/
|
||||
long serialVersionUID = 6603384152749567654L;
|
||||
|
||||
/**
|
||||
* This method returns the name of the algorithm for this key. This is a
|
||||
* <code>String</code> such as "RSA".
|
||||
*
|
||||
* @return the name of the algorithm in use
|
||||
*/
|
||||
String getAlgorithm();
|
||||
|
||||
/**
|
||||
* This method returns the name of the encoding format for this key. This
|
||||
* is the name of the ASN.1 data format used for this key, such as
|
||||
* "X.509" or "PKCS#8". This method returns <code>null</code> if this key
|
||||
* does not have an encoding format.
|
||||
*
|
||||
* @return the name of the encoding format for this key, or null
|
||||
*/
|
||||
String getFormat();
|
||||
|
||||
/**
|
||||
* This method returns the encoded form of the key. If this key does not
|
||||
* support encoding, this method returns <code>null</code>.
|
||||
*
|
||||
* @return the encoded form of the key, or null
|
||||
*/
|
||||
byte[] getEncoded();
|
||||
} // interface Key
|
||||
@@ -1,72 +0,0 @@
|
||||
/* KeyException.java -- Thrown when there is a problem with a key
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception is thrown when there is a problem with a key.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see Key
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class KeyException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -7483676942812432108L;
|
||||
|
||||
/**
|
||||
* This method initializes a new instance of <code>KeyException</code>
|
||||
* with no descriptive message.
|
||||
*/
|
||||
public KeyException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* This method initializes a new instance of <code>KeyException</code>
|
||||
* with a descriptive message.
|
||||
*
|
||||
* @param msg the descriptive message
|
||||
*/
|
||||
public KeyException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,297 +0,0 @@
|
||||
/* KeyFactory.java --- Key Factory Class
|
||||
Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.KeySpec;
|
||||
|
||||
/**
|
||||
* <p>Key factories are used to convert keys (opaque cryptographic keys of type
|
||||
* {@link Key}) into key specifications (transparent representations of the
|
||||
* underlying key material), and vice versa.</p>
|
||||
*
|
||||
* <p>Key factories are bi-directional. That is, they allow you to build an
|
||||
* opaque key object from a given key specification (key material), or to
|
||||
* retrieve the underlying key material of a key object in a suitable format.</p>
|
||||
*
|
||||
* <p>Multiple compatible key specifications may exist for the same key. For
|
||||
* example, a <i>DSA</i> public key may be specified using {@link
|
||||
* java.security.spec.DSAPublicKeySpec} or {@link
|
||||
* java.security.spec.X509EncodedKeySpec}. A key factory can be used to
|
||||
* translate between compatible key specifications.</p>
|
||||
*
|
||||
* <p>The following is an example of how to use a key factory in order to
|
||||
* instantiate a <i>DSA</i> public key from its encoding. Assume Alice has
|
||||
* received a digital signature from Bob. Bob also sent her his public key (in
|
||||
* encoded format) to verify his signature. Alice then performs the following
|
||||
* actions:
|
||||
*
|
||||
* <pre>
|
||||
* X509EncodedKeySpec bobPubKeySpec = new X509EncodedKeySpec(bobEncodedPubKey);
|
||||
* KeyFactory keyFactory = KeyFactory.getInstance("DSA");
|
||||
* PublicKey bobPubKey = keyFactory.generatePublic(bobPubKeySpec);
|
||||
* Signature sig = Signature.getInstance("DSA");
|
||||
* sig.initVerify(bobPubKey);
|
||||
* sig.update(data);
|
||||
* sig.verify(signature);
|
||||
* </pre>
|
||||
*
|
||||
* @since 1.2
|
||||
* @see Key
|
||||
* @see PublicKey
|
||||
* @see PrivateKey
|
||||
* @see KeySpec
|
||||
* @see java.security.spec.DSAPublicKeySpec
|
||||
* @see java.security.spec.X509EncodedKeySpec
|
||||
@author Mark Benvenuto
|
||||
*/
|
||||
public class KeyFactory
|
||||
{
|
||||
/** The service name for key factories. */
|
||||
private static final String KEY_FACTORY = "KeyFactory";
|
||||
|
||||
private KeyFactorySpi keyFacSpi;
|
||||
private Provider provider;
|
||||
private String algorithm;
|
||||
|
||||
/**
|
||||
* Creates a <code>KeyFactory</code> object.
|
||||
*
|
||||
* @param keyFacSpi the delegate.
|
||||
* @param provider the provider.
|
||||
* @param algorithm the name of the algorithm to associate with this
|
||||
* <code>KeyFactory</code>.
|
||||
*/
|
||||
protected KeyFactory(KeyFactorySpi keyFacSpi, Provider provider,
|
||||
String algorithm)
|
||||
{
|
||||
this.keyFacSpi = keyFacSpi;
|
||||
this.provider = provider;
|
||||
this.algorithm = algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>KeyFactory</code> object that implements the specified
|
||||
* algorithm. If the default provider package provides an implementation of
|
||||
* the requested algorithm, an instance of <code>KeyFactory</code> containing
|
||||
* that implementation is returned. If the algorithm is not available in the
|
||||
* default package, other packages are searched.
|
||||
*
|
||||
* @param algorithm the name of the requested key algorithm. See Appendix A
|
||||
* in the Java Cryptography Architecture API Specification & Reference
|
||||
* for information about standard algorithm names.
|
||||
* @return a <code>KeyFactory</code> object for the specified algorithm.
|
||||
* @throws NoSuchAlgorithmException if the requested algorithm is not
|
||||
* available in the default provider package or any of the other provider
|
||||
* packages that were searched.
|
||||
*/
|
||||
public static KeyFactory getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
for (int i = 0; i < p.length; i++)
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignore.
|
||||
}
|
||||
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>KeyFactory</code> object for the specified algorithm
|
||||
* from the specified provider.
|
||||
*
|
||||
* @param algorithm the name of the requested key algorithm. See Appendix A
|
||||
* in the Java Cryptography Architecture API Specification & Reference
|
||||
* for information about standard algorithm names.
|
||||
* @param provider the name of the provider.
|
||||
* @return a <code>KeyFactory</code> object for the specified algorithm.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available from
|
||||
* the specified provider.
|
||||
* @throws NoSuchProviderException if the provider has not been configured.
|
||||
* @throws IllegalArgumentException if the provider name is null or empty.
|
||||
* @see Provider
|
||||
*/
|
||||
public static KeyFactory getInstance(String algorithm, String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
if (provider == null || provider.length() == 0)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>KeyFactory</code> object for the specified algorithm from
|
||||
* the specified provider. Note: the <code>provider</code> doesn't have to be
|
||||
* registered.
|
||||
*
|
||||
* @param algorithm the name of the requested key algorithm. See Appendix A
|
||||
* in the Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
* @param provider the provider.
|
||||
* @return a <code>KeyFactory</code> object for the specified algorithm.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available from
|
||||
* the specified provider.
|
||||
* @throws IllegalArgumentException if the <code>provider</code> is
|
||||
* <code>null</code>.
|
||||
* @since 1.4
|
||||
* @see Provider
|
||||
*/
|
||||
public static KeyFactory getInstance(String algorithm, Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
try
|
||||
{
|
||||
return new KeyFactory((KeyFactorySpi)
|
||||
Engine.getInstance(KEY_FACTORY, algorithm, provider),
|
||||
provider, algorithm);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the provider of this key factory object.
|
||||
*
|
||||
* @return the provider of this key factory object.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the name of the algorithm associated with this <code>KeyFactory</code>.
|
||||
*
|
||||
* @return the name of the algorithm associated with this
|
||||
* <code>KeyFactory</code>.
|
||||
*/
|
||||
public final String getAlgorithm()
|
||||
{
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a public key object from the provided key specification (key
|
||||
* material).
|
||||
*
|
||||
* @param keySpec the specification (key material) of the public key.
|
||||
* @return the public key.
|
||||
* @throws InvalidKeySpecException if the given key specification is
|
||||
* inappropriate for this key factory to produce a public key.
|
||||
*/
|
||||
public final PublicKey generatePublic(KeySpec keySpec)
|
||||
throws InvalidKeySpecException
|
||||
{
|
||||
return keyFacSpi.engineGeneratePublic(keySpec);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a private key object from the provided key specification (key
|
||||
* material).
|
||||
*
|
||||
* @param keySpec the specification (key material) of the private key.
|
||||
* @return the private key.
|
||||
* @throws InvalidKeySpecException if the given key specification is
|
||||
* inappropriate for this key factory to produce a private key.
|
||||
*/
|
||||
public final PrivateKey generatePrivate(KeySpec keySpec)
|
||||
throws InvalidKeySpecException
|
||||
{
|
||||
return keyFacSpi.engineGeneratePrivate(keySpec);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a specification (key material) of the given key object.
|
||||
* <code>keySpec</code> identifies the specification class in which the key
|
||||
* material should be returned. It could, for example, be
|
||||
* <code>DSAPublicKeySpec.class</code>, to indicate that the key material
|
||||
* should be returned in an instance of the {@link
|
||||
* java.security.spec.DSAPublicKeySpec} class.
|
||||
*
|
||||
* @param key the key.
|
||||
* @param keySpec the specification class in which the key material should be
|
||||
* returned.
|
||||
* @return the underlying key specification (key material) in an instance of
|
||||
* the requested specification class.
|
||||
* @throws InvalidKeySpecException if the requested key specification is
|
||||
* inappropriate for the given key, or the given key cannot be processed
|
||||
* (e.g., the given key has an unrecognized algorithm or format).
|
||||
*/
|
||||
public final KeySpec getKeySpec(Key key, Class keySpec)
|
||||
throws InvalidKeySpecException
|
||||
{
|
||||
return keyFacSpi.engineGetKeySpec(key, keySpec);
|
||||
}
|
||||
|
||||
/**
|
||||
* Translates a key object, whose provider may be unknown or potentially
|
||||
* untrusted, into a corresponding key object of this key factory.
|
||||
*
|
||||
* @param key the key whose provider is unknown or untrusted.
|
||||
* @return the translated key.
|
||||
* @throws InvalidKeyException if the given key cannot be processed by this
|
||||
* key factory.
|
||||
*/
|
||||
public final Key translateKey(Key key) throws InvalidKeyException
|
||||
{
|
||||
return keyFacSpi.engineTranslateKey(key);
|
||||
}
|
||||
}
|
||||
@@ -1,133 +0,0 @@
|
||||
/* KeyFactorySpi.java --- Key Factory Service Provider Interface
|
||||
Copyright (C) 1999, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.KeySpec;
|
||||
|
||||
/**
|
||||
* KeyFactorySpi is the Service Provider Interface (SPI) for the
|
||||
* KeyFactory class. This is the interface for providers to
|
||||
* supply to implement a key factory for an algorithm.
|
||||
*
|
||||
* Key factories are used to convert keys (opaque cryptographic
|
||||
* keys of type Key) into key specifications (transparent
|
||||
* representations of the underlying key material).
|
||||
*
|
||||
* Key factories are bi-directional. They allow a key class
|
||||
* to be converted into a key specification (key material) and
|
||||
* back again.
|
||||
*
|
||||
* For example DSA public keys can be specified as
|
||||
* DSAPublicKeySpec or X509EncodedKeySpec. The key factory
|
||||
* translate these key specifications.
|
||||
*
|
||||
* @since JDK 1.2
|
||||
* @author Mark Benvenuto
|
||||
*/
|
||||
public abstract class KeyFactorySpi
|
||||
{
|
||||
/**
|
||||
* Constucts a new KeyFactorySpi.
|
||||
*/
|
||||
public KeyFactorySpi()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a public key from the provided key specification.
|
||||
*
|
||||
* @param keySpec key specification
|
||||
*
|
||||
* @return the public key
|
||||
*
|
||||
* @throws InvalidKeySpecException invalid key specification for
|
||||
* this key factory to produce a public key
|
||||
*/
|
||||
protected abstract PublicKey engineGeneratePublic(KeySpec keySpec)
|
||||
throws InvalidKeySpecException;
|
||||
|
||||
|
||||
/**
|
||||
* Generates a private key from the provided key specification.
|
||||
*
|
||||
* @param keySpec key specification
|
||||
*
|
||||
* @return the private key
|
||||
*
|
||||
* @throws InvalidKeySpecException invalid key specification for
|
||||
* this key factory to produce a private key
|
||||
*/
|
||||
protected abstract PrivateKey engineGeneratePrivate(KeySpec keySpec)
|
||||
throws InvalidKeySpecException;
|
||||
|
||||
/**
|
||||
* Returns a key specification for the given key. keySpec
|
||||
* identifies the specification class to return the key
|
||||
* material in.
|
||||
*
|
||||
* @param key the key
|
||||
* @param keySpec the specification class to return the
|
||||
* key material in.
|
||||
*
|
||||
* @return the key specification in an instance of the requested
|
||||
* specification class
|
||||
*
|
||||
* @throws InvalidKeySpecException the requested key specification
|
||||
* is inappropriate for this key or the key is
|
||||
* unrecognized.
|
||||
*/
|
||||
protected abstract KeySpec engineGetKeySpec(Key key, Class keySpec)
|
||||
throws InvalidKeySpecException;
|
||||
|
||||
|
||||
/**
|
||||
* Translates the key from an unknown or untrusted provider
|
||||
* into a key for this key factory.
|
||||
*
|
||||
* @param the key from an unknown or untrusted provider
|
||||
*
|
||||
* @return the translated key
|
||||
*
|
||||
* @throws InvalidKeySpecException if the key cannot be
|
||||
* processed by this key factory
|
||||
*/
|
||||
protected abstract Key engineTranslateKey(Key key)
|
||||
throws InvalidKeyException;
|
||||
}
|
||||
@@ -1,71 +0,0 @@
|
||||
/* KeyManagementException.java -- an exception in key management
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception is thrown whenever a problem related to the management of
|
||||
* security keys is encountered.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see Key
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class KeyManagementException extends KeyException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 947674216157062695L;
|
||||
|
||||
/**
|
||||
* Create a new instance with no descriptive error message.
|
||||
*/
|
||||
public KeyManagementException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with a descriptive error message.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
*/
|
||||
public KeyManagementException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,87 +0,0 @@
|
||||
/* KeyPair.java --- Key Pair Class
|
||||
Copyright (C) 1999 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
KeyPair serves as a simple container for public and private keys.
|
||||
If properly initialized, this class should be treated like the
|
||||
private key since it contains it and take approriate security
|
||||
measures.
|
||||
|
||||
@author Mark Benvenuto
|
||||
*/
|
||||
public final class KeyPair implements Serializable
|
||||
{
|
||||
private static final long serialVersionUID = -7565189502268009837L;
|
||||
|
||||
private PublicKey publicKey;
|
||||
private PrivateKey privateKey;
|
||||
|
||||
/**
|
||||
Initializes the KeyPair with a pubilc and private key.
|
||||
|
||||
@param publicKey Public Key to store
|
||||
@param privateKey Private Key to store
|
||||
*/
|
||||
public KeyPair(PublicKey publicKey, PrivateKey privateKey)
|
||||
{
|
||||
this.publicKey = publicKey;
|
||||
this.privateKey = privateKey;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the public key stored in the KeyPair
|
||||
|
||||
@return The public key
|
||||
*/
|
||||
public PublicKey getPublic()
|
||||
{
|
||||
return publicKey;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the private key stored in the KeyPair
|
||||
|
||||
@return The private key
|
||||
*/
|
||||
public PrivateKey getPrivate()
|
||||
{
|
||||
return privateKey;
|
||||
}
|
||||
}
|
||||
@@ -1,401 +0,0 @@
|
||||
/* KeyPairGenerator.java --- Key Pair Generator Class
|
||||
Copyright (C) 1999, 2002, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
|
||||
/**
|
||||
* <p>The <code>KeyPairGenerator</code> class is used to generate pairs of
|
||||
* public and private keys. Key pair generators are constructed using the
|
||||
* <code>getInstance()</code> factory methods (static methods that return
|
||||
* instances of a given class).</p>
|
||||
*
|
||||
* <p>A Key pair generator for a particular algorithm creates a public/private
|
||||
* key pair that can be used with this algorithm. It also associates
|
||||
* algorithm-specific parameters with each of the generated keys.</p>
|
||||
*
|
||||
* <p>There are two ways to generate a key pair: in an algorithm-independent
|
||||
* manner, and in an algorithm-specific manner. The only difference between the
|
||||
* two is the initialization of the object:</p>
|
||||
*
|
||||
* <ul>
|
||||
* <li><b>Algorithm-Independent Initialization</b><br/>
|
||||
* All key pair generators share the concepts of a <i>keysize</i> and a
|
||||
* <i>source of randomness</i>. The <i>keysize</i> is interpreted differently
|
||||
* for different algorithms (e.g., in the case of the <i>DSA</i> algorithm,
|
||||
* the <i>keysize</i> corresponds to the length of the modulus). There is an
|
||||
* <code>initialize()</code> method in this <code>KeyPairGenerator</code>
|
||||
* class that takes these two universally shared types of arguments. There
|
||||
* is also one that takes just a <i>keysize</i> argument, and uses the
|
||||
* {@link SecureRandom} implementation of the highest-priority installed
|
||||
* provider as the <i>source of randomness</i>. (If none of the installed
|
||||
* providers supply an implementation of {@link SecureRandom}, a
|
||||
* system-provided source of randomness is used.)
|
||||
*
|
||||
* <p>Since no other parameters are specified when you call the above
|
||||
* algorithm-independent initialize methods, it is up to the provider what
|
||||
* to do about the algorithm-specific parameters (if any) to be associated
|
||||
* with each of the keys.</p>
|
||||
*
|
||||
* <p>If the algorithm is the <i>DSA</i> algorithm, and the <i>keysize</i>
|
||||
* (modulus size) is <code>512</code>, <code>768</code>, or <code>1024</code>,
|
||||
* then the <b>GNU</b> provider uses a set of precomputed values for the
|
||||
* <code>p</code>, <code>q</code>, and <code>g</code> parameters. If the
|
||||
* <i>modulus size</i> is not one of the above values, the <b>GNU</b>
|
||||
* provider creates a new set of parameters. Other providers might have
|
||||
* precomputed parameter sets for more than just the three modulus sizes
|
||||
* mentioned above. Still others might not have a list of precomputed
|
||||
* parameters at all and instead always create new parameter sets.</p></li>
|
||||
* <li><b>Algorithm-Specific Initialization</b><br/>
|
||||
* For situations where a set of algorithm-specific parameters already
|
||||
* exists (e.g., so-called <i>community parameters</i> in <i>DSA</i>), there
|
||||
* are two initialize methods that have an {@link AlgorithmParameterSpec}
|
||||
* argument. One also has a {@link SecureRandom} argument, while the the
|
||||
* other uses the {@link SecureRandom} implementation of the highest-priority
|
||||
* installed provider as the source of randomness. (If none of the installed
|
||||
* providers supply an implementation of {@link SecureRandom}, a
|
||||
* system-provided source of randomness is used.)</li>
|
||||
* </ul>
|
||||
*
|
||||
* <p>In case the client does not explicitly initialize the
|
||||
* <code>KeyPairGenerator</code> (via a call to an initialize method), each
|
||||
* provider must supply (and document) a default initialization. For example,
|
||||
* the <b>GNU</b> provider uses a default modulus size (keysize) of
|
||||
* <code>1024</code> bits.</p>
|
||||
*
|
||||
* <p>Note that this class is abstract and extends from {@link
|
||||
* KeyPairGeneratorSpi} for historical reasons. Application developers should
|
||||
* only take notice of the methods defined in this <code>KeyPairGenerator</code>
|
||||
* class; all the methods in the superclass are intended for cryptographic
|
||||
* service providers who wish to supply their own implementations of key pair
|
||||
* generators.</p>
|
||||
*
|
||||
* @see Signature
|
||||
* @see KeyPair
|
||||
* @see AlgorithmParameterSpec
|
||||
* @author Mark Benvenuto
|
||||
* @author Casey Marshall
|
||||
*/
|
||||
public abstract class KeyPairGenerator extends KeyPairGeneratorSpi
|
||||
{
|
||||
/** The service name for key pair generators. */
|
||||
private static final String KEY_PAIR_GENERATOR = "KeyPairGenerator";
|
||||
|
||||
Provider provider;
|
||||
private String algorithm;
|
||||
|
||||
/**
|
||||
* Creates a <code>KeyPairGenerator</code> object for the specified
|
||||
* algorithm.
|
||||
*
|
||||
* @param algorithm the standard string name of the algorithm.
|
||||
* See Appendix A in the Java Cryptography Architecture API
|
||||
* Specification & Reference for information about standard
|
||||
* algorithm names.
|
||||
*/
|
||||
protected KeyPairGenerator(String algorithm)
|
||||
{
|
||||
this.algorithm = algorithm;
|
||||
this.provider = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the standard name of the algorithm for this key pair generator.
|
||||
* See Appendix A in the Java Cryptography Architecture API Specification
|
||||
* & Reference for information about standard algorithm names.
|
||||
*
|
||||
* @return the standard string name of the algorithm.
|
||||
*/
|
||||
public String getAlgorithm()
|
||||
{
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>KeyPairGenerator</code> object that implements the
|
||||
* specified digest algorithm. If the default provider package provides an
|
||||
* implementation of the requested digest algorithm, an instance of
|
||||
* <code>KeyPairGenerator</code> containing that implementation is returned.
|
||||
* If the algorithm is not available in the default package, other packages
|
||||
* are searched.
|
||||
*
|
||||
* @param algorithm the standard string name of the algorithm. See Appendix A
|
||||
* in the Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
* @return the new <code>KeyPairGenerator</code> object.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available in the
|
||||
* environment.
|
||||
*/
|
||||
public static KeyPairGenerator getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignored.
|
||||
}
|
||||
}
|
||||
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>KeyPairGenerator</code> object implementing the
|
||||
* specified algorithm, as supplied from the specified provider, if
|
||||
* such an algorithm is available from the provider.
|
||||
*
|
||||
* @param algorithm the standard string name of the algorithm. See
|
||||
* Appendix A in the Java Cryptography Architecture API Specification
|
||||
* & Reference for information about standard algorithm names.
|
||||
* @param provider the string name of the provider.
|
||||
* @return the new <code>KeyPairGenerator</code> object.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available
|
||||
* from the provider.
|
||||
* @throws NoSuchProviderException if the provider is not available in the
|
||||
* environment.
|
||||
* @throws IllegalArgumentException if the provider name is <code>null</code>
|
||||
* or empty.
|
||||
* @see Provider
|
||||
*/
|
||||
public static KeyPairGenerator getInstance(String algorithm, String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>KeyPairGenerator</code> object implementing the specified
|
||||
* algorithm, as supplied from the specified provider, if such an algorithm is
|
||||
* available from the provider. Note: the provider doesn't have to be
|
||||
* registered.
|
||||
*
|
||||
* @param algorithm the standard string name of the algorithm. See Appendix A
|
||||
* in the Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
* @param provider the provider.
|
||||
* @return the new <code>KeyPairGenerator</code> object.
|
||||
* @throws NoSuchAlgorithmException if the <code>algorithm</code> is not
|
||||
* available from the <code>provider</code>.
|
||||
* @throws IllegalArgumentException if the <code>provider</code> is
|
||||
* <code>null</code>.
|
||||
* @since 1.4
|
||||
* @see Provider
|
||||
*/
|
||||
public static KeyPairGenerator getInstance(String algorithm,
|
||||
Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Object o = null;
|
||||
try
|
||||
{
|
||||
o = Engine.getInstance(KEY_PAIR_GENERATOR, algorithm, provider);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
KeyPairGenerator result = null;
|
||||
if (o instanceof KeyPairGeneratorSpi)
|
||||
{
|
||||
result = new DummyKeyPairGenerator((KeyPairGeneratorSpi) o, algorithm);
|
||||
}
|
||||
else if (o instanceof KeyPairGenerator)
|
||||
{
|
||||
result = (KeyPairGenerator) o;
|
||||
result.algorithm = algorithm;
|
||||
}
|
||||
result.provider = provider;
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the provider of this key pair generator object.
|
||||
*
|
||||
* @return the provider of this key pair generator object.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes the key pair generator for a certain keysize using a default
|
||||
* parameter set and the {@link SecureRandom} implementation of the
|
||||
* highest-priority installed provider as the source of randomness. (If none
|
||||
* of the installed providers supply an implementation of {@link SecureRandom},
|
||||
* a system-provided source of randomness is used.)
|
||||
*
|
||||
* @param keysize the keysize. This is an algorithm-specific metric, such as
|
||||
* modulus length, specified in number of bits.
|
||||
* @throws InvalidParameterException if the keysize is not supported by this
|
||||
* <code>KeyPairGenerator</code> object.
|
||||
*/
|
||||
public void initialize(int keysize)
|
||||
{
|
||||
initialize(keysize, new SecureRandom());
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes the key pair generator for a certain keysize with the given
|
||||
* source of randomness (and a default parameter set).
|
||||
*
|
||||
* @param keysize the keysize. This is an algorithm-specific metric, such as
|
||||
* modulus length, specified in number of bits.
|
||||
* @param random the source of randomness.
|
||||
* @throws InvalidParameterException if the <code>keysize</code> is not
|
||||
* supported by this <code>KeyPairGenerator</code> object.
|
||||
* @since 1.2
|
||||
*/
|
||||
public void initialize(int keysize, SecureRandom random)
|
||||
{
|
||||
initialize(keysize, random);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Initializes the key pair generator using the specified parameter set and
|
||||
* the {@link SecureRandom} implementation of the highest-priority installed
|
||||
* provider as the source of randomness. (If none of the installed providers
|
||||
* supply an implementation of {@link SecureRandom}, a system-provided source
|
||||
* of randomness is used.)</p>
|
||||
*
|
||||
* <p>This concrete method has been added to this previously-defined abstract
|
||||
* class. This method calls the
|
||||
* {@link KeyPairGeneratorSpi#initialize(AlgorithmParameterSpec, SecureRandom)}
|
||||
* initialize method, passing it <code>params</code> and a source of
|
||||
* randomness (obtained from the highest-priority installed provider or
|
||||
* system-provided if none of the installed providers supply one). That
|
||||
* initialize method always throws an {@link UnsupportedOperationException}
|
||||
* if it is not overridden by the provider.</p>
|
||||
*
|
||||
* @param params the parameter set used to generate the keys.
|
||||
* @throws InvalidAlgorithmParameterException if the given parameters are
|
||||
* inappropriate for this key pair generator.
|
||||
* @since 1.2
|
||||
*/
|
||||
public void initialize(AlgorithmParameterSpec params)
|
||||
throws InvalidAlgorithmParameterException
|
||||
{
|
||||
initialize(params, new SecureRandom());
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Initializes the key pair generator with the given parameter set and
|
||||
* source of randomness.</p>
|
||||
*
|
||||
* <p>This concrete method has been added to this previously-defined abstract
|
||||
* class. This method calls the
|
||||
* {@link KeyPairGeneratorSpi#initialize(AlgorithmParameterSpec, SecureRandom)}
|
||||
* initialize method, passing it <code>params</code> and <code>random</code>.
|
||||
* That initialize method always throws an {@link UnsupportedOperationException}
|
||||
* if it is not overridden by the provider.</p>
|
||||
*
|
||||
* @param params the parameter set used to generate the keys.
|
||||
* @param random the source of randomness.
|
||||
* @throws InvalidAlgorithmParameterException if the given parameters are
|
||||
* inappropriate for this key pair generator.
|
||||
* @since 1.2
|
||||
*/
|
||||
public void initialize(AlgorithmParameterSpec params, SecureRandom random)
|
||||
throws InvalidAlgorithmParameterException
|
||||
{
|
||||
super.initialize(params, random);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Generates a key pair.</p>
|
||||
*
|
||||
* <p>If this <code>KeyPairGenerator</code> has not been initialized
|
||||
* explicitly, provider-specific defaults will be used for the size and other
|
||||
* (algorithm-specific) values of the generated keys.</p>
|
||||
*
|
||||
* <p>This will generate a new key pair every time it is called.</p>
|
||||
*
|
||||
* <p>This method is functionally equivalent to {@link #generateKeyPair()}.</p>
|
||||
*
|
||||
* @return the generated key pair.
|
||||
* @since 1.2
|
||||
*/
|
||||
public final KeyPair genKeyPair()
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance("DSA", "GNU").generateKeyPair();
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
System.err.println("genKeyPair failed: " + e);
|
||||
e.printStackTrace();
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Generates a key pair.</p>
|
||||
*
|
||||
* <p>If this <code>KeyPairGenerator</code> has not been initialized
|
||||
* explicitly, provider-specific defaults will be used for the size and other
|
||||
* (algorithm-specific) values of the generated keys.</p>
|
||||
*
|
||||
* <p>This will generate a new key pair every time it is called.</p>
|
||||
*
|
||||
* <p>This method is functionally equivalent to {@link #genKeyPair()}.</p>
|
||||
*
|
||||
* @return the generated key pair.
|
||||
*/
|
||||
public KeyPair generateKeyPair()
|
||||
{
|
||||
return genKeyPair();
|
||||
}
|
||||
}
|
||||
@@ -1,102 +0,0 @@
|
||||
/* KeyPairGeneratorSpi.java --- Key Pair Generator SPI Class
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
|
||||
/**
|
||||
KeyPairGeneratorSpi is the interface used to generate key pairs
|
||||
for security algorithms.
|
||||
|
||||
@author Mark Benvenuto
|
||||
*/
|
||||
public abstract class KeyPairGeneratorSpi
|
||||
{
|
||||
/**
|
||||
Constructs a new KeyPairGeneratorSpi
|
||||
*/
|
||||
public KeyPairGeneratorSpi()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
Initialize the KeyPairGeneratorSpi with the specified
|
||||
key size and source of randomness
|
||||
|
||||
@param keysize size of the key to generate
|
||||
@param random A SecureRandom source of randomness
|
||||
*/
|
||||
public abstract void initialize(int keysize, SecureRandom random);
|
||||
|
||||
/**
|
||||
Initialize the KeyPairGeneratorSpi with the specified
|
||||
AlgorithmParameterSpec and source of randomness
|
||||
|
||||
This is a concrete method. It may be overridden by the provider
|
||||
and if the AlgorithmParameterSpec class is invalid
|
||||
throw InvalidAlgorithmParameterException. By default this
|
||||
method just throws UnsupportedOperationException.
|
||||
|
||||
@param params A AlgorithmParameterSpec to intialize with
|
||||
@param random A SecureRandom source of randomness
|
||||
|
||||
@throws InvalidAlgorithmParameterException
|
||||
*/
|
||||
public void initialize(AlgorithmParameterSpec params, SecureRandom random)
|
||||
throws InvalidAlgorithmParameterException
|
||||
{
|
||||
throw new java.lang.UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
Generates a KeyPair according the rules for the algorithm.
|
||||
Unless intialized, algorithm defaults will be used. It
|
||||
creates a unique key pair each time.
|
||||
|
||||
@return a key pair
|
||||
*/
|
||||
public abstract KeyPair generateKeyPair();
|
||||
|
||||
/**
|
||||
* We override clone here to make it accessible for use by
|
||||
* DummyKeyPairGenerator.
|
||||
*/
|
||||
protected Object clone() throws CloneNotSupportedException
|
||||
{
|
||||
return super.clone();
|
||||
}
|
||||
}
|
||||
@@ -1,507 +0,0 @@
|
||||
/* KeyStore.java --- Key Store Class
|
||||
Copyright (C) 1999, 2002, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.util.Date;
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* Keystore represents an in-memory collection of keys and
|
||||
* certificates. There are two types of entries:
|
||||
*
|
||||
* <dl>
|
||||
* <dt>Key Entry</dt>
|
||||
*
|
||||
* <dd><p>This type of keystore entry store sensitive crytographic key
|
||||
* information in a protected format.Typically this is a secret
|
||||
* key or a private key with a certificate chain.</p></dd>
|
||||
*
|
||||
* <dt>Trusted Ceritificate Entry</dt>
|
||||
*
|
||||
* <dd><p>This type of keystore entry contains a single public key
|
||||
* certificate belonging to annother entity. It is called trusted
|
||||
* because the keystore owner trusts that the certificates
|
||||
* belongs to the subject (owner) of the certificate.</p></dd>
|
||||
* </dl>
|
||||
*
|
||||
* <p>Entries in a key store are referred to by their "alias": a simple
|
||||
* unique string.
|
||||
*
|
||||
* <p>The structure and persistentence of the key store is not
|
||||
* specified. Any method could be used to protect sensitive
|
||||
* (private or secret) keys. Smart cards or integrated
|
||||
* cryptographic engines could be used or the keystore could
|
||||
* be simply stored in a file.</p>
|
||||
*
|
||||
* @see java.security.cert.Certificate
|
||||
* @see Key
|
||||
*/
|
||||
public class KeyStore
|
||||
{
|
||||
|
||||
// Constants and fields.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/** Service name for key stores. */
|
||||
private static final String KEY_STORE = "KeyStore";
|
||||
|
||||
private KeyStoreSpi keyStoreSpi;
|
||||
private Provider provider;
|
||||
private String type;
|
||||
|
||||
// Constructors.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
Creates an instance of KeyStore
|
||||
|
||||
@param keyStoreSpi A KeyStore engine to use
|
||||
@param provider A provider to use
|
||||
@param type The type of KeyStore
|
||||
*/
|
||||
protected KeyStore(KeyStoreSpi keyStoreSpi, Provider provider, String type)
|
||||
{
|
||||
this.keyStoreSpi = keyStoreSpi;
|
||||
this.provider = provider;
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
// Class methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Gets an instance of the KeyStore class representing
|
||||
* the specified keystore. If the type is not
|
||||
* found then, it throws KeyStoreException.
|
||||
*
|
||||
* @param type the type of keystore to choose
|
||||
* @return a KeyStore repesenting the desired type
|
||||
* @throws KeyStoreException if the type of keystore is not implemented
|
||||
* by providers or the implementation cannot be instantiated.
|
||||
*/
|
||||
public static KeyStore getInstance(String type) throws KeyStoreException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(type, p[i]);
|
||||
}
|
||||
catch (KeyStoreException e)
|
||||
{
|
||||
// Ignore.
|
||||
}
|
||||
}
|
||||
|
||||
throw new KeyStoreException(type);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets an instance of the KeyStore class representing
|
||||
* the specified key store from the specified provider.
|
||||
* If the type is not found then, it throws KeyStoreException.
|
||||
* If the provider is not found, then it throws
|
||||
* NoSuchProviderException.
|
||||
*
|
||||
* @param type the type of keystore to choose
|
||||
* @param provider the provider name
|
||||
* @return a KeyStore repesenting the desired type
|
||||
* @throws KeyStoreException if the type of keystore is not
|
||||
* implemented by the given provider
|
||||
* @throws NoSuchProviderException if the provider is not found
|
||||
* @throws IllegalArgumentException if the provider string is
|
||||
* null or empty
|
||||
*/
|
||||
public static KeyStore getInstance(String type, String provider)
|
||||
throws KeyStoreException, NoSuchProviderException
|
||||
{
|
||||
if (provider == null || provider.length() == 0)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(type, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets an instance of the KeyStore class representing
|
||||
* the specified key store from the specified provider.
|
||||
* If the type is not found then, it throws KeyStoreException.
|
||||
* If the provider is not found, then it throws
|
||||
* NoSuchProviderException.
|
||||
*
|
||||
* @param type the type of keystore to choose
|
||||
* @param provider the keystore provider
|
||||
* @return a KeyStore repesenting the desired type
|
||||
* @throws KeyStoreException if the type of keystore is not
|
||||
* implemented by the given provider
|
||||
* @throws IllegalArgumentException if the provider object is null
|
||||
* @since 1.4
|
||||
*/
|
||||
public static KeyStore getInstance(String type, Provider provider)
|
||||
throws KeyStoreException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
try
|
||||
{
|
||||
return new KeyStore(
|
||||
(KeyStoreSpi) Engine.getInstance(KEY_STORE, type, provider),
|
||||
provider, type);
|
||||
}
|
||||
catch (NoSuchAlgorithmException nsae)
|
||||
{
|
||||
throw new KeyStoreException(type);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new KeyStoreException(type);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new KeyStoreException(type);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the default KeyStore type. This method looks up the
|
||||
* type in <JAVA_HOME>/lib/security/java.security with the
|
||||
* property "keystore.type" or if that fails then "jks" .
|
||||
*/
|
||||
public static final String getDefaultType()
|
||||
{
|
||||
// Security reads every property in java.security so it
|
||||
// will return this property if it exists.
|
||||
String tmp = Security.getProperty("keystore.type");
|
||||
|
||||
if (tmp == null)
|
||||
tmp = "jks";
|
||||
|
||||
return tmp;
|
||||
}
|
||||
|
||||
// Instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
Gets the provider that the class is from.
|
||||
|
||||
@return the provider of this class
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the type of the KeyStore supported
|
||||
|
||||
@return A string with the type of KeyStore
|
||||
*/
|
||||
public final String getType()
|
||||
{
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the key associated with given alias using the
|
||||
supplied password.
|
||||
|
||||
@param alias an alias for the key to get
|
||||
@param password password to access key with
|
||||
|
||||
@return the requested key, or null otherwise
|
||||
|
||||
@throws NoSuchAlgorithmException if there is no algorithm
|
||||
for recovering the key
|
||||
@throws UnrecoverableKeyException key cannot be reocovered
|
||||
(wrong password).
|
||||
*/
|
||||
public final Key getKey(String alias, char[]password)
|
||||
throws KeyStoreException, NoSuchAlgorithmException,
|
||||
UnrecoverableKeyException
|
||||
{
|
||||
return keyStoreSpi.engineGetKey(alias, password);
|
||||
}
|
||||
|
||||
/**
|
||||
Gets a Certificate chain for the specified alias.
|
||||
|
||||
@param alias the alias name
|
||||
|
||||
@return a chain of Certificates ( ordered from the user's
|
||||
certificate to the Certificate Authority's ) or
|
||||
null if the alias does not exist or there is no
|
||||
certificate chain for the alias ( the alias refers
|
||||
to a trusted certificate entry or there is no entry).
|
||||
*/
|
||||
public final java.security.cert.
|
||||
Certificate[] getCertificateChain(String alias) throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineGetCertificateChain(alias);
|
||||
}
|
||||
|
||||
/**
|
||||
Gets a Certificate for the specified alias.
|
||||
|
||||
If there is a trusted certificate entry then that is returned.
|
||||
it there is a key entry with a certificate chain then the
|
||||
first certificate is return or else null.
|
||||
|
||||
@param alias the alias name
|
||||
|
||||
@return a Certificate or null if the alias does not exist
|
||||
or there is no certificate for the alias
|
||||
*/
|
||||
public final java.security.cert.Certificate getCertificate(String alias)
|
||||
throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineGetCertificate(alias);
|
||||
}
|
||||
|
||||
/**
|
||||
Gets entry creation date for the specified alias.
|
||||
|
||||
@param alias the alias name
|
||||
|
||||
@returns the entry creation date or null
|
||||
*/
|
||||
public final Date getCreationDate(String alias) throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineGetCreationDate(alias);
|
||||
}
|
||||
|
||||
/**
|
||||
Assign the key to the alias in the keystore, protecting it
|
||||
with the given password. It will overwrite an existing
|
||||
entry and if the key is a PrivateKey, also add the
|
||||
certificate chain representing the corresponding public key.
|
||||
|
||||
@param alias the alias name
|
||||
@param key the key to add
|
||||
@password the password to protect with
|
||||
@param chain the certificate chain for the corresponding
|
||||
public key
|
||||
|
||||
@throws KeyStoreException if it fails
|
||||
*/
|
||||
public final void setKeyEntry(String alias, Key key, char[]password,
|
||||
java.security.cert.
|
||||
Certificate[]chain) throws KeyStoreException
|
||||
{
|
||||
keyStoreSpi.engineSetKeyEntry(alias, key, password, chain);
|
||||
}
|
||||
|
||||
/**
|
||||
Assign the key to the alias in the keystore. It will overwrite
|
||||
an existing entry and if the key is a PrivateKey, also
|
||||
add the certificate chain representing the corresponding
|
||||
public key.
|
||||
|
||||
@param alias the alias name
|
||||
@param key the key to add
|
||||
@param chain the certificate chain for the corresponding
|
||||
public key
|
||||
|
||||
@throws KeyStoreException if it fails
|
||||
*/
|
||||
public final void setKeyEntry(String alias, byte[]key,
|
||||
java.security.cert.
|
||||
Certificate[]chain) throws KeyStoreException
|
||||
{
|
||||
keyStoreSpi.engineSetKeyEntry(alias, key, chain);
|
||||
}
|
||||
|
||||
/**
|
||||
Assign the certificate to the alias in the keystore. It
|
||||
will overwrite an existing entry.
|
||||
|
||||
@param alias the alias name
|
||||
@param cert the certificate to add
|
||||
|
||||
@throws KeyStoreException if it fails
|
||||
*/
|
||||
public final void setCertificateEntry(String alias,
|
||||
java.security.cert.
|
||||
Certificate cert) throws
|
||||
KeyStoreException
|
||||
{
|
||||
keyStoreSpi.engineSetCertificateEntry(alias, cert);
|
||||
}
|
||||
|
||||
/**
|
||||
Deletes the entry for the specified entry.
|
||||
|
||||
@param alias the alias name
|
||||
|
||||
@throws KeyStoreException if it fails
|
||||
*/
|
||||
public final void deleteEntry(String alias) throws KeyStoreException
|
||||
{
|
||||
keyStoreSpi.engineDeleteEntry(alias);
|
||||
}
|
||||
|
||||
/**
|
||||
Generates a list of all the aliases in the keystore.
|
||||
|
||||
@return an Enumeration of the aliases
|
||||
*/
|
||||
public final Enumeration aliases() throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineAliases();
|
||||
}
|
||||
|
||||
/**
|
||||
Determines if the keystore contains the specified alias.
|
||||
|
||||
@param alias the alias name
|
||||
|
||||
@return true if it contains the alias, false otherwise
|
||||
*/
|
||||
public final boolean containsAlias(String alias) throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineContainsAlias(alias);
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the number of entries in the keystore.
|
||||
|
||||
@returns the number of keystore entries.
|
||||
*/
|
||||
public final int size() throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineSize();
|
||||
}
|
||||
|
||||
/**
|
||||
Determines if the keystore contains a key entry for
|
||||
the specified alias.
|
||||
|
||||
@param alias the alias name
|
||||
|
||||
@return true if it is a key entry, false otherwise
|
||||
*/
|
||||
public final boolean isKeyEntry(String alias) throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineIsKeyEntry(alias);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Determines if the keystore contains a certificate entry for
|
||||
the specified alias.
|
||||
|
||||
@param alias the alias name
|
||||
|
||||
@return true if it is a certificate entry, false otherwise
|
||||
*/
|
||||
public final boolean isCertificateEntry(String alias)
|
||||
throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineIsCertificateEntry(alias);
|
||||
}
|
||||
|
||||
/**
|
||||
Determines if the keystore contains the specified certificate
|
||||
entry and returns the alias.
|
||||
|
||||
It checks every entry and for a key entry checks only the
|
||||
first certificate in the chain.
|
||||
|
||||
@param cert Certificate to look for
|
||||
|
||||
@return alias of first matching certificate, null if it
|
||||
does not exist.
|
||||
*/
|
||||
public final String getCertificateAlias(java.security.cert.Certificate cert)
|
||||
throws KeyStoreException
|
||||
{
|
||||
return keyStoreSpi.engineGetCertificateAlias(cert);
|
||||
}
|
||||
|
||||
/**
|
||||
Stores the keystore in the specified output stream and it
|
||||
uses the specified key it keep it secure.
|
||||
|
||||
@param stream the output stream to save the keystore to
|
||||
@param password the password to protect the keystore integrity with
|
||||
|
||||
@throws IOException if an I/O error occurs.
|
||||
@throws NoSuchAlgorithmException the data integrity algorithm
|
||||
used cannot be found.
|
||||
@throws CertificateException if any certificates could not be
|
||||
stored in the output stream.
|
||||
*/
|
||||
public final void store(OutputStream stream, char[]password)
|
||||
throws KeyStoreException, IOException, NoSuchAlgorithmException,
|
||||
CertificateException
|
||||
{
|
||||
keyStoreSpi.engineStore(stream, password);
|
||||
}
|
||||
|
||||
/**
|
||||
Loads the keystore from the specified input stream and it
|
||||
uses the specified password to check for integrity if supplied.
|
||||
|
||||
@param stream the input stream to load the keystore from
|
||||
@param password the password to check the keystore integrity with
|
||||
|
||||
@throws IOException if an I/O error occurs.
|
||||
@throws NoSuchAlgorithmException the data integrity algorithm
|
||||
used cannot be found.
|
||||
@throws CertificateException if any certificates could not be
|
||||
stored in the output stream.
|
||||
*/
|
||||
public final void load(InputStream stream, char[]password)
|
||||
throws IOException, NoSuchAlgorithmException, CertificateException
|
||||
{
|
||||
keyStoreSpi.engineLoad(stream, password);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,70 +0,0 @@
|
||||
/* KeyStoreException.java -- Indicates a problem with the key store
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* Indicates a problem with the key store.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class KeyStoreException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = -1119353179322377262L;
|
||||
|
||||
/**
|
||||
* Create a new instance detailed error message.
|
||||
*/
|
||||
public KeyStoreException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with a detailed error message.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
*/
|
||||
public KeyStoreException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,275 +0,0 @@
|
||||
/* KeyStoreSpi.java --- Key Store Service Provider Interface
|
||||
Copyright (C) 1999, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.util.Date;
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* KeyStoreSpi is the Service Provider Interface (SPI) for the
|
||||
* KeyStore class. This is the interface for providers to
|
||||
* supply to implement a keystore for a particular keystore
|
||||
* type.
|
||||
*
|
||||
* @since 1.2
|
||||
* @author Mark Benvenuto
|
||||
*/
|
||||
public abstract class KeyStoreSpi
|
||||
{
|
||||
/**
|
||||
* Constructs a new KeyStoreSpi
|
||||
*/
|
||||
public KeyStoreSpi()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the key associated with given alias using the
|
||||
* supplied password.
|
||||
*
|
||||
* @param alias an alias for the key to get
|
||||
* @param password password to access key with
|
||||
*
|
||||
* @return the requested key, or null otherwise
|
||||
*
|
||||
* @throws NoSuchAlgorithmException if there is no algorithm
|
||||
* for recovering the key
|
||||
* @throws UnrecoverableKeyException key cannot be reocovered
|
||||
* (wrong password).
|
||||
*/
|
||||
public abstract Key engineGetKey(String alias, char[]password)
|
||||
throws NoSuchAlgorithmException, UnrecoverableKeyException;
|
||||
|
||||
/**
|
||||
* Gets a Certificate chain for the specified alias.
|
||||
*
|
||||
* @param alias the alias name
|
||||
*
|
||||
* @return a chain of Certificates ( ordered from the user's
|
||||
* certificate to the Certificate Authority's ) or
|
||||
* null if the alias does not exist or there is no
|
||||
* certificate chain for the alias ( the alias refers
|
||||
* to a trusted certificate entry or there is no entry).
|
||||
*/
|
||||
public abstract java.security.cert.
|
||||
Certificate[] engineGetCertificateChain(String alias);
|
||||
|
||||
|
||||
/**
|
||||
* Gets a Certificate for the specified alias.
|
||||
*
|
||||
* If there is a trusted certificate entry then that is returned.
|
||||
* it there is a key entry with a certificate chain then the
|
||||
* first certificate is return or else null.
|
||||
*
|
||||
* @param alias the alias name
|
||||
*
|
||||
* @return a Certificate or null if the alias does not exist
|
||||
* or there is no certificate for the alias
|
||||
*/
|
||||
public abstract java.security.cert.
|
||||
Certificate engineGetCertificate(String alias);
|
||||
|
||||
/**
|
||||
* Gets entry creation date for the specified alias.
|
||||
*
|
||||
* @param alias the alias name
|
||||
*
|
||||
* @returns the entry creation date or null
|
||||
*/
|
||||
public abstract Date engineGetCreationDate(String alias);
|
||||
|
||||
/**
|
||||
* Assign the key to the alias in the keystore, protecting it
|
||||
* with the given password. It will overwrite an existing
|
||||
* entry and if the key is a PrivateKey, also add the
|
||||
* certificate chain representing the corresponding public key.
|
||||
*
|
||||
* @param alias the alias name
|
||||
* @param key the key to add
|
||||
* @password the password to protect with
|
||||
* @param chain the certificate chain for the corresponding
|
||||
* public key
|
||||
*
|
||||
* @throws KeyStoreException if it fails
|
||||
*/
|
||||
public abstract void engineSetKeyEntry(String alias, Key key,
|
||||
char[]password,
|
||||
java.security.cert.
|
||||
Certificate[]chain) throws
|
||||
KeyStoreException;
|
||||
|
||||
/**
|
||||
* Assign the key to the alias in the keystore. It will overwrite
|
||||
* an existing entry and if the key is a PrivateKey, also
|
||||
* add the certificate chain representing the corresponding
|
||||
* public key.
|
||||
*
|
||||
* @param alias the alias name
|
||||
* @param key the key to add
|
||||
* @param chain the certificate chain for the corresponding
|
||||
* public key
|
||||
*
|
||||
* @throws KeyStoreException if it fails
|
||||
*/
|
||||
public abstract void engineSetKeyEntry(String alias, byte[]key,
|
||||
java.security.cert.
|
||||
Certificate[]chain) throws
|
||||
KeyStoreException;
|
||||
|
||||
|
||||
/**
|
||||
* Assign the certificate to the alias in the keystore. It
|
||||
* will overwrite an existing entry.
|
||||
*
|
||||
* @param alias the alias name
|
||||
* @param cert the certificate to add
|
||||
*
|
||||
* @throws KeyStoreException if it fails
|
||||
*/
|
||||
public abstract void engineSetCertificateEntry(String alias,
|
||||
java.security.cert.
|
||||
Certificate cert) throws
|
||||
KeyStoreException;
|
||||
|
||||
/**
|
||||
* Deletes the entry for the specified entry.
|
||||
*
|
||||
* @param alias the alias name
|
||||
*
|
||||
* @throws KeyStoreException if it fails
|
||||
*/
|
||||
public abstract void engineDeleteEntry(String alias)
|
||||
throws KeyStoreException;
|
||||
|
||||
/**
|
||||
* Generates a list of all the aliases in the keystore.
|
||||
*
|
||||
* @return an Enumeration of the aliases
|
||||
*/
|
||||
public abstract Enumeration engineAliases();
|
||||
|
||||
/**
|
||||
* Determines if the keystore contains the specified alias.
|
||||
*
|
||||
* @param alias the alias name
|
||||
*
|
||||
* @return true if it contains the alias, false otherwise
|
||||
*/
|
||||
public abstract boolean engineContainsAlias(String alias);
|
||||
|
||||
/**
|
||||
* Returns the number of entries in the keystore.
|
||||
*
|
||||
* @returns the number of keystore entries.
|
||||
*/
|
||||
public abstract int engineSize();
|
||||
|
||||
/**
|
||||
* Determines if the keystore contains a key entry for
|
||||
* the specified alias.
|
||||
*
|
||||
* @param alias the alias name
|
||||
*
|
||||
* @return true if it is a key entry, false otherwise
|
||||
*/
|
||||
public abstract boolean engineIsKeyEntry(String alias);
|
||||
|
||||
/**
|
||||
* Determines if the keystore contains a certificate entry for
|
||||
* the specified alias.
|
||||
*
|
||||
* @param alias the alias name
|
||||
*
|
||||
* @return true if it is a certificate entry, false otherwise
|
||||
*/
|
||||
public abstract boolean engineIsCertificateEntry(String alias);
|
||||
|
||||
/**
|
||||
* Determines if the keystore contains the specified certificate
|
||||
* entry and returns the alias.
|
||||
*
|
||||
* It checks every entry and for a key entry checks only the
|
||||
* first certificate in the chain.
|
||||
*
|
||||
* @param cert Certificate to look for
|
||||
*
|
||||
* @return alias of first matching certificate, null if it
|
||||
* does not exist.
|
||||
*/
|
||||
public abstract String engineGetCertificateAlias(java.security.cert.
|
||||
Certificate cert);
|
||||
|
||||
/**
|
||||
* Stores the keystore in the specified output stream and it
|
||||
* uses the specified key it keep it secure.
|
||||
*
|
||||
* @param stream the output stream to save the keystore to
|
||||
* @param password the password to protect the keystore integrity with
|
||||
*
|
||||
* @throws IOException if an I/O error occurs.
|
||||
* @throws NoSuchAlgorithmException the data integrity algorithm
|
||||
* used cannot be found.
|
||||
* @throws CertificateException if any certificates could not be
|
||||
* stored in the output stream.
|
||||
*/
|
||||
public abstract void engineStore(OutputStream stream, char[]password)
|
||||
throws IOException, NoSuchAlgorithmException, CertificateException;
|
||||
|
||||
|
||||
/**
|
||||
* Loads the keystore from the specified input stream and it
|
||||
* uses the specified password to check for integrity if supplied.
|
||||
*
|
||||
* @param stream the input stream to load the keystore from
|
||||
* @param password the password to check the keystore integrity with
|
||||
*
|
||||
* @throws IOException if an I/O error occurs.
|
||||
* @throws NoSuchAlgorithmException the data integrity algorithm
|
||||
* used cannot be found.
|
||||
* @throws CertificateException if any certificates could not be
|
||||
* stored in the output stream.
|
||||
*/
|
||||
public abstract void engineLoad(InputStream stream, char[]password)
|
||||
throws IOException, NoSuchAlgorithmException, CertificateException;
|
||||
}
|
||||
@@ -1,413 +0,0 @@
|
||||
/* MessageDigest.java --- The message digest interface.
|
||||
Copyright (C) 1999, 2002, 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
/**
|
||||
* <p>This <code>MessageDigest</code> class provides applications the
|
||||
* functionality of a message digest algorithm, such as <i>MD5</i> or <i>SHA</i>.
|
||||
* Message digests are secure one-way hash functions that take arbitrary-sized
|
||||
* data and output a fixed-length hash value.</p>
|
||||
*
|
||||
* <p>A <code>MessageDigest</code> object starts out initialized. The data is
|
||||
* processed through it using the <code>update()</code> methods. At any point
|
||||
* <code>reset()</code> can be called to reset the digest. Once all the data to
|
||||
* be updated has been updated, one of the <code>digest()</code> methods should
|
||||
* be called to complete the hash computation.</p>
|
||||
*
|
||||
* <p>The <code>digest()</code> method can be called <b>once</b> for a given
|
||||
* number of updates. After <code>digest()</code> has been called, the
|
||||
* <code>MessageDigest</code> object is <b>reset</b> to its initialized state.
|
||||
* </p>
|
||||
*
|
||||
* <p>Implementations are free to implement the {@link Cloneable} interface.
|
||||
* Client applications can test cloneability by attempting cloning and catching
|
||||
* the {@link CloneNotSupportedException}:
|
||||
*
|
||||
* <pre>
|
||||
* MessageDigest md = MessageDigest.getInstance("SHA");
|
||||
* try
|
||||
* {
|
||||
* md.update(toChapter1);
|
||||
* MessageDigest tc1 = md.clone();
|
||||
* byte[] toChapter1Digest = tc1.digest();
|
||||
* md.update(toChapter2);
|
||||
* // ...
|
||||
* }
|
||||
* catch (CloneNotSupportedException x)
|
||||
* {
|
||||
* throw new DigestException("couldn't make digest of partial content");
|
||||
* }
|
||||
* </pre>
|
||||
*
|
||||
* <p>Note that if a given implementation is not cloneable, it is still possible
|
||||
* to compute intermediate digests by instantiating several instances, if the
|
||||
* number of digests is known in advance.</p>
|
||||
*
|
||||
* <p>Note that this class is abstract and extends from {@link MessageDigestSpi}
|
||||
* for historical reasons. Application developers should only take notice of the
|
||||
* methods defined in this <code>MessageDigest</code> class; all the methods in
|
||||
* the superclass are intended for cryptographic service providers who wish to
|
||||
* supply their own implementations of message digest algorithms.</p>
|
||||
*
|
||||
* @see MessageDigestSpi
|
||||
* @see Provider
|
||||
* @since JDK 1.1
|
||||
*/
|
||||
public abstract class MessageDigest extends MessageDigestSpi
|
||||
{
|
||||
/** The service name for message digests. */
|
||||
private static final String MESSAGE_DIGEST = "MessageDigest";
|
||||
|
||||
private String algorithm;
|
||||
Provider provider;
|
||||
private byte[] lastDigest;
|
||||
|
||||
/**
|
||||
* Creates a message digest with the specified algorithm name.
|
||||
*
|
||||
* @param algorithm the standard name of the digest algorithm.
|
||||
* See Appendix A in the Java Cryptography Architecture API
|
||||
* Specification & Reference for information about standard
|
||||
* algorithm names.
|
||||
*/
|
||||
protected MessageDigest(String algorithm)
|
||||
{
|
||||
this.algorithm = algorithm;
|
||||
provider = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>MessageDigest</code> object that implements the specified
|
||||
* digest algorithm. If the default provider package provides an
|
||||
* implementation of the requested digest algorithm, an instance of
|
||||
* <code>MessageDigest</code> containing that implementation is returned. If
|
||||
* the algorithm is not available in the default package, other packages are
|
||||
* searched.
|
||||
*
|
||||
* @param algorithm the name of the algorithm requested. See Appendix A in the
|
||||
* Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
* @return a Message Digest object implementing the specified algorithm.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available in the
|
||||
* caller's environment.
|
||||
*/
|
||||
public static MessageDigest getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException ignored)
|
||||
{
|
||||
// Ignore.
|
||||
}
|
||||
}
|
||||
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>MessageDigest</code> object implementing the specified
|
||||
* algorithm, as supplied from the specified provider, if such an algorithm is
|
||||
* available from the provider.
|
||||
*
|
||||
* @param algorithm the name of the algorithm requested. See Appendix A in the
|
||||
* Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
* @param provider the name of the provider.
|
||||
* @return a Message Digest object implementing the specified algorithm.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available in the
|
||||
* package supplied by the requested provider.
|
||||
* @throws NoSuchProviderException if the provider is not available in the
|
||||
* environment.
|
||||
* @throws IllegalArgumentException if the provider name is null or empty.
|
||||
* @see Provider
|
||||
*/
|
||||
public static MessageDigest getInstance(String algorithm, String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
if (provider == null || provider.length() == 0)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>MessageDigest</code> object implementing the specified
|
||||
* algorithm, as supplied from the specified provider, if such an algorithm
|
||||
* is available from the provider. Note: the provider doesn't have to be
|
||||
* registered.
|
||||
*
|
||||
* @param algorithm the name of the algorithm requested. See Appendix A in
|
||||
* the Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
* @param provider the provider.
|
||||
* @return a Message Digest object implementing the specified algorithm.
|
||||
* @throws NoSuchAlgorithmException if the <code>algorithm</code> is not
|
||||
* available in the package supplied by the requested <code>provider</code>.
|
||||
* @throws IllegalArgumentException if the <code>provider</code> is
|
||||
* <code>null</code>.
|
||||
* @since 1.4
|
||||
* @see Provider
|
||||
*/
|
||||
public static MessageDigest getInstance(String algorithm, Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
MessageDigest result = null;
|
||||
Object o = null;
|
||||
try
|
||||
{
|
||||
o = Engine.getInstance(MESSAGE_DIGEST, algorithm, provider);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
if (o instanceof MessageDigestSpi)
|
||||
{
|
||||
result = new DummyMessageDigest((MessageDigestSpi) o, algorithm);
|
||||
}
|
||||
else if (o instanceof MessageDigest)
|
||||
{
|
||||
result = (MessageDigest) o;
|
||||
result.algorithm = algorithm;
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
result.provider = provider;
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the provider of this message digest object.
|
||||
*
|
||||
* @return the provider of this message digest object.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the digest using the specified byte.
|
||||
*
|
||||
* @param input the byte with which to update the digest.
|
||||
*/
|
||||
public void update(byte input)
|
||||
{
|
||||
engineUpdate(input);
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the digest using the specified array of bytes, starting at the
|
||||
* specified offset.
|
||||
*
|
||||
* @param input the array of bytes.
|
||||
* @param offset the offset to start from in the array of bytes.
|
||||
* @param len the number of bytes to use, starting at offset.
|
||||
*/
|
||||
public void update(byte[] input, int offset, int len)
|
||||
{
|
||||
engineUpdate(input, offset, len);
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the digest using the specified array of bytes.
|
||||
*
|
||||
* @param input the array of bytes.
|
||||
*/
|
||||
public void update(byte[] input)
|
||||
{
|
||||
engineUpdate(input, 0, input.length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Completes the hash computation by performing final operations such as
|
||||
* padding. The digest is reset after this call is made.
|
||||
*
|
||||
* @return the array of bytes for the resulting hash value.
|
||||
*/
|
||||
public byte[] digest()
|
||||
{
|
||||
return lastDigest = engineDigest();
|
||||
}
|
||||
|
||||
/**
|
||||
* Completes the hash computation by performing final operations such as
|
||||
* padding. The digest is reset after this call is made.
|
||||
*
|
||||
* @param buf An output buffer for the computed digest.
|
||||
* @param offset The offset into the output buffer to begin storing the digest.
|
||||
* @param len The number of bytes within buf allotted for the digest.
|
||||
* @return The number of bytes placed into buf.
|
||||
* @throws DigestException if an error occurs.
|
||||
*/
|
||||
public int digest(byte[] buf, int offset, int len) throws DigestException
|
||||
{
|
||||
return engineDigest(buf, offset, len);
|
||||
}
|
||||
|
||||
/**
|
||||
* Performs a final update on the digest using the specified array of bytes,
|
||||
* then completes the digest computation. That is, this method first calls
|
||||
* <code>update(input)</code>, passing the input array to the <code>update()
|
||||
* </code> method, then calls <code>digest()</code>.
|
||||
*
|
||||
* @param input the input to be updated before the digest is completed.
|
||||
* @return the array of bytes for the resulting hash value.
|
||||
*/
|
||||
public byte[] digest(byte[] input)
|
||||
{
|
||||
update(input);
|
||||
return digest();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a string representation of this message digest object.
|
||||
*
|
||||
* @return a string representation of the object.
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return (getClass()).getName() + " Message Digest <" + digestToString() + ">";
|
||||
}
|
||||
|
||||
/**
|
||||
* Compares two digests for equality. Does a simple byte compare.
|
||||
*
|
||||
* @param digesta one of the digests to compare.
|
||||
* @param digestb the other digest to compare.
|
||||
* @return <code>true</code> if the digests are equal, <code>false</code>
|
||||
* otherwise.
|
||||
*/
|
||||
public static boolean isEqual(byte[] digesta, byte[] digestb)
|
||||
{
|
||||
if (digesta.length != digestb.length)
|
||||
return false;
|
||||
|
||||
for (int i = digesta.length - 1; i >= 0; --i)
|
||||
if (digesta[i] != digestb[i])
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/** Resets the digest for further use. */
|
||||
public void reset()
|
||||
{
|
||||
engineReset();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a string that identifies the algorithm, independent of
|
||||
* implementation details. The name should be a standard Java Security name
|
||||
* (such as <code>"SHA"</code>, <code>"MD5"</code>, and so on). See Appendix
|
||||
* A in the Java Cryptography Architecture API Specification & Reference
|
||||
* for information about standard algorithm names.
|
||||
*
|
||||
* @return the name of the algorithm.
|
||||
*/
|
||||
public final String getAlgorithm()
|
||||
{
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the length of the digest in bytes, or <code>0</code> if this
|
||||
* operation is not supported by the provider and the implementation is not
|
||||
* cloneable.
|
||||
*
|
||||
* @return the digest length in bytes, or <code>0</code> if this operation is
|
||||
* not supported by the provider and the implementation is not cloneable.
|
||||
* @since 1.2
|
||||
*/
|
||||
public final int getDigestLength()
|
||||
{
|
||||
return engineGetDigestLength();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a clone if the implementation is cloneable.
|
||||
*
|
||||
* @return a clone if the implementation is cloneable.
|
||||
* @throws CloneNotSupportedException if this is called on an implementation
|
||||
* that does not support {@link Cloneable}.
|
||||
*/
|
||||
public Object clone() throws CloneNotSupportedException
|
||||
{
|
||||
return super.clone();
|
||||
}
|
||||
|
||||
private String digestToString()
|
||||
{
|
||||
byte[] digest = lastDigest;
|
||||
|
||||
if (digest == null)
|
||||
return "incomplete";
|
||||
|
||||
StringBuffer buf = new StringBuffer();
|
||||
int len = digest.length;
|
||||
for (int i = 0; i < len; ++i)
|
||||
{
|
||||
byte b = digest[i];
|
||||
byte high = (byte) ((b & 0xff) >>> 4);
|
||||
byte low = (byte) (b & 0xf);
|
||||
|
||||
buf.append(high > 9 ? ('a' - 10) + high : '0' + high);
|
||||
buf.append(low > 9 ? ('a' - 10) + low : '0' + low);
|
||||
}
|
||||
|
||||
return buf.toString();
|
||||
}
|
||||
}
|
||||
@@ -1,155 +0,0 @@
|
||||
/* MessageDigestSpi.java --- The message digest service provider interface.
|
||||
Copyright (C) 1999, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
This is the Service Provider Interface (SPI) for MessageDigest
|
||||
class in java.security. It provides the back end functionality
|
||||
for the MessageDigest class so that it can compute message
|
||||
hashes. The default hashes are SHA-1 and MD5. A message hash
|
||||
takes data of arbitrary length and produces a unique number
|
||||
representing it.
|
||||
|
||||
Cryptography service providers who want to implement their
|
||||
own message digest hashes need only to subclass this class.
|
||||
|
||||
The implementation of a Cloneable interface is left to up to
|
||||
the programmer of a subclass.
|
||||
|
||||
@version 0.0
|
||||
|
||||
@author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
*/
|
||||
public abstract class MessageDigestSpi
|
||||
{
|
||||
/**
|
||||
Default constructor of the MessageDigestSpi class
|
||||
*/
|
||||
public MessageDigestSpi()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the length of the digest. It may be overridden by the
|
||||
provider to return the length of the digest. Default is to
|
||||
return 0. It is concrete for backwards compatibility with JDK1.1
|
||||
message digest classes.
|
||||
|
||||
@return Length of Digest in Bytes
|
||||
|
||||
@since 1.2
|
||||
*/
|
||||
protected int engineGetDigestLength()
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
Updates the digest with the specified byte.
|
||||
|
||||
@param input the byte to update digest with
|
||||
*/
|
||||
protected abstract void engineUpdate(byte input);
|
||||
|
||||
|
||||
/**
|
||||
Updates the digest with the specified bytes starting with the
|
||||
offset and proceeding for the specified length.
|
||||
|
||||
@param input the byte array to update digest with
|
||||
@param offset the offset of the byte to start with
|
||||
@param len the number of the bytes to update with
|
||||
*/
|
||||
protected abstract void engineUpdate(byte[]input, int offset, int len);
|
||||
|
||||
/**
|
||||
Computes the final digest of the stored bytes and returns
|
||||
them. It performs any necessary padding. The message digest
|
||||
should reset sensitive data after performing the digest.
|
||||
|
||||
@return An array of bytes containing the digest
|
||||
*/
|
||||
protected abstract byte[] engineDigest();
|
||||
|
||||
/**
|
||||
Computes the final digest of the stored bytes and returns
|
||||
them. It performs any necessary padding. The message digest
|
||||
should reset sensitive data after performing the digest. This
|
||||
method is left concrete for backwards compatibility with JDK1.1
|
||||
message digest classes.
|
||||
|
||||
@param buf An array of bytes to store the digest
|
||||
@param offset An offset to start storing the digest at
|
||||
@param len The length of the buffer
|
||||
@return Returns the length of the buffer
|
||||
|
||||
@since 1.2
|
||||
*/
|
||||
protected int engineDigest(byte[]buf, int offset, int len)
|
||||
throws DigestException
|
||||
{
|
||||
if (engineGetDigestLength() > len)
|
||||
throw new DigestException("Buffer is too small.");
|
||||
|
||||
byte[] tmp = engineDigest();
|
||||
if (tmp.length > len)
|
||||
throw new DigestException("Buffer is too small");
|
||||
|
||||
System.arraycopy(tmp, 0, buf, offset, tmp.length);
|
||||
return tmp.length;
|
||||
}
|
||||
|
||||
/**
|
||||
Resets the digest engine. Reinitializes internal variables
|
||||
and clears sensitive data.
|
||||
*/
|
||||
protected abstract void engineReset();
|
||||
|
||||
/**
|
||||
Returns a clone of this class.
|
||||
|
||||
If cloning is not supported, then by default the class throws a
|
||||
CloneNotSupportedException. The MessageDigestSpi provider
|
||||
implementation has to overload this class in order to be
|
||||
cloneable.
|
||||
*/
|
||||
public Object clone() throws CloneNotSupportedException
|
||||
{
|
||||
return super.clone();
|
||||
}
|
||||
}
|
||||
@@ -1,70 +0,0 @@
|
||||
/* NoSuchAlgorithmException.java -- an algorithm was not available
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception is thrown when the requested security algorithm is
|
||||
* not available
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class NoSuchAlgorithmException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -7443947487218346562L;
|
||||
|
||||
/**
|
||||
* Create a new instance with no descriptive error message.
|
||||
*/
|
||||
public NoSuchAlgorithmException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with a descriptive error message.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
*/
|
||||
public NoSuchAlgorithmException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,70 +0,0 @@
|
||||
/* NoSuchProviderException.java -- thrown when a provider is not found
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception is thrown when the requested security provider is
|
||||
* not available.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class NoSuchProviderException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 8488111756688534474L;
|
||||
|
||||
/**
|
||||
* Create a new instance with no descriptive error message.
|
||||
*/
|
||||
public NoSuchProviderException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with a descriptive error message.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
*/
|
||||
public NoSuchProviderException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,187 +0,0 @@
|
||||
/* Permission.java -- The superclass for all permission objects
|
||||
Copyright (C) 1998, 2001, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* This class is the abstract superclass of all classes that implement
|
||||
* the concept of a permission. A permission consists of a permission name
|
||||
* and optionally a list of actions that relate to the permission. The
|
||||
* actual meaning of the name of the permission is defined only in the
|
||||
* context of a subclass. It may name a resource to which access permissions
|
||||
* are granted (for example, the name of a file) or it might represent
|
||||
* something else entirely. Similarly, the action list only has meaning
|
||||
* within the context of a subclass. Some permission names may have no
|
||||
* actions associated with them. That is, you either have the permission
|
||||
* or you don't.
|
||||
*
|
||||
* <p>The most important method in this class is <code>implies</code>. This
|
||||
* checks whether if one has this permission, then the specified
|
||||
* permission is also implied. As a conceptual example, consider the
|
||||
* permissions "Read All Files" and "Read File foo". The permission
|
||||
* "Read All Files" implies that the caller has permission to read the
|
||||
* file foo.
|
||||
*
|
||||
* <p><code>Permission</code>'s must be immutable - do not change their
|
||||
* state after creation.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see Permissions
|
||||
* @see PermissionCollection
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public abstract class Permission implements Guard, Serializable
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -5636570222231596674L;
|
||||
|
||||
/**
|
||||
* This is the name assigned to this permission object.
|
||||
*
|
||||
* @serial the name of the permission
|
||||
*/
|
||||
private String name;
|
||||
|
||||
/**
|
||||
* Create an instance with the specified name.
|
||||
*
|
||||
* @param name the permission name
|
||||
*/
|
||||
public Permission(String name)
|
||||
{
|
||||
this.name = name;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method implements the <code>Guard</code> interface for this class.
|
||||
* It calls the <code>checkPermission</code> method in
|
||||
* <code>SecurityManager</code> with this <code>Permission</code> as its
|
||||
* argument. This method returns silently if the security check succeeds
|
||||
* or throws an exception if it fails.
|
||||
*
|
||||
* @param obj the <code>Object</code> being guarded - ignored by this class
|
||||
* @throws SecurityException if the security check fails
|
||||
* @see GuardedObject
|
||||
* @see SecurityManager#checkPermission(Permission)
|
||||
*/
|
||||
public void checkGuard(Object obj)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkPermission(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* This method tests whether this <code>Permission</code> implies that the
|
||||
* specified <code>Permission</code> is also granted.
|
||||
*
|
||||
* @param perm the <code>Permission</code> to test against
|
||||
* @return true if perm is implied by this
|
||||
*/
|
||||
public abstract boolean implies(Permission perm);
|
||||
|
||||
/**
|
||||
* Check to see if this object equals obj. Use <code>implies</code>, rather
|
||||
* than <code>equals</code>, when making access control decisions.
|
||||
*
|
||||
* @param obj the object to compare to
|
||||
*/
|
||||
public abstract boolean equals(Object obj);
|
||||
|
||||
/**
|
||||
* This method returns a hash code for this <code>Permission</code>. It
|
||||
* must satisfy the contract of <code>Object.hashCode</code>: it must be
|
||||
* the same for all objects that equals considers to be the same.
|
||||
*
|
||||
* @return a hash value
|
||||
*/
|
||||
public abstract int hashCode();
|
||||
|
||||
/**
|
||||
* Get the name of this <code>Permission</code>.
|
||||
*
|
||||
* @return the name
|
||||
*/
|
||||
public final String getName()
|
||||
{
|
||||
return name;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns the list of actions for this <code>Permission</code>
|
||||
* as a <code>String</code>. The string should be in canonical order, for
|
||||
* example, both <code>new FilePermission(f, "write,read")</code> and
|
||||
* <code>new FilePermission(f, "read,write")</code> have the action list
|
||||
* "read,write".
|
||||
*
|
||||
* @return the action list for this <code>Permission</code>
|
||||
*/
|
||||
public abstract String getActions();
|
||||
|
||||
/**
|
||||
* This method returns an empty <code>PermissionCollection</code> object
|
||||
* that can store permissions of this type, or <code>null</code> if no
|
||||
* such collection is defined. Subclasses must override this to provide
|
||||
* an appropriate collection when one is needed to accurately calculate
|
||||
* <code>implies</code>.
|
||||
*
|
||||
* @return a new <code>PermissionCollection</code>
|
||||
*/
|
||||
public PermissionCollection newPermissionCollection()
|
||||
{
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a <code>String</code> representation of this
|
||||
* <code>Permission</code> object. This is in the format:
|
||||
* <code>'(' + getClass().getName() + ' ' + getName() + ' ' + getActions
|
||||
* + ')'</code>.
|
||||
*
|
||||
* @return this object as a <code>String</code>
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return '(' + getClass().getName() + ' ' + getName() + ' '
|
||||
+ getActions() + ')';
|
||||
}
|
||||
} // class Permission
|
||||
@@ -1,167 +0,0 @@
|
||||
/* PermissionCollection.java -- A collection of permission objects
|
||||
Copyright (C) 1998, 2001, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* This class models a group of Java permissions. It has convenient
|
||||
* methods for determining whether or not a given permission is implied
|
||||
* by any of the permissions in this collection.
|
||||
*
|
||||
* <p>Some care must be taken in storing permissions. First, a collection of
|
||||
* the appropriate type must be created. This is done by calling the
|
||||
* <code>newPermissionCollection</code> method on an object of the
|
||||
* permission class you wish to add to the collection. If this method
|
||||
* returns <code>null</code>, any type of <code>PermissionCollection</code>
|
||||
* can be used to store permissions of that type. However, if a
|
||||
* <code>PermissionCollection</code> collection object is returned, that
|
||||
* type must be used.
|
||||
*
|
||||
* <p>A <code>PermissionCollection</code> returned by the
|
||||
* <code>newPermissionCollection</code> method in a subclass of
|
||||
* <code>Permission</code> is a homogeneous collection. It only will
|
||||
* hold permissions of one specified type - instances of the class that
|
||||
* created it. Not all <code>PermissionCollection</code> subclasses
|
||||
* have to hold permissions of only one type however. For example,
|
||||
* the <code>Permissions</code> class holds permissions of many types.
|
||||
*
|
||||
* <p>Since the <code>newPermissionCollection</code> in <code>Permission</code>
|
||||
* itself returns <code>null</code>, by default a permission can be stored
|
||||
* in any type of collection unless it overrides that method to create its
|
||||
* own collection type.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @see Permission
|
||||
* @see Permissions
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public abstract class PermissionCollection implements Serializable
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -6727011328946861783L;
|
||||
|
||||
/**
|
||||
* Indicates whether or not this collection is read only.
|
||||
*
|
||||
* @serial if the collection is read-only
|
||||
*/
|
||||
private boolean readOnly;
|
||||
|
||||
/**
|
||||
* Create a new collection.
|
||||
*/
|
||||
public PermissionCollection()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* This method adds a new <code>Permission</code> object to the collection.
|
||||
*
|
||||
* @param perm the <code>Permission</code> to add
|
||||
*
|
||||
* @throws SecurityException if the collection is marked read only
|
||||
* @throws IllegalArgumentException if perm is of the wrong type
|
||||
*/
|
||||
public abstract void add(Permission perm);
|
||||
|
||||
/**
|
||||
* This method tests whether the specified <code>Permission</code> object is
|
||||
* implied by this collection of <code>Permission</code> objects.
|
||||
*
|
||||
* @param perm the <code>Permission</code> object to test
|
||||
* @return true if the collection implies perm
|
||||
*/
|
||||
public abstract boolean implies(Permission perm);
|
||||
|
||||
/**
|
||||
* This method returns an <code>Enumeration</code> of all the objects in
|
||||
* this collection.
|
||||
*
|
||||
* @return an <code>Enumeration</code> of this collection's objects
|
||||
*/
|
||||
public abstract Enumeration elements();
|
||||
|
||||
/**
|
||||
* This method sets this <code>PermissionCollection</code> object to be
|
||||
* read only. No further permissions can be added to it after calling this
|
||||
* method.
|
||||
*/
|
||||
public void setReadOnly()
|
||||
{
|
||||
readOnly = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method tests whether or not this <code>PermissionCollection</code>
|
||||
* object is read only.
|
||||
*
|
||||
* @return true if this collection is read only
|
||||
*/
|
||||
public boolean isReadOnly()
|
||||
{
|
||||
return readOnly;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a <code>String</code> representation of this
|
||||
* collection. It is formed by:
|
||||
* <pre>
|
||||
* super.toString()" (\n"
|
||||
* // enumerate all permissions, one per line
|
||||
* ")\n"
|
||||
* </pre>
|
||||
*
|
||||
* @return a <code>String</code> representing this object
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
StringBuffer sb = new StringBuffer(super.toString());
|
||||
|
||||
sb.append(" (\n");
|
||||
Enumeration e = elements();
|
||||
while (e.hasMoreElements())
|
||||
sb.append(' ').append(e.nextElement()).append('\n');
|
||||
return sb.append(")\n").toString();
|
||||
}
|
||||
} // class PermissionCollection
|
||||
@@ -1,254 +0,0 @@
|
||||
/* Permissions.java -- a collection of permission collections
|
||||
Copyright (C) 1998, 2001, 2002, 2004, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Enumeration;
|
||||
import java.util.Hashtable;
|
||||
import java.util.NoSuchElementException;
|
||||
|
||||
/**
|
||||
* This class is a heterogeneous collection of permissions. It is
|
||||
* organized as a collection of <code>PermissionCollection</code>'s stored
|
||||
* in a hashtable. Each individual <code>PermissionCollection</code>
|
||||
* contains permissions of a single type. If a specific type of
|
||||
* <code>Permission</code> does not provide a collection type to use
|
||||
* via its <code>newPermissionCollection</code> method, then a default
|
||||
* collection type which stores its permissions in a hash table will be
|
||||
* used.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @since 1.1
|
||||
*/
|
||||
public final class Permissions extends PermissionCollection
|
||||
implements Serializable
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 4858622370623524688L;
|
||||
|
||||
/**
|
||||
* Holds instances of <code>AllPermission</code>.
|
||||
*
|
||||
* @serial the permission collection for AllPermission
|
||||
*/
|
||||
private PermissionCollection allPermission;
|
||||
|
||||
// Package-private to avoid a trampoline.
|
||||
/**
|
||||
* This is the <code>Hashtable</code> that contains our collections.
|
||||
*
|
||||
* @serial maps Class to PermissionCollection
|
||||
*/
|
||||
final Hashtable perms = new Hashtable();
|
||||
|
||||
/**
|
||||
* This method initializes a new instance of <code>Permissions</code>.
|
||||
*/
|
||||
public Permissions()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* This method adds a new <code>Permission</code> to this collection. It
|
||||
* will be stored in a <code>PermissionCollection</code> of the appropriate
|
||||
* type, as determined by calling <code>newPermissionCollection</code> on
|
||||
* the specified permission (if an appropriate collection does not already
|
||||
* exist). If this object does not specify a particular type of collection,
|
||||
* a default collection, which stores in permissions in a hash table, will
|
||||
* be used.
|
||||
*
|
||||
* @param perm the <code>Permission</code> to add
|
||||
* @throws SecurityException if this collection is marked as read only
|
||||
*/
|
||||
public void add(Permission perm)
|
||||
{
|
||||
if (isReadOnly())
|
||||
throw new SecurityException("PermissionCollection is read only");
|
||||
if (perm instanceof AllPermission)
|
||||
{
|
||||
if (allPermission == null)
|
||||
{
|
||||
allPermission = perm.newPermissionCollection();
|
||||
allPermission.add(perm);
|
||||
perms.put(perm.getClass(), allPermission);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
PermissionCollection pc
|
||||
= (PermissionCollection) perms.get(perm.getClass());
|
||||
if (pc == null)
|
||||
{
|
||||
pc = perm.newPermissionCollection();
|
||||
if (pc == null)
|
||||
pc = new PermissionsHash();
|
||||
perms.put(perm.getClass(), pc);
|
||||
}
|
||||
pc.add(perm);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* This method tests whether or not the specified <code>Permission</code>
|
||||
* is implied by this <code>PermissionCollection</code>.
|
||||
*
|
||||
* @param perm the <code>Permission</code> to test
|
||||
* @return true if the specified permission is implied by this
|
||||
*/
|
||||
public boolean implies(Permission perm)
|
||||
{
|
||||
if (allPermission != null)
|
||||
return true;
|
||||
PermissionCollection pc
|
||||
= (PermissionCollection) perms.get(perm.getClass());
|
||||
return pc == null ? false : pc.implies(perm);
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns an <code>Enumeration</code> which contains a
|
||||
* list of all <code>Permission</code> objects contained in this
|
||||
* collection.
|
||||
*
|
||||
* @return an <code>Enumeration</code> of this collection's elements
|
||||
*/
|
||||
public Enumeration elements()
|
||||
{
|
||||
return new Enumeration()
|
||||
{
|
||||
Enumeration main_enum = perms.elements();
|
||||
Enumeration sub_enum;
|
||||
|
||||
public boolean hasMoreElements()
|
||||
{
|
||||
if (sub_enum == null)
|
||||
{
|
||||
if (main_enum == null)
|
||||
return false;
|
||||
if (! main_enum.hasMoreElements())
|
||||
{
|
||||
main_enum = null;
|
||||
return false;
|
||||
}
|
||||
PermissionCollection pc =
|
||||
(PermissionCollection) main_enum.nextElement();
|
||||
sub_enum = pc.elements();
|
||||
}
|
||||
if (! sub_enum.hasMoreElements())
|
||||
{
|
||||
sub_enum = null;
|
||||
return hasMoreElements();
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public Object nextElement()
|
||||
{
|
||||
if (! hasMoreElements())
|
||||
throw new NoSuchElementException();
|
||||
return sub_enum.nextElement();
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* Implements the permission collection for all permissions without one of
|
||||
* their own, and obeys serialization of JDK.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
*/
|
||||
private static final class PermissionsHash extends PermissionCollection
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -8491988220802933440L;
|
||||
|
||||
/**
|
||||
* Hashtable where we store permissions.
|
||||
*
|
||||
* @serial the stored permissions, both as key and value
|
||||
*/
|
||||
private final Hashtable perms = new Hashtable();
|
||||
|
||||
/**
|
||||
* Add a permission. We don't need to check for read-only, as this
|
||||
* collection is never exposed outside of Permissions, which has already
|
||||
* done that check.
|
||||
*
|
||||
* @param perm the permission to add
|
||||
*/
|
||||
public void add(Permission perm)
|
||||
{
|
||||
perms.put(perm, perm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if perm is in the collection.
|
||||
*
|
||||
* @param perm the permission to check
|
||||
* @return true if it is implied
|
||||
*/
|
||||
// FIXME: Should this method be synchronized?
|
||||
public boolean implies(Permission perm)
|
||||
{
|
||||
Enumeration elements = elements();
|
||||
|
||||
while (elements.hasMoreElements())
|
||||
{
|
||||
Permission p = (Permission)elements.nextElement();
|
||||
if (p.implies(perm))
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the elements.
|
||||
*
|
||||
* @return the elements
|
||||
*/
|
||||
public Enumeration elements()
|
||||
{
|
||||
return perms.elements();
|
||||
}
|
||||
} // class PermissionsHash
|
||||
} // class Permissions
|
||||
@@ -1,310 +0,0 @@
|
||||
/* Policy.java --- Policy Manager Class
|
||||
Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.Enumeration;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* <p>This is an abstract class for representing the system security policy for
|
||||
* a Java application environment (specifying which permissions are available
|
||||
* for code from various sources). That is, the security policy is represented
|
||||
* by a <code>Policy</code> subclass providing an implementation of the abstract
|
||||
* methods in this <code>Policy</code> class.</p>
|
||||
*
|
||||
* <p>There is only one <code>Policy</code> object in effect at any given time.
|
||||
* </p>
|
||||
*
|
||||
* <p>The source location for the policy information utilized by the
|
||||
* <code>Policy</code> object is up to the <code>Policy</code> implementation.
|
||||
* The policy configuration may be stored, for example, as a flat ASCII file, as
|
||||
* a serialized binary file of the <code>Policy</code> class, or as a database.
|
||||
* </p>
|
||||
*
|
||||
* <p>The currently-installed <code>Policy</code> object can be obtained by
|
||||
* calling the <code>getPolicy()</code> method, and it can be changed by a call
|
||||
* to the <code>setPolicy()</code> method (by code with permission to reset the
|
||||
* <code>Policy</code>).</p>
|
||||
*
|
||||
* <p>The <code>refresh()</code> method causes the policy object to refresh /
|
||||
* reload its current configuration.</p>
|
||||
*
|
||||
* <p>This is implementation-dependent. For example, if the policy object stores
|
||||
* its policy in configuration files, calling <code>refresh()</code> will cause
|
||||
* it to re-read the configuration policy files. The refreshed policy may not
|
||||
* have an effect on classes in a particular {@link ProtectionDomain}. This is
|
||||
* dependent on the <code>Policy</code> provider's implementation of the
|
||||
* <code>implies()</code> method and the {@link PermissionCollection} caching
|
||||
* strategy.</p>
|
||||
*
|
||||
* <p>The default <code>Policy</code> implementation can be changed by setting
|
||||
* the value of the <code>"policy.provider"</code> security property (in the
|
||||
* Java security properties file) to the fully qualified name of the desired
|
||||
* <code>Policy</code> implementation class. The Java security properties file
|
||||
* is located in the file named <code><JAVA_HOME>/lib/security/java.security
|
||||
* </code>, where <code><JAVA_HOME></code> refers to the directory where the
|
||||
* SDK was installed.</p>
|
||||
*
|
||||
* <p><b>IMPLEMENTATION NOTE:</b> This implementation attempts to read the
|
||||
* System property named <code>policy.provider</code> to find the concrete
|
||||
* implementation of the <code>Policy</code>. If/when this fails, it falls back
|
||||
* to a default implementation, which <b>allows everything</b>.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @see CodeSource
|
||||
* @see PermissionCollection
|
||||
* @see SecureClassLoader
|
||||
* @since 1.2
|
||||
*/
|
||||
public abstract class Policy
|
||||
{
|
||||
private static Policy currentPolicy;
|
||||
|
||||
/** Map of ProtectionDomains to PermissionCollections for this instance. */
|
||||
private Map pd2pc = null;
|
||||
|
||||
/** Constructs a new <code>Policy</code> object. */
|
||||
public Policy()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the installed <code>Policy</code> object. This value should not be
|
||||
* cached, as it may be changed by a call to <code>setPolicy()</code>. This
|
||||
* method first calls {@link SecurityManager#checkPermission(Permission)} with
|
||||
* a <code>SecurityPermission("getPolicy")</code> permission to ensure it's ok
|
||||
* to get the <code>Policy</code> object.
|
||||
*
|
||||
* @return the installed <code>Policy</code>.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkPermission()</code> method doesn't allow getting the
|
||||
* <code>Policy</code> object.
|
||||
* @see SecurityManager#checkPermission(Permission)
|
||||
* @see #setPolicy(Policy)
|
||||
*/
|
||||
public static Policy getPolicy()
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkPermission(new SecurityPermission("getPolicy"));
|
||||
|
||||
return getCurrentPolicy();
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the system-wide <code>Policy</code> object. This method first calls
|
||||
* {@link SecurityManager#checkPermission(Permission)} with a
|
||||
* <code>SecurityPermission("setPolicy")</code> permission to ensure it's ok
|
||||
* to set the <code>Policy</code>.
|
||||
*
|
||||
* @param policy the new system <code>Policy</code> object.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkPermission()</code> method doesn't allow setting the
|
||||
* <code>Policy</code>.
|
||||
* @see SecurityManager#checkPermission(Permission)
|
||||
* @see #getPolicy()
|
||||
*/
|
||||
public static void setPolicy(Policy policy)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkPermission(new SecurityPermission("setPolicy"));
|
||||
|
||||
setup(policy);
|
||||
currentPolicy = policy;
|
||||
}
|
||||
|
||||
private static void setup(final Policy policy)
|
||||
{
|
||||
if (policy.pd2pc == null)
|
||||
policy.pd2pc = Collections.synchronizedMap(new LinkedHashMap());
|
||||
|
||||
ProtectionDomain pd = policy.getClass().getProtectionDomain();
|
||||
if (pd.getCodeSource() != null)
|
||||
{
|
||||
PermissionCollection pc = null;
|
||||
if (currentPolicy != null)
|
||||
pc = currentPolicy.getPermissions(pd);
|
||||
|
||||
if (pc == null) // assume it has all
|
||||
{
|
||||
pc = new Permissions();
|
||||
pc.add(new AllPermission());
|
||||
}
|
||||
|
||||
policy.pd2pc.put(pd, pc); // add the mapping pd -> pc
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Ensures/forces loading of the configured policy provider, while bypassing
|
||||
* the {@link SecurityManager} checks for <code>"getPolicy"</code> security
|
||||
* permission. Needed by {@link ProtectionDomain}.
|
||||
*/
|
||||
static Policy getCurrentPolicy()
|
||||
{
|
||||
// FIXME: The class name of the Policy provider should really be sourced
|
||||
// from the "java.security" configuration file. For now, just hard-code
|
||||
// a stub implementation.
|
||||
if (currentPolicy == null)
|
||||
{
|
||||
String pp = System.getProperty ("policy.provider");
|
||||
if (pp != null)
|
||||
try
|
||||
{
|
||||
currentPolicy = (Policy) Class.forName(pp).newInstance();
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
// Ignored.
|
||||
}
|
||||
|
||||
if (currentPolicy == null)
|
||||
currentPolicy = new gnu.java.security.provider.DefaultPolicy();
|
||||
}
|
||||
return currentPolicy;
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests if <code>currentPolicy</code> is not <code>null</code>,
|
||||
* thus allowing clients to not force loading of any policy
|
||||
* provider; needed by {@link ProtectionDomain}.
|
||||
*/
|
||||
static boolean isLoaded()
|
||||
{
|
||||
return currentPolicy != null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Evaluates the global policy and returns a {@link PermissionCollection}
|
||||
* object specifying the set of permissions allowed for code from the
|
||||
* specified code source.
|
||||
*
|
||||
* @param codesource the {@link CodeSource} associated with the caller. This
|
||||
* encapsulates the original location of the code (where the code came from)
|
||||
* and the public key(s) of its signer.
|
||||
* @return the set of permissions allowed for code from codesource according
|
||||
* to the policy. The returned set of permissions must be a new mutable
|
||||
* instance and it must support heterogeneous {@link Permission} types.
|
||||
*/
|
||||
public abstract PermissionCollection getPermissions(CodeSource codesource);
|
||||
|
||||
/**
|
||||
* Evaluates the global policy and returns a {@link PermissionCollection}
|
||||
* object specifying the set of permissions allowed given the characteristics
|
||||
* of the protection domain.
|
||||
*
|
||||
* @param domain the {@link ProtectionDomain} associated with the caller.
|
||||
* @return the set of permissions allowed for the domain according to the
|
||||
* policy. The returned set of permissions must be a new mutable instance and
|
||||
* it must support heterogeneous {@link Permission} types.
|
||||
* @since 1.4
|
||||
* @see ProtectionDomain
|
||||
* @see SecureClassLoader
|
||||
*/
|
||||
public PermissionCollection getPermissions(ProtectionDomain domain)
|
||||
{
|
||||
if (domain == null)
|
||||
return new Permissions();
|
||||
|
||||
if (pd2pc == null)
|
||||
setup(this);
|
||||
|
||||
PermissionCollection result = (PermissionCollection) pd2pc.get(domain);
|
||||
if (result != null)
|
||||
{
|
||||
Permissions realResult = new Permissions();
|
||||
for (Enumeration e = result.elements(); e.hasMoreElements(); )
|
||||
realResult.add((Permission) e.nextElement());
|
||||
|
||||
return realResult;
|
||||
}
|
||||
|
||||
result = getPermissions(domain.getCodeSource());
|
||||
if (result == null)
|
||||
result = new Permissions();
|
||||
|
||||
PermissionCollection pc = domain.getPermissions();
|
||||
if (pc != null)
|
||||
for (Enumeration e = pc.elements(); e.hasMoreElements(); )
|
||||
result.add((Permission) e.nextElement());
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Evaluates the global policy for the permissions granted to the {@link
|
||||
* ProtectionDomain} and tests whether the <code>permission</code> is granted.
|
||||
*
|
||||
* @param domain the {@link ProtectionDomain} to test.
|
||||
* @param permission the {@link Permission} object to be tested for
|
||||
* implication.
|
||||
* @return <code>true</code> if <code>permission</code> is a proper subset of
|
||||
* a permission granted to this {@link ProtectionDomain}.
|
||||
* @since 1.4
|
||||
* @see ProtectionDomain
|
||||
*/
|
||||
public boolean implies(ProtectionDomain domain, Permission permission)
|
||||
{
|
||||
if (pd2pc == null)
|
||||
setup(this);
|
||||
|
||||
PermissionCollection pc = (PermissionCollection) pd2pc.get(domain);
|
||||
if (pc != null)
|
||||
return pc.implies(permission);
|
||||
|
||||
boolean result = false;
|
||||
pc = getPermissions(domain);
|
||||
if (pc != null)
|
||||
{
|
||||
result = pc.implies(permission);
|
||||
pd2pc.put(domain, pc);
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Refreshes/reloads the policy configuration. The behavior of this method
|
||||
* depends on the implementation. For example, calling refresh on a file-based
|
||||
* policy will cause the file to be re-read.
|
||||
*/
|
||||
public abstract void refresh();
|
||||
}
|
||||
@@ -1,85 +0,0 @@
|
||||
/* Principal.java -- A security entity
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This interface models an entity (such as a user or a certificate authority)
|
||||
* for the purposes of applying the Java security model.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see X509Certificate
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface Principal
|
||||
{
|
||||
/**
|
||||
* This method tests another <code>Principal</code> object for equality
|
||||
* with this one.
|
||||
*
|
||||
* @param obj the Object to test for equality
|
||||
* @return true if the specified <code>Principal</code> is equal
|
||||
*/
|
||||
boolean equals(Object obj);
|
||||
|
||||
/**
|
||||
* This method returns a <code>String</code> representation of this
|
||||
* <code>Principal</code>.
|
||||
*
|
||||
* @return this <code>Principal</code> represented as a <code>String</code>
|
||||
*/
|
||||
String toString();
|
||||
|
||||
/**
|
||||
* This method returns a hash code value for this <code>Principal</code>.
|
||||
* Remember the contract of hashCode - two objects which compare as
|
||||
* equals() must have the same hashCode().
|
||||
*
|
||||
* @return a hash value
|
||||
*/
|
||||
int hashCode();
|
||||
|
||||
/**
|
||||
* This method returns a <code>String</code> that names this
|
||||
* <code>Principal</code>.
|
||||
*
|
||||
* @return the name of this <code>Principal</code>
|
||||
*/
|
||||
String getName();
|
||||
} // interface Principal
|
||||
@@ -1,62 +0,0 @@
|
||||
/* PrivateKey.java -- tagging interface for all private keys
|
||||
Copyright (C) 1998, 2001, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This interface specified no methods. In simply provides a common
|
||||
* super-interface for all algorithm specific private key values.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see Key
|
||||
* @see PublicKey
|
||||
* @see Certificate
|
||||
* @see Signature#initVerify(PublicKey)
|
||||
* @see DSAPrivateKey
|
||||
* @see RSAPrivateKey
|
||||
* @see RSAPrivateCrtKey
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface PrivateKey extends Key
|
||||
{
|
||||
/**
|
||||
* The version identifier used for serialization.
|
||||
*/
|
||||
long serialVersionUID = 6034044314589513430L;
|
||||
} // interface PrivateKey
|
||||
@@ -1,64 +0,0 @@
|
||||
/* PrivilegedAction.java -- Perform a privileged action
|
||||
Copyright (C) 1998, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This interface specifes a single <code>run</code> method that
|
||||
* executes a privileged operation. This method is called by
|
||||
* <code>AccessController.doPrivileged()</code> after that method
|
||||
* activiates the required privileges.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see AccessController
|
||||
* @see PrivilegedExceptionAction
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface PrivilegedAction
|
||||
{
|
||||
/**
|
||||
* This method performs an operation that requires higher privileges to
|
||||
* perform. It is called when a section of code invokes
|
||||
* <code>AccessController.doPrivileged()</code>.
|
||||
*
|
||||
* @return obj An implementation dependent return value
|
||||
* @see AccessController#doPrivileged(PrivilegedAction)
|
||||
* @see AccessController#doPrivileged(PrivilegedAction, AccessControlContext)
|
||||
*/
|
||||
Object run();
|
||||
} // interface PrivilegedAction
|
||||
@@ -1,109 +0,0 @@
|
||||
/* PrivilegedActionException.java -- wrap an exception in a privileged action
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception is thrown when an exception is thrown during a
|
||||
* privileged action being performed with the
|
||||
* <code>AccessController.doPrivileged()</code> method. It wraps the
|
||||
* actual exception thrown in the privileged code.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @see PrivilegedExceptionAction
|
||||
* @see AccessController#doPrivileged(PrivilegedExceptionAction)
|
||||
* @see AccessController#doPrivileged(PrivilegedExceptionAction, AccessControlContext)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class PrivilegedActionException extends Exception
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 4724086851538908602L;
|
||||
|
||||
/**
|
||||
* This is the actual exception that occurred.
|
||||
*
|
||||
* @serial the wrapped exception
|
||||
*/
|
||||
private Exception exception;
|
||||
|
||||
/**
|
||||
* Create a new instance that wraps the specified <code>Exception</code>.
|
||||
*
|
||||
* @param e the <code>Exception</code> to wrap
|
||||
*/
|
||||
public PrivilegedActionException(Exception e)
|
||||
{
|
||||
super(e);
|
||||
exception = e;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the underlying <code>Exception</code> that caused this one. This
|
||||
* is a legacy method, the preferred way is {@link #getCause()}.
|
||||
*
|
||||
* @return the cause
|
||||
*/
|
||||
public Exception getException()
|
||||
{
|
||||
return exception;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the cause of this exception.
|
||||
*
|
||||
* @return the cause
|
||||
* @since 1.4
|
||||
*/
|
||||
public Throwable getCause()
|
||||
{
|
||||
return exception;
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert this to a String.
|
||||
*
|
||||
* @return the string representation
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return super.toString();
|
||||
}
|
||||
}
|
||||
@@ -1,65 +0,0 @@
|
||||
/* PrivilegedExceptionAction.java -- Perform a privileged operation
|
||||
Copyright (C) 1998, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This interface defines a method that is called by
|
||||
* <code>AccessController.doPrivileged()</code> in order to perform a
|
||||
* privileged operation with higher privileges enabled. This interface
|
||||
* differs from <code>PrivilegedAction</code> in that the <code>run</code>
|
||||
* method in this interface may throw a checked exception.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface PrivilegedExceptionAction
|
||||
{
|
||||
/**
|
||||
* This method performs an operation that requires higher privileges to
|
||||
* successfully complete. It is called when a section of code invokes
|
||||
* <code>AccessController.doPrivileged()</code>.
|
||||
*
|
||||
* @return obj An implementation defined return value
|
||||
* @throws Exception An implementation specific exception
|
||||
* @see AccessController#doPrivileged(PrivilegedExceptionAction)
|
||||
* @see AccessController#doPrivileged(PrivilegedExceptionAction,
|
||||
* AccessControlContext)
|
||||
*/
|
||||
Object run() throws Exception;
|
||||
} // interface PrivilegedExceptionAction
|
||||
@@ -1,269 +0,0 @@
|
||||
/* ProtectionDomain.java -- A security domain
|
||||
Copyright (C) 1998, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* <p>This <code>ProtectionDomain</code> class encapsulates the characteristics
|
||||
* of a domain, which encloses a set of classes whose instances are granted a
|
||||
* set of permissions when being executed on behalf of a given set of
|
||||
* <i>Principals</i>.
|
||||
*
|
||||
* <p>A static set of permissions can be bound to a <code>ProtectionDomain</code>
|
||||
* when it is constructed; such permissions are granted to the domain regardless
|
||||
* of the {@link Policy} in force. However, to support dynamic security
|
||||
* policies, a <code>ProtectionDomain</code> can also be constructed such that
|
||||
* it is dynamically mapped to a set of permissions by the current {@link
|
||||
* Policy} whenever a permission is checked.</p>
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @version 0.0
|
||||
*/
|
||||
public class ProtectionDomain
|
||||
{
|
||||
/** This is the <code>CodeSource</code> for this protection domain. */
|
||||
private CodeSource code_source;
|
||||
|
||||
/** This is the set of permissions granted to this domain. */
|
||||
private PermissionCollection perms;
|
||||
|
||||
/** The {@link ClassLoader} associated with this domain. */
|
||||
private ClassLoader classloader;
|
||||
|
||||
/** The array of Principals associated with this domain.. */
|
||||
private Principal[] principals;
|
||||
|
||||
/** Post 1.4 the policy may be refreshed! use false for pre 1.4. */
|
||||
private boolean staticBinding;
|
||||
|
||||
/**
|
||||
* Creates a new <code>ProtectionDomain</code> with the given {@link
|
||||
* CodeSource} and {@link Permissions}. If the permissions object is not
|
||||
* <code>null</code>, then <code>setReadOnly()</code> will be called on the
|
||||
* passed in {@link Permissions} object. The only permissions granted to this
|
||||
* domain are the ones specified; the current {@link Policy} will not be
|
||||
* consulted.
|
||||
*
|
||||
* @param codesource the codesource associated with this domain.
|
||||
* @param permissions the permissions granted to this domain
|
||||
*/
|
||||
public ProtectionDomain(CodeSource codesource, PermissionCollection permissions)
|
||||
{
|
||||
this(codesource, permissions, null, null, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Creates a new ProtectionDomain qualified by the given CodeSource,
|
||||
* Permissions, ClassLoader and array of Principals. If the permissions
|
||||
* object is not null, then <code>setReadOnly()</code> will be called on the
|
||||
* passed in Permissions object. The permissions granted to this domain are
|
||||
* dynamic; they include both the static permissions passed to this
|
||||
* constructor, and any permissions granted to this domain by the current
|
||||
* Policy at the time a permission is checked.</p>
|
||||
*
|
||||
* <p>This constructor is typically used by {@link ClassLoader}s and {@link
|
||||
* DomainCombiner}s which delegate to <code>Policy</code> to actively
|
||||
* associate the permissions granted to this domain. This constructor affords
|
||||
* the Policy provider the opportunity to augment the supplied
|
||||
* PermissionCollection to reflect policy changes.</p>
|
||||
*
|
||||
* @param codesource the CodeSource associated with this domain.
|
||||
* @param permissions the permissions granted to this domain.
|
||||
* @param classloader the ClassLoader associated with this domain.
|
||||
* @param principals the array of Principals associated with this domain.
|
||||
* @since 1.4
|
||||
* @see Policy#refresh()
|
||||
* @see Policy#getPermissions(ProtectionDomain)
|
||||
*/
|
||||
public ProtectionDomain(CodeSource codesource,
|
||||
PermissionCollection permissions,
|
||||
ClassLoader classloader, Principal[] principals)
|
||||
{
|
||||
this(codesource, permissions, classloader, principals, false);
|
||||
}
|
||||
|
||||
private ProtectionDomain(CodeSource codesource,
|
||||
PermissionCollection permissions,
|
||||
ClassLoader classloader, Principal[] principals,
|
||||
boolean staticBinding)
|
||||
{
|
||||
super();
|
||||
|
||||
code_source = codesource;
|
||||
if (permissions != null)
|
||||
{
|
||||
perms = permissions;
|
||||
perms.setReadOnly();
|
||||
}
|
||||
|
||||
this.classloader = classloader;
|
||||
this.principals =
|
||||
(principals != null ? (Principal[]) principals.clone() : new Principal[0]);
|
||||
this.staticBinding = staticBinding;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link CodeSource} of this domain.
|
||||
*
|
||||
* @return the {@link CodeSource} of this domain which may be <code>null</code>.
|
||||
* @since 1.2
|
||||
*/
|
||||
public final CodeSource getCodeSource()
|
||||
{
|
||||
return code_source;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link ClassLoader} of this domain.
|
||||
*
|
||||
* @return the {@link ClassLoader} of this domain which may be
|
||||
* <code>null</code>.
|
||||
* @since 1.4
|
||||
*/
|
||||
public final ClassLoader getClassLoader()
|
||||
{
|
||||
return this.classloader;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an array of principals for this domain.
|
||||
*
|
||||
* @return returns a non-null array of principals for this domain. Changes to
|
||||
* this array will have no impact on the <code>ProtectionDomain</code>.
|
||||
* @since 1.4
|
||||
*/
|
||||
public final Principal[] getPrincipals()
|
||||
{
|
||||
return (Principal[]) principals.clone();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the static permissions granted to this domain.
|
||||
*
|
||||
* @return the static set of permissions for this domain which may be
|
||||
* <code>null</code>.
|
||||
* @see Policy#refresh()
|
||||
* @see Policy#getPermissions(ProtectionDomain)
|
||||
*/
|
||||
public final PermissionCollection getPermissions()
|
||||
{
|
||||
return perms;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Check and see if this <code>ProtectionDomain</code> implies the
|
||||
* permissions expressed in the <code>Permission</code> object.</p>
|
||||
*
|
||||
* <p>The set of permissions evaluated is a function of whether the
|
||||
* <code>ProtectionDomain</code> was constructed with a static set of
|
||||
* permissions or it was bound to a dynamically mapped set of permissions.</p>
|
||||
*
|
||||
* <p>If the <code>ProtectionDomain</code> was constructed to a statically
|
||||
* bound {@link PermissionCollection} then the permission will only be checked
|
||||
* against the {@link PermissionCollection} supplied at construction.</p>
|
||||
*
|
||||
* <p>However, if the <code>ProtectionDomain</code> was constructed with the
|
||||
* constructor variant which supports dynamically binding permissions, then
|
||||
* the permission will be checked against the combination of the
|
||||
* {@link PermissionCollection} supplied at construction and the current
|
||||
* {@link Policy} binding.
|
||||
*
|
||||
* @param permission the {@link Permission} object to check.
|
||||
* @return <code>true</code> if <code>permission</code> is implicit to this
|
||||
* <code>ProtectionDomain</code>.
|
||||
*/
|
||||
public boolean implies(Permission permission)
|
||||
{
|
||||
if (staticBinding)
|
||||
return (perms == null ? false : perms.implies(permission));
|
||||
// Else dynamically bound. Do we have it?
|
||||
// NOTE: this will force loading of Policy.currentPolicy
|
||||
return Policy.getCurrentPolicy().implies(this, permission);
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert a <code>ProtectionDomain</code> to a String.
|
||||
*
|
||||
* @return a string representation of the object.
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
String linesep = System.getProperty("line.separator");
|
||||
StringBuffer sb = new StringBuffer("ProtectionDomain (").append(linesep);
|
||||
|
||||
if (code_source == null)
|
||||
sb.append("CodeSource:null");
|
||||
else
|
||||
sb.append(code_source);
|
||||
|
||||
sb.append(linesep);
|
||||
if (classloader == null)
|
||||
sb.append("ClassLoader:null");
|
||||
else
|
||||
sb.append(classloader);
|
||||
|
||||
sb.append(linesep);
|
||||
sb.append("Principals:");
|
||||
if (principals != null && principals.length > 0)
|
||||
{
|
||||
sb.append("[");
|
||||
Principal pal;
|
||||
for (int i = 0; i < principals.length; i++)
|
||||
{
|
||||
pal = principals[i];
|
||||
sb.append("'").append(pal.getName())
|
||||
.append("' of type ").append(pal.getClass().getName());
|
||||
if (i < principals.length-1)
|
||||
sb.append(", ");
|
||||
}
|
||||
sb.append("]");
|
||||
}
|
||||
else
|
||||
sb.append("none");
|
||||
|
||||
sb.append(linesep);
|
||||
if (!staticBinding) // include all but dont force loading Policy.currentPolicy
|
||||
if (Policy.isLoaded())
|
||||
sb.append(Policy.getCurrentPolicy().getPermissions(this));
|
||||
else // fallback on this one's permissions
|
||||
sb.append(perms);
|
||||
else
|
||||
sb.append(perms);
|
||||
|
||||
return sb.append(linesep).append(")").append(linesep).toString();
|
||||
}
|
||||
}
|
||||
@@ -1,202 +0,0 @@
|
||||
/* Provider.java -- Security provider information
|
||||
Copyright (C) 1998, 1999, 2000, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
* This class represents a Java security architecture service provider.
|
||||
* The services provided by a such a provider can range from security
|
||||
* algorithms to key generation.
|
||||
* <p>
|
||||
* Providers are installed by name and version number. There is one
|
||||
* standard provider supplied with the class library. This is the
|
||||
* "GNU" provider, which can also be accessed by the alias "SUN" for
|
||||
* compatibility with the JDK.
|
||||
*
|
||||
* @version 0.0
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
*/
|
||||
public abstract class Provider extends Properties implements Serializable
|
||||
{
|
||||
private static final long serialVersionUID = -4298000515446427739L;
|
||||
|
||||
/**
|
||||
* This is a textual description of the provider
|
||||
*/
|
||||
private String info;
|
||||
|
||||
/**
|
||||
* This is the name of the provider
|
||||
*/
|
||||
private String name;
|
||||
|
||||
/**
|
||||
* This is the version number of the provider
|
||||
*/
|
||||
private double version;
|
||||
|
||||
/**
|
||||
* This method initializes a new instance of <code>Provider</code> to have
|
||||
* the specified name, version, and description information.
|
||||
*
|
||||
* @param name The name to assign to this <code>Provider</code>.
|
||||
* @param version The version number for this <code>Provider</code>.
|
||||
* @param info A textual description of this provider.
|
||||
*/
|
||||
protected Provider(String name, double version, String info)
|
||||
{
|
||||
this.name = name;
|
||||
this.version = version;
|
||||
this.info = info;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns the name assigned to this <code>Provider</code>.
|
||||
*
|
||||
* @return The <code>Provider</code>'s name.
|
||||
*/
|
||||
public String getName()
|
||||
{
|
||||
return (name);
|
||||
}
|
||||
|
||||
/**
|
||||
* This method retunrs the version number of this <code>Provider</code>.
|
||||
*
|
||||
* @return The <code>Provider</code>'s version number.
|
||||
*/
|
||||
public double getVersion()
|
||||
{
|
||||
return (version);
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a textual description of the <code>Provider</code>.
|
||||
*
|
||||
* @return A description of the <code>Provider</code>.
|
||||
*/
|
||||
public String getInfo()
|
||||
{
|
||||
return (info);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key property to have the specified value.
|
||||
* <p>
|
||||
* <bold>NOT IMPLEMENTED YET</bold>[
|
||||
* First, if there is a security manager, its <code>checkSecurityAccess</code>
|
||||
* method is called with the string "putProviderProperty."+name, where name is
|
||||
* the provider name, to see if it's ok to set this provider's property
|
||||
* values.
|
||||
* If the default implementation of <code>checkSecurityAccess</code> is used
|
||||
* (that is, that method is not overriden), then this results in a call to the
|
||||
* security manager's <code>checkPermission</code> method with a
|
||||
* <code>SecurityPermission("putProviderProperty."+name)</code>
|
||||
* permission.<br>]
|
||||
*
|
||||
* @param key The property key.
|
||||
* @param value The property value.
|
||||
*
|
||||
* @return The previous value of the specified property (<code>key</code>),
|
||||
* or <code>null</code> if it did not have one.
|
||||
* @throws SecurityException If a security manager exists and its
|
||||
* {@link java.lang.SecurityManager.checkSecurityAccess(java.lang.String)}
|
||||
* method denies access to set property values.
|
||||
* @since Classpath 0.4+cvs, JDK 1.2
|
||||
* @see java.lang.Object.equals(Object)
|
||||
* @see java.util.Hashtable.get(Object)
|
||||
*/
|
||||
public Object put(Object key, Object value)
|
||||
{
|
||||
return super.put(toCanonicalKey(key), value);
|
||||
}
|
||||
|
||||
// overrides same in java.util.Hashtable
|
||||
public Object get(Object key)
|
||||
{
|
||||
return super.get(toCanonicalKey(key));
|
||||
}
|
||||
|
||||
/**
|
||||
* This method removes the specified key entry (and its associated value)
|
||||
* from the property mapping list.
|
||||
*
|
||||
* @param key The key to remove
|
||||
*
|
||||
* @return The previous value for this key, or <code>null</code> if no
|
||||
* previous value.
|
||||
*/
|
||||
public Object remove(Object key)
|
||||
{
|
||||
return super.remove(toCanonicalKey(key));
|
||||
}
|
||||
|
||||
/**
|
||||
* This method clears the entire property list such that it no longer
|
||||
* contains the properties used to look up the services provided by
|
||||
* the <code>Provider</code>.
|
||||
*/
|
||||
public void clear()
|
||||
{
|
||||
super.clear();
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a <code>String</code> representation of this
|
||||
* object. This will include the <code>Provider</code> name and
|
||||
* version number.
|
||||
*
|
||||
* @return A <code>String</code> representation of this object.
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return (getClass().getName() + ": name=" + getName() + " version=" +
|
||||
version);
|
||||
}
|
||||
|
||||
private Object toCanonicalKey(Object key)
|
||||
{
|
||||
if (key.getClass().isAssignableFrom(String.class)) // is it ours?
|
||||
return ((String) key).toUpperCase(); // use default locale
|
||||
else
|
||||
return key;
|
||||
}
|
||||
}
|
||||
@@ -1,70 +0,0 @@
|
||||
/* ProviderException.java -- Generic security provider runtime exception
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception indicates that a runtime problem was encounterd with
|
||||
* a security provider.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class ProviderException extends RuntimeException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 5256023526693665674L;
|
||||
|
||||
/**
|
||||
* Create an instance with no descriptive error message.
|
||||
*/
|
||||
public ProviderException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an instance with a descriptive error message.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
*/
|
||||
public ProviderException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,60 +0,0 @@
|
||||
/* PublicKey.java -- tagging interface for all public keys
|
||||
Copyright (C) 1998, 2001, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This interface specified no methods. In simply provides a common
|
||||
* super-interface for all algorithm specific public key values.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see Key
|
||||
* @see PrivateKey
|
||||
* @see Certificate
|
||||
* @see Signature#initVerify(PublicKey)
|
||||
* @see DSAPublicKey
|
||||
* @see RSAPublicKey
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public interface PublicKey extends Key
|
||||
{
|
||||
/**
|
||||
* The version identifier used for serialization.
|
||||
*/
|
||||
long serialVersionUID = 7187392471159151072L;
|
||||
} // interface PublicKey
|
||||
@@ -1,128 +0,0 @@
|
||||
/* SecureClassLoader.java --- A Secure Class Loader
|
||||
Copyright (C) 1999, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* A Secure Class Loader for loading classes with additional
|
||||
* support for specifying code source and permissions when
|
||||
* they are retrieved by the system policy handler.
|
||||
*
|
||||
* @since 1.2
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
*/
|
||||
public class SecureClassLoader extends ClassLoader
|
||||
{
|
||||
java.util.WeakHashMap protectionDomainCache = new java.util.WeakHashMap();
|
||||
|
||||
protected SecureClassLoader(ClassLoader parent)
|
||||
{
|
||||
super(parent);
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if(sm != null)
|
||||
sm.checkCreateClassLoader();
|
||||
}
|
||||
|
||||
protected SecureClassLoader()
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if(sm != null)
|
||||
sm.checkCreateClassLoader();
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a class using an array of bytes and a
|
||||
* CodeSource.
|
||||
*
|
||||
* @param name the name to give the class. null if unknown.
|
||||
* @param b the data representing the classfile, in classfile format.
|
||||
* @param off the offset into the data where the classfile starts.
|
||||
* @param len the length of the classfile data in the array.
|
||||
* @param cs the CodeSource for the class or null when unknown.
|
||||
*
|
||||
* @return the class that was defined and optional CodeSource.
|
||||
*
|
||||
* @exception ClassFormatError if the byte array is not in proper classfile format.
|
||||
*/
|
||||
protected final Class defineClass(String name, byte[] b, int off, int len,
|
||||
CodeSource cs)
|
||||
{
|
||||
if (cs != null)
|
||||
{
|
||||
ProtectionDomain protectionDomain;
|
||||
|
||||
synchronized (protectionDomainCache)
|
||||
{
|
||||
protectionDomain = (ProtectionDomain)protectionDomainCache.get(cs);
|
||||
}
|
||||
|
||||
if (protectionDomain == null)
|
||||
{
|
||||
protectionDomain
|
||||
= new ProtectionDomain(cs, getPermissions(cs), this, null);
|
||||
synchronized (protectionDomainCache)
|
||||
{
|
||||
ProtectionDomain domain
|
||||
= (ProtectionDomain)protectionDomainCache.get(cs);
|
||||
if (domain == null)
|
||||
protectionDomainCache.put(cs, protectionDomain);
|
||||
else
|
||||
protectionDomain = domain;
|
||||
}
|
||||
}
|
||||
return super.defineClass(name, b, off, len, protectionDomain);
|
||||
}
|
||||
else
|
||||
return super.defineClass(name, b, off, len);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a PermissionCollection for the specified CodeSource.
|
||||
* The default implementation invokes
|
||||
* java.security.Policy.getPermissions.
|
||||
*
|
||||
* This method is called by defineClass that takes a CodeSource
|
||||
* arguement to build a proper ProtectionDomain for the class
|
||||
* being defined.
|
||||
*/
|
||||
protected PermissionCollection getPermissions(CodeSource cs)
|
||||
{
|
||||
Policy policy = Policy.getCurrentPolicy();
|
||||
return policy.getPermissions(cs);
|
||||
}
|
||||
}
|
||||
@@ -1,380 +0,0 @@
|
||||
/* SecureRandom.java --- Secure Random class implementation
|
||||
Copyright (C) 1999, 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.util.Enumeration;
|
||||
import java.util.Random;
|
||||
|
||||
/**
|
||||
* An interface to a cryptographically secure pseudo-random number
|
||||
* generator (PRNG). Random (or at least unguessable) numbers are used
|
||||
* in all areas of security and cryptography, from the generation of
|
||||
* keys and initialization vectors to the generation of random padding
|
||||
* bytes.
|
||||
*
|
||||
* @author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
* @author Casey Marshall
|
||||
*/
|
||||
public class SecureRandom extends Random
|
||||
{
|
||||
|
||||
// Constants and fields.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/** Service name for PRNGs. */
|
||||
private static final String SECURE_RANDOM = "SecureRandom";
|
||||
|
||||
private static final long serialVersionUID = 4940670005562187L;
|
||||
|
||||
//Serialized Field
|
||||
long counter = 0; //Serialized
|
||||
Provider provider = null;
|
||||
byte[] randomBytes = null; //Always null
|
||||
int randomBytesUsed = 0;
|
||||
SecureRandomSpi secureRandomSpi = null;
|
||||
byte[] state = null;
|
||||
|
||||
// Constructors.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
Default constructor for SecureRandom. It constructs a
|
||||
new SecureRandom by instantating the first SecureRandom
|
||||
algorithm in the default security provier.
|
||||
|
||||
It is not seeded and should be seeded using setSeed or else
|
||||
on the first call to getnextBytes it will force a seed.
|
||||
|
||||
It is maintained for backwards compatibility and programs
|
||||
should use {@link #getInstance(java.lang.String)}.
|
||||
*/
|
||||
public SecureRandom()
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
|
||||
//Format of Key: SecureRandom.algname
|
||||
String key;
|
||||
|
||||
String classname = null;
|
||||
int i;
|
||||
Enumeration e;
|
||||
for (i = 0; i < p.length; i++)
|
||||
{
|
||||
e = p[i].propertyNames();
|
||||
while (e.hasMoreElements())
|
||||
{
|
||||
key = (String) e.nextElement();
|
||||
if (key.startsWith("SECURERANDOM."))
|
||||
{
|
||||
if ((classname = p[i].getProperty(key)) != null)
|
||||
{
|
||||
try
|
||||
{
|
||||
secureRandomSpi = (SecureRandomSpi) Class.
|
||||
forName(classname).newInstance();
|
||||
provider = p[i];
|
||||
return;
|
||||
}
|
||||
catch (ThreadDeath death)
|
||||
{
|
||||
throw death;
|
||||
}
|
||||
catch (Throwable t)
|
||||
{
|
||||
// Ignore.
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Nothing found. Fall back to SHA1PRNG
|
||||
secureRandomSpi = new gnu.java.security.provider.SHA1PRNG();
|
||||
}
|
||||
|
||||
/**
|
||||
A constructor for SecureRandom. It constructs a new
|
||||
SecureRandom by instantating the first SecureRandom algorithm
|
||||
in the default security provier.
|
||||
|
||||
It is seeded with the passed function and is useful if the user
|
||||
has access to hardware random device (like a radiation detector).
|
||||
|
||||
It is maintained for backwards compatibility and programs
|
||||
should use getInstance.
|
||||
|
||||
@param seed Seed bytes for class
|
||||
*/
|
||||
public SecureRandom(byte[] seed)
|
||||
{
|
||||
this();
|
||||
setSeed(seed);
|
||||
}
|
||||
|
||||
/**
|
||||
A constructor for SecureRandom. It constructs a new
|
||||
SecureRandom using the specified SecureRandomSpi from
|
||||
the specified security provier.
|
||||
|
||||
@param secureRandomSpi A SecureRandomSpi class
|
||||
@param provider A Provider class
|
||||
*/
|
||||
protected SecureRandom(SecureRandomSpi secureRandomSpi, Provider provider)
|
||||
{
|
||||
this.secureRandomSpi = secureRandomSpi;
|
||||
this.provider = provider;
|
||||
}
|
||||
|
||||
// Class methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Returns an instance of a SecureRandom. It creates the class from
|
||||
* the first provider that implements it.
|
||||
*
|
||||
* @param algorithm The algorithm name.
|
||||
* @return A new SecureRandom implementing the given algorithm.
|
||||
* @throws NoSuchAlgorithmException If no installed provider implements
|
||||
* the given algorithm.
|
||||
*/
|
||||
public static SecureRandom getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignore.
|
||||
}
|
||||
}
|
||||
|
||||
// None found.
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an instance of a SecureRandom. It creates the class
|
||||
* for the specified algorithm from the named provider.
|
||||
*
|
||||
* @param algorithm The algorithm name.
|
||||
* @param provider The provider name.
|
||||
* @return A new SecureRandom implementing the chosen algorithm.
|
||||
* @throws NoSuchAlgorithmException If the named provider does not implement
|
||||
* the algorithm, or if the implementation cannot be
|
||||
* instantiated.
|
||||
* @throws NoSuchProviderException If no provider named
|
||||
* <code>provider</code> is currently installed.
|
||||
* @throws IllegalArgumentException If <code>provider</code> is null
|
||||
* or is empty.
|
||||
*/
|
||||
public static SecureRandom getInstance(String algorithm, String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
if (provider == null || provider.length() == 0)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an instance of a SecureRandom. It creates the class for
|
||||
* the specified algorithm from the given provider.
|
||||
*
|
||||
* @param algorithm The SecureRandom algorithm to create.
|
||||
* @param provider The provider to get the instance from.
|
||||
* @throws NoSuchAlgorithmException If the algorithm cannot be found, or
|
||||
* if the class cannot be instantiated.
|
||||
* @throws IllegalArgumentException If <code>provider</code> is null.
|
||||
*/
|
||||
public static SecureRandom getInstance(String algorithm, Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
try
|
||||
{
|
||||
return new SecureRandom((SecureRandomSpi)
|
||||
Engine.getInstance(SECURE_RANDOM, algorithm, provider),
|
||||
provider);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
}
|
||||
|
||||
// Instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
Returns the provider being used by the current SecureRandom class.
|
||||
|
||||
@return The provider from which this SecureRandom was attained
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
Seeds the SecureRandom. The class is re-seeded for each call and
|
||||
each seed builds on the previous seed so as not to weaken security.
|
||||
|
||||
@param seed seed bytes to seed with
|
||||
*/
|
||||
public void setSeed(byte[] seed)
|
||||
{
|
||||
secureRandomSpi.engineSetSeed(seed);
|
||||
}
|
||||
|
||||
/**
|
||||
Seeds the SecureRandom. The class is re-seeded for each call and
|
||||
each seed builds on the previous seed so as not to weaken security.
|
||||
|
||||
@param seed 8 seed bytes to seed with
|
||||
*/
|
||||
public void setSeed(long seed)
|
||||
{
|
||||
// This particular setSeed will be called by Random.Random(), via
|
||||
// our own constructor, before secureRandomSpi is initialized. In
|
||||
// this case we can't call a method on secureRandomSpi, and we
|
||||
// definitely don't want to throw a NullPointerException.
|
||||
// Therefore we test.
|
||||
if (secureRandomSpi != null)
|
||||
{
|
||||
byte[] tmp = { (byte) (0xff & (seed >> 56)),
|
||||
(byte) (0xff & (seed >> 48)),
|
||||
(byte) (0xff & (seed >> 40)),
|
||||
(byte) (0xff & (seed >> 32)),
|
||||
(byte) (0xff & (seed >> 24)),
|
||||
(byte) (0xff & (seed >> 16)),
|
||||
(byte) (0xff & (seed >> 8)),
|
||||
(byte) (0xff & seed)
|
||||
};
|
||||
secureRandomSpi.engineSetSeed(tmp);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
Generates a user specified number of bytes. This function
|
||||
is the basis for all the random functions.
|
||||
|
||||
@param bytes array to store generated bytes in
|
||||
*/
|
||||
public void nextBytes(byte[] bytes)
|
||||
{
|
||||
randomBytesUsed += bytes.length;
|
||||
counter++;
|
||||
secureRandomSpi.engineNextBytes(bytes);
|
||||
}
|
||||
|
||||
/**
|
||||
Generates an integer containing the user specified
|
||||
number of random bits. It is right justified and padded
|
||||
with zeros.
|
||||
|
||||
@param numBits number of random bits to get, 0 <= numBits <= 32;
|
||||
|
||||
@return the random bits
|
||||
*/
|
||||
protected final int next(int numBits)
|
||||
{
|
||||
if (numBits == 0)
|
||||
return 0;
|
||||
|
||||
byte[] tmp = new byte[numBits / 8 + (1 * (numBits % 8))];
|
||||
|
||||
secureRandomSpi.engineNextBytes(tmp);
|
||||
randomBytesUsed += tmp.length;
|
||||
counter++;
|
||||
|
||||
int ret = 0;
|
||||
|
||||
for (int i = 0; i < tmp.length; i++)
|
||||
ret |= (tmp[i] & 0xFF) << (8 * i);
|
||||
|
||||
long mask = (1L << numBits) - 1;
|
||||
return (int) (ret & mask);
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the given number of seed bytes. This method is
|
||||
maintained only for backwards capability.
|
||||
|
||||
@param numBytes number of seed bytes to get
|
||||
|
||||
@return an array containing the seed bytes
|
||||
*/
|
||||
public static byte[] getSeed(int numBytes)
|
||||
{
|
||||
byte[] tmp = new byte[numBytes];
|
||||
|
||||
new Random().nextBytes(tmp);
|
||||
return tmp;
|
||||
//return secureRandomSpi.engineGenerateSeed( numBytes );
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the specified number of seed bytes.
|
||||
|
||||
@param numBytes number of seed bytes to get
|
||||
|
||||
@return an array containing the seed bytes
|
||||
*/
|
||||
public byte[] generateSeed(int numBytes)
|
||||
{
|
||||
return secureRandomSpi.engineGenerateSeed(numBytes);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -1,85 +0,0 @@
|
||||
/* SecureRandomSpi.java --- Secure Random Service Provider Interface
|
||||
Copyright (C) 1999, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
SecureRandomSpi is the Service Provider Interface for SecureRandom
|
||||
providers. It provides an interface for providers to the
|
||||
SecureRandom engine to write their own pseudo-random number
|
||||
generator.
|
||||
|
||||
@since JDK 1.2
|
||||
|
||||
@author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
*/
|
||||
public abstract class SecureRandomSpi implements Serializable
|
||||
{
|
||||
private static final long serialVersionUID = -2991854161009191830L;
|
||||
|
||||
/**
|
||||
Default Constructor for SecureRandomSpi
|
||||
*/
|
||||
public SecureRandomSpi()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
Updates the seed for SecureRandomSpi but does not reset seed.
|
||||
It does to this so repeated called never decrease randomness.
|
||||
*/
|
||||
protected abstract void engineSetSeed(byte[] seed);
|
||||
|
||||
/**
|
||||
Gets a user specified number of bytes depending on the length
|
||||
of the array?
|
||||
|
||||
@param bytes array to fill with random bytes
|
||||
*/
|
||||
protected abstract void engineNextBytes(byte[] bytes);
|
||||
|
||||
/**
|
||||
Gets a user specified number of bytes specified by the
|
||||
parameter.
|
||||
|
||||
@param numBytes number of random bytes to generate
|
||||
|
||||
@return an array full of random bytes
|
||||
*/
|
||||
protected abstract byte[] engineGenerateSeed(int numBytes);
|
||||
}
|
||||
@@ -1,740 +0,0 @@
|
||||
/* Security.java --- Java base security class implementation
|
||||
Copyright (C) 1999, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.classpath.SystemProperties;
|
||||
|
||||
import gnu.classpath.Configuration;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.net.URL;
|
||||
import java.util.Collections;
|
||||
import java.util.Enumeration;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Iterator;
|
||||
import java.util.LinkedHashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Properties;
|
||||
import java.util.Set;
|
||||
import java.util.Vector;
|
||||
|
||||
/**
|
||||
* This class centralizes all security properties and common security methods.
|
||||
* One of its primary uses is to manage providers.
|
||||
*
|
||||
* @author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
*/
|
||||
public final class Security
|
||||
{
|
||||
private static final String ALG_ALIAS = "Alg.Alias.";
|
||||
|
||||
private static Vector providers = new Vector();
|
||||
private static Properties secprops = new Properties();
|
||||
|
||||
static
|
||||
{
|
||||
String base = SystemProperties.getProperty("gnu.classpath.home.url");
|
||||
String vendor = SystemProperties.getProperty("gnu.classpath.vm.shortname");
|
||||
|
||||
// Try VM specific security file
|
||||
boolean loaded = loadProviders (base, vendor);
|
||||
|
||||
// Append classpath standard provider if possible
|
||||
if (!loadProviders (base, "classpath")
|
||||
&& !loaded
|
||||
&& providers.size() == 0)
|
||||
{
|
||||
if (Configuration.DEBUG)
|
||||
{
|
||||
/* No providers found and both security files failed to
|
||||
* load properly. Give a warning in case of DEBUG is
|
||||
* enabled. Could be done with java.util.logging later.
|
||||
*/
|
||||
System.err.println
|
||||
("WARNING: could not properly read security provider files:");
|
||||
System.err.println
|
||||
(" " + base + "/security/" + vendor
|
||||
+ ".security");
|
||||
System.err.println
|
||||
(" " + base + "/security/" + "classpath"
|
||||
+ ".security");
|
||||
System.err.println
|
||||
(" Falling back to standard GNU security provider");
|
||||
}
|
||||
providers.addElement (new gnu.java.security.provider.Gnu());
|
||||
}
|
||||
}
|
||||
// This class can't be instantiated.
|
||||
private Security()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Tries to load the vender specific security providers from the given
|
||||
* base URL. Returns true if the resource could be read and completely
|
||||
* parsed successfully, false otherwise.
|
||||
*/
|
||||
private static boolean loadProviders(String baseUrl, String vendor)
|
||||
{
|
||||
if (baseUrl == null || vendor == null)
|
||||
return false;
|
||||
|
||||
boolean result = true;
|
||||
String secfilestr = baseUrl + "/security/" + vendor + ".security";
|
||||
try
|
||||
{
|
||||
InputStream fin = new URL(secfilestr).openStream();
|
||||
secprops.load(fin);
|
||||
|
||||
int i = 1;
|
||||
String name;
|
||||
while ((name = secprops.getProperty("security.provider." + i)) != null)
|
||||
{
|
||||
Exception exception = null;
|
||||
try
|
||||
{
|
||||
providers.addElement(Class.forName(name).newInstance());
|
||||
}
|
||||
catch (ClassNotFoundException x)
|
||||
{
|
||||
exception = x;
|
||||
}
|
||||
catch (InstantiationException x)
|
||||
{
|
||||
exception = x;
|
||||
}
|
||||
catch (IllegalAccessException x)
|
||||
{
|
||||
exception = x;
|
||||
}
|
||||
|
||||
if (exception != null)
|
||||
{
|
||||
System.err.println ("WARNING: Error loading security provider "
|
||||
+ name + ": " + exception);
|
||||
result = false;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
}
|
||||
catch (IOException ignored)
|
||||
{
|
||||
result = false;
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets a specified property for an algorithm. The algorithm name should be a
|
||||
* standard name. See Appendix A in the Java Cryptography Architecture API
|
||||
* Specification & Reference for information about standard algorithm
|
||||
* names. One possible use is by specialized algorithm parsers, which may map
|
||||
* classes to algorithms which they understand (much like {@link Key} parsers
|
||||
* do).
|
||||
*
|
||||
* @param algName the algorithm name.
|
||||
* @param propName the name of the property to get.
|
||||
* @return the value of the specified property.
|
||||
* @deprecated This method used to return the value of a proprietary property
|
||||
* in the master file of the "SUN" Cryptographic Service Provider in order to
|
||||
* determine how to parse algorithm-specific parameters. Use the new
|
||||
* provider-based and algorithm-independent {@link AlgorithmParameters} and
|
||||
* {@link KeyFactory} engine classes (introduced in the Java 2 platform)
|
||||
* instead.
|
||||
*/
|
||||
public static String getAlgorithmProperty(String algName, String propName)
|
||||
{
|
||||
if (algName == null || propName == null)
|
||||
return null;
|
||||
|
||||
String property = String.valueOf(propName) + "." + String.valueOf(algName);
|
||||
Provider p;
|
||||
for (Iterator i = providers.iterator(); i.hasNext(); )
|
||||
{
|
||||
p = (Provider) i.next();
|
||||
for (Iterator j = p.keySet().iterator(); j.hasNext(); )
|
||||
{
|
||||
String key = (String) j.next();
|
||||
if (key.equalsIgnoreCase(property))
|
||||
return p.getProperty(key);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Adds a new provider, at a specified position. The position is the
|
||||
* preference order in which providers are searched for requested algorithms.
|
||||
* Note that it is not guaranteed that this preference will be respected. The
|
||||
* position is 1-based, that is, <code>1</code> is most preferred, followed by
|
||||
* <code>2</code>, and so on.</p>
|
||||
*
|
||||
* <p>If the given provider is installed at the requested position, the
|
||||
* provider that used to be at that position, and all providers with a
|
||||
* position greater than position, are shifted up one position (towards the
|
||||
* end of the list of installed providers).</p>
|
||||
*
|
||||
* <p>A provider cannot be added if it is already installed.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with the string <code>"insertProvider."+provider.
|
||||
* getName()</code> to see if it's ok to add a new provider. If the default
|
||||
* implementation of <code>checkSecurityAccess()</code> is used (i.e., that
|
||||
* method is not overriden), then this will result in a call to the security
|
||||
* manager's <code>checkPermission()</code> method with a
|
||||
* <code>SecurityPermission("insertProvider."+provider.getName())</code>
|
||||
* permission.</p>
|
||||
*
|
||||
* @param provider the provider to be added.
|
||||
* @param position the preference position that the caller would like for
|
||||
* this provider.
|
||||
* @return the actual preference position in which the provider was added, or
|
||||
* <code>-1</code> if the provider was not added because it is already
|
||||
* installed.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* {@link SecurityManager#checkSecurityAccess(String)} method denies access
|
||||
* to add a new provider.
|
||||
* @see #getProvider(String)
|
||||
* @see #removeProvider(String)
|
||||
* @see SecurityPermission
|
||||
*/
|
||||
public static int insertProviderAt(Provider provider, int position)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("insertProvider." + provider.getName());
|
||||
|
||||
position--;
|
||||
int max = providers.size ();
|
||||
for (int i = 0; i < max; i++)
|
||||
{
|
||||
if (((Provider) providers.elementAt(i)).getName().equals(provider.getName()))
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (position < 0)
|
||||
position = 0;
|
||||
if (position > max)
|
||||
position = max;
|
||||
|
||||
providers.insertElementAt(provider, position);
|
||||
|
||||
return position + 1;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Adds a provider to the next position available.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with the string <code>"insertProvider."+provider.
|
||||
* getName()</code> to see if it's ok to add a new provider. If the default
|
||||
* implementation of <code>checkSecurityAccess()</code> is used (i.e., that
|
||||
* method is not overriden), then this will result in a call to the security
|
||||
* manager's <code>checkPermission()</code> method with a
|
||||
* <code>SecurityPermission("insertProvider."+provider.getName())</code>
|
||||
* permission.</p>
|
||||
*
|
||||
* @param provider the provider to be added.
|
||||
* @return the preference position in which the provider was added, or
|
||||
* <code>-1</code> if the provider was not added because it is already
|
||||
* installed.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* {@link SecurityManager#checkSecurityAccess(String)} method denies access
|
||||
* to add a new provider.
|
||||
* @see #getProvider(String)
|
||||
* @see #removeProvider(String)
|
||||
* @see SecurityPermission
|
||||
*/
|
||||
public static int addProvider(Provider provider)
|
||||
{
|
||||
return insertProviderAt (provider, providers.size () + 1);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Removes the provider with the specified name.</p>
|
||||
*
|
||||
* <p>When the specified provider is removed, all providers located at a
|
||||
* position greater than where the specified provider was are shifted down
|
||||
* one position (towards the head of the list of installed providers).</p>
|
||||
*
|
||||
* <p>This method returns silently if the provider is not installed.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with the string <code>"removeProvider."+name</code>
|
||||
* to see if it's ok to remove the provider. If the default implementation of
|
||||
* <code>checkSecurityAccess()</code> is used (i.e., that method is not
|
||||
* overriden), then this will result in a call to the security manager's
|
||||
* <code>checkPermission()</code> method with a <code>SecurityPermission(
|
||||
* "removeProvider."+name)</code> permission.</p>
|
||||
*
|
||||
* @param name the name of the provider to remove.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* {@link SecurityManager#checkSecurityAccess(String)} method denies access
|
||||
* to remove the provider.
|
||||
* @see #getProvider(String)
|
||||
* @see #addProvider(Provider)
|
||||
*/
|
||||
public static void removeProvider(String name)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("removeProvider." + name);
|
||||
|
||||
int max = providers.size ();
|
||||
for (int i = 0; i < max; i++)
|
||||
{
|
||||
if (((Provider) providers.elementAt(i)).getName().equals(name))
|
||||
{
|
||||
providers.remove(i);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an array containing all the installed providers. The order of the
|
||||
* providers in the array is their preference order.
|
||||
*
|
||||
* @return an array of all the installed providers.
|
||||
*/
|
||||
public static Provider[] getProviders()
|
||||
{
|
||||
Provider[] array = new Provider[providers.size ()];
|
||||
providers.copyInto (array);
|
||||
return array;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the provider installed with the specified name, if any. Returns
|
||||
* <code>null</code> if no provider with the specified name is installed.
|
||||
*
|
||||
* @param name the name of the provider to get.
|
||||
* @return the provider of the specified name.
|
||||
* @see #removeProvider(String)
|
||||
* @see #addProvider(Provider)
|
||||
*/
|
||||
public static Provider getProvider(String name)
|
||||
{
|
||||
Provider p;
|
||||
int max = providers.size ();
|
||||
for (int i = 0; i < max; i++)
|
||||
{
|
||||
p = (Provider) providers.elementAt(i);
|
||||
if (p.getName().equals(name))
|
||||
return p;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Gets a security property value.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkPermission()</code>
|
||||
* method is called with a <code>SecurityPermission("getProperty."+key)</code>
|
||||
* permission to see if it's ok to retrieve the specified security property
|
||||
* value.</p>
|
||||
*
|
||||
* @param key the key of the property being retrieved.
|
||||
* @return the value of the security property corresponding to key.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* {@link SecurityManager#checkPermission(Permission)} method denies access
|
||||
* to retrieve the specified security property value.
|
||||
* @see #setProperty(String, String)
|
||||
* @see SecurityPermission
|
||||
*/
|
||||
public static String getProperty(String key)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("getProperty." + key);
|
||||
|
||||
return secprops.getProperty(key);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Sets a security property value.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkPermission()</code>
|
||||
* method is called with a <code>SecurityPermission("setProperty."+key)</code>
|
||||
* permission to see if it's ok to set the specified security property value.
|
||||
* </p>
|
||||
*
|
||||
* @param key the name of the property to be set.
|
||||
* @param datnum the value of the property to be set.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* {@link SecurityManager#checkPermission(Permission)} method denies access
|
||||
* to set the specified security property value.
|
||||
* @see #getProperty(String)
|
||||
* @see SecurityPermission
|
||||
*/
|
||||
public static void setProperty(String key, String datnum)
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("setProperty." + key);
|
||||
|
||||
secprops.put(key, datnum);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a Set of Strings containing the names of all available algorithms
|
||||
* or types for the specified Java cryptographic service (e.g., Signature,
|
||||
* MessageDigest, Cipher, Mac, KeyStore). Returns an empty Set if there is no
|
||||
* provider that supports the specified service. For a complete list of Java
|
||||
* cryptographic services, please see the Java Cryptography Architecture API
|
||||
* Specification & Reference. Note: the returned set is immutable.
|
||||
*
|
||||
* @param serviceName the name of the Java cryptographic service (e.g.,
|
||||
* Signature, MessageDigest, Cipher, Mac, KeyStore). Note: this parameter is
|
||||
* case-insensitive.
|
||||
* @return a Set of Strings containing the names of all available algorithms
|
||||
* or types for the specified Java cryptographic service or an empty set if
|
||||
* no provider supports the specified service.
|
||||
* @since 1.4
|
||||
*/
|
||||
public static Set getAlgorithms(String serviceName)
|
||||
{
|
||||
HashSet result = new HashSet();
|
||||
if (serviceName == null || serviceName.length() == 0)
|
||||
return result;
|
||||
|
||||
serviceName = serviceName.trim();
|
||||
if (serviceName.length() == 0)
|
||||
return result;
|
||||
|
||||
serviceName = serviceName.toUpperCase()+".";
|
||||
Provider[] providers = getProviders();
|
||||
int ndx;
|
||||
for (int i = 0; i < providers.length; i++)
|
||||
for (Enumeration e = providers[i].propertyNames(); e.hasMoreElements(); )
|
||||
{
|
||||
String service = ((String) e.nextElement()).trim();
|
||||
if (service.toUpperCase().startsWith(serviceName))
|
||||
{
|
||||
service = service.substring(serviceName.length()).trim();
|
||||
ndx = service.indexOf(' '); // get rid of attributes
|
||||
if (ndx != -1)
|
||||
service = service.substring(0, ndx);
|
||||
result.add(service);
|
||||
}
|
||||
}
|
||||
return Collections.unmodifiableSet(result);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns an array containing all installed providers that satisfy the
|
||||
* specified selection criterion, or <code>null</code> if no such providers
|
||||
* have been installed. The returned providers are ordered according to their
|
||||
* preference order.</p>
|
||||
*
|
||||
* <p>A cryptographic service is always associated with a particular
|
||||
* algorithm or type. For example, a digital signature service is always
|
||||
* associated with a particular algorithm (e.g., <i>DSA</i>), and a
|
||||
* CertificateFactory service is always associated with a particular
|
||||
* certificate type (e.g., <i>X.509</i>).</p>
|
||||
*
|
||||
* <p>The selection criterion must be specified in one of the following two
|
||||
* formats:</p>
|
||||
*
|
||||
* <ul>
|
||||
* <li><p><crypto_service>.<algorithm_or_type></p>
|
||||
* <p>The cryptographic service name must not contain any dots.</p>
|
||||
* <p>A provider satisfies the specified selection criterion iff the
|
||||
* provider implements the specified algorithm or type for the specified
|
||||
* cryptographic service.</p>
|
||||
* <p>For example, "CertificateFactory.X.509" would be satisfied by any
|
||||
* provider that supplied a CertificateFactory implementation for X.509
|
||||
* certificates.</p></li>
|
||||
*
|
||||
* <li><p><crypto_service>.<algorithm_or_type> <attribute_name>:<attribute_value></p>
|
||||
* <p>The cryptographic service name must not contain any dots. There must
|
||||
* be one or more space charaters between the the <algorithm_or_type>
|
||||
* and the <attribute_name>.</p>
|
||||
* <p>A provider satisfies this selection criterion iff the provider
|
||||
* implements the specified algorithm or type for the specified
|
||||
* cryptographic service and its implementation meets the constraint
|
||||
* expressed by the specified attribute name/value pair.</p>
|
||||
* <p>For example, "Signature.SHA1withDSA KeySize:1024" would be satisfied
|
||||
* by any provider that implemented the SHA1withDSA signature algorithm
|
||||
* with a keysize of 1024 (or larger).</p></li>
|
||||
* </ul>
|
||||
*
|
||||
* <p>See Appendix A in the Java Cryptogaphy Architecture API Specification
|
||||
* & Reference for information about standard cryptographic service names,
|
||||
* standard algorithm names and standard attribute names.</p>
|
||||
*
|
||||
* @param filter the criterion for selecting providers. The filter is case-
|
||||
* insensitive.
|
||||
* @return all the installed providers that satisfy the selection criterion,
|
||||
* or null if no such providers have been installed.
|
||||
* @throws InvalidParameterException if the filter is not in the required
|
||||
* format.
|
||||
* @see #getProviders(Map)
|
||||
*/
|
||||
public static Provider[] getProviders(String filter)
|
||||
{
|
||||
if (providers == null || providers.isEmpty())
|
||||
return null;
|
||||
|
||||
if (filter == null || filter.length() == 0)
|
||||
return getProviders();
|
||||
|
||||
HashMap map = new HashMap(1);
|
||||
int i = filter.indexOf(':');
|
||||
if (i == -1) // <service>.<algorithm>
|
||||
map.put(filter, "");
|
||||
else // <service>.<algorithm> <attribute>:<value>
|
||||
map.put(filter.substring(0, i), filter.substring(i+1));
|
||||
|
||||
return getProviders(map);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns an array containing all installed providers that satisfy the
|
||||
* specified selection criteria, or <code>null</code> if no such providers
|
||||
* have been installed. The returned providers are ordered according to their
|
||||
* preference order.</p>
|
||||
*
|
||||
* <p>The selection criteria are represented by a map. Each map entry
|
||||
* represents a selection criterion. A provider is selected iff it satisfies
|
||||
* all selection criteria. The key for any entry in such a map must be in one
|
||||
* of the following two formats:</p>
|
||||
*
|
||||
* <ul>
|
||||
* <li><p><crypto_service>.<algorithm_or_type></p>
|
||||
* <p>The cryptographic service name must not contain any dots.</p>
|
||||
* <p>The value associated with the key must be an empty string.</p>
|
||||
* <p>A provider satisfies this selection criterion iff the provider
|
||||
* implements the specified algorithm or type for the specified
|
||||
* cryptographic service.</p></li>
|
||||
*
|
||||
* <li><p><crypto_service>.<algorithm_or_type> <attribute_name></p>
|
||||
* <p>The cryptographic service name must not contain any dots. There must
|
||||
* be one or more space charaters between the <algorithm_or_type> and
|
||||
* the <attribute_name>.</p>
|
||||
* <p>The value associated with the key must be a non-empty string. A
|
||||
* provider satisfies this selection criterion iff the provider implements
|
||||
* the specified algorithm or type for the specified cryptographic service
|
||||
* and its implementation meets the constraint expressed by the specified
|
||||
* attribute name/value pair.</p></li>
|
||||
* </ul>
|
||||
*
|
||||
* <p>See Appendix A in the Java Cryptogaphy Architecture API Specification
|
||||
* & Reference for information about standard cryptographic service names,
|
||||
* standard algorithm names and standard attribute names.</p>
|
||||
*
|
||||
* @param filter the criteria for selecting providers. The filter is case-
|
||||
* insensitive.
|
||||
* @return all the installed providers that satisfy the selection criteria,
|
||||
* or <code>null</code> if no such providers have been installed.
|
||||
* @throws InvalidParameterException if the filter is not in the required
|
||||
* format.
|
||||
* @see #getProviders(String)
|
||||
*/
|
||||
public static Provider[] getProviders(Map filter)
|
||||
{
|
||||
if (providers == null || providers.isEmpty())
|
||||
return null;
|
||||
|
||||
if (filter == null)
|
||||
return getProviders();
|
||||
|
||||
Set querries = filter.keySet();
|
||||
if (querries == null || querries.isEmpty())
|
||||
return getProviders();
|
||||
|
||||
LinkedHashSet result = new LinkedHashSet(providers); // assume all
|
||||
int dot, ws;
|
||||
String querry, service, algorithm, attribute, value;
|
||||
LinkedHashSet serviceProviders = new LinkedHashSet(); // preserve insertion order
|
||||
for (Iterator i = querries.iterator(); i.hasNext(); )
|
||||
{
|
||||
querry = (String) i.next();
|
||||
if (querry == null) // all providers
|
||||
continue;
|
||||
|
||||
querry = querry.trim();
|
||||
if (querry.length() == 0) // all providers
|
||||
continue;
|
||||
|
||||
dot = querry.indexOf('.');
|
||||
if (dot == -1) // syntax error
|
||||
throw new InvalidParameterException(
|
||||
"missing dot in '" + String.valueOf(querry)+"'");
|
||||
|
||||
value = (String) filter.get(querry);
|
||||
// deconstruct querry into [service, algorithm, attribute]
|
||||
if (value == null || value.trim().length() == 0) // <service>.<algorithm>
|
||||
{
|
||||
value = null;
|
||||
attribute = null;
|
||||
service = querry.substring(0, dot).trim();
|
||||
algorithm = querry.substring(dot+1).trim();
|
||||
}
|
||||
else // <service>.<algorithm> <attribute>
|
||||
{
|
||||
ws = querry.indexOf(' ');
|
||||
if (ws == -1)
|
||||
throw new InvalidParameterException(
|
||||
"value (" + String.valueOf(value) +
|
||||
") is not empty, but querry (" + String.valueOf(querry) +
|
||||
") is missing at least one space character");
|
||||
value = value.trim();
|
||||
attribute = querry.substring(ws+1).trim();
|
||||
// was the dot in the attribute?
|
||||
if (attribute.indexOf('.') != -1)
|
||||
throw new InvalidParameterException(
|
||||
"attribute_name (" + String.valueOf(attribute) +
|
||||
") in querry (" + String.valueOf(querry) + ") contains a dot");
|
||||
|
||||
querry = querry.substring(0, ws).trim();
|
||||
service = querry.substring(0, dot).trim();
|
||||
algorithm = querry.substring(dot+1).trim();
|
||||
}
|
||||
|
||||
// service and algorithm must not be empty
|
||||
if (service.length() == 0)
|
||||
throw new InvalidParameterException(
|
||||
"<crypto_service> in querry (" + String.valueOf(querry) +
|
||||
") is empty");
|
||||
|
||||
if (algorithm.length() == 0)
|
||||
throw new InvalidParameterException(
|
||||
"<algorithm_or_type> in querry (" + String.valueOf(querry) +
|
||||
") is empty");
|
||||
|
||||
selectProviders(service, algorithm, attribute, value, result, serviceProviders);
|
||||
result.retainAll(serviceProviders); // eval next retaining found providers
|
||||
if (result.isEmpty()) // no point continuing
|
||||
break;
|
||||
}
|
||||
|
||||
if (result.isEmpty())
|
||||
return null;
|
||||
|
||||
return (Provider[]) result.toArray(new Provider[0]);
|
||||
}
|
||||
|
||||
private static void selectProviders(String svc, String algo, String attr,
|
||||
String val, LinkedHashSet providerSet,
|
||||
LinkedHashSet result)
|
||||
{
|
||||
result.clear(); // ensure we start with an empty result set
|
||||
for (Iterator i = providerSet.iterator(); i.hasNext(); )
|
||||
{
|
||||
Provider p = (Provider) i.next();
|
||||
if (provides(p, svc, algo, attr, val))
|
||||
result.add(p);
|
||||
}
|
||||
}
|
||||
|
||||
private static boolean provides(Provider p, String svc, String algo,
|
||||
String attr, String val)
|
||||
{
|
||||
Iterator it;
|
||||
String serviceDotAlgorithm = null;
|
||||
String key = null;
|
||||
String realVal;
|
||||
boolean found = false;
|
||||
// if <svc>.<algo> <attr> is in the set then so is <svc>.<algo>
|
||||
// but it may be stored under an alias <algo>. resolve
|
||||
outer: for (int r = 0; r < 3; r++) // guard against circularity
|
||||
{
|
||||
serviceDotAlgorithm = (svc+"."+String.valueOf(algo)).trim();
|
||||
for (it = p.keySet().iterator(); it.hasNext(); )
|
||||
{
|
||||
key = (String) it.next();
|
||||
if (key.equalsIgnoreCase(serviceDotAlgorithm)) // eureka
|
||||
{
|
||||
found = true;
|
||||
break outer;
|
||||
}
|
||||
// it may be there but as an alias
|
||||
if (key.equalsIgnoreCase(ALG_ALIAS + serviceDotAlgorithm))
|
||||
{
|
||||
algo = p.getProperty(key);
|
||||
continue outer;
|
||||
}
|
||||
// else continue inner
|
||||
}
|
||||
}
|
||||
|
||||
if (!found)
|
||||
return false;
|
||||
|
||||
// found a candidate for the querry. do we have an attr to match?
|
||||
if (val == null) // <service>.<algorithm> querry
|
||||
return true;
|
||||
|
||||
// <service>.<algorithm> <attribute>; find the key entry that match
|
||||
String realAttr;
|
||||
int limit = serviceDotAlgorithm.length() + 1;
|
||||
for (it = p.keySet().iterator(); it.hasNext(); )
|
||||
{
|
||||
key = (String) it.next();
|
||||
if (key.length() <= limit)
|
||||
continue;
|
||||
|
||||
if (key.substring(0, limit).equalsIgnoreCase(serviceDotAlgorithm+" "))
|
||||
{
|
||||
realAttr = key.substring(limit).trim();
|
||||
if (! realAttr.equalsIgnoreCase(attr))
|
||||
continue;
|
||||
|
||||
// eveything matches so far. do the value
|
||||
realVal = p.getProperty(key);
|
||||
if (realVal == null)
|
||||
return false;
|
||||
|
||||
realVal = realVal.trim();
|
||||
// is it a string value?
|
||||
if (val.equalsIgnoreCase(realVal))
|
||||
return true;
|
||||
|
||||
// assume value is a number. cehck for greater-than-or-equal
|
||||
return (new Integer(val).intValue() >= new Integer(realVal).intValue());
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@@ -1,178 +0,0 @@
|
||||
/* SecurityPermission.java -- Class for named security permissions
|
||||
Copyright (C) 1998, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This class provides a mechanism for specified named permissions
|
||||
* related to the Java security framework. These permissions have no
|
||||
* associated actions list. They are either granted or not granted.
|
||||
*
|
||||
* <p>The list of valid permission names is:<br>
|
||||
* <table border=1>
|
||||
* <tr><th>Permission Name</th><th>Permission Allows</th><th>Risks</th</tr>
|
||||
* <tr>
|
||||
* <td><code>createAccessControlContext</code></td>
|
||||
* <td>Allows creation of an AccessControlContext</td>
|
||||
* <td>The new control context can have a rogue DomainCombiner, leading
|
||||
* to a privacy leak</td></tr>
|
||||
* <tr>
|
||||
* <td><code>getDomainCombiner</code></td>
|
||||
* <td>Get a DomainCombiner from an AccessControlContext</td>
|
||||
* <td>Access to a DomainCombiner can lead to a privacy leak</td></tr>
|
||||
* <tr>
|
||||
* <td><code>getPolicy</code></td>
|
||||
* <td>Allows retrieval of the system security policy</td>
|
||||
* <td>Malicious code can use information from the policy to better plan
|
||||
* an attack</td></tr>
|
||||
* <tr>
|
||||
* <td><code>setPolicy</code></td>
|
||||
* <td>Allows the security policy to be changed</td>
|
||||
* <td>Malicious code can give itself any permission it wants</td></tr>
|
||||
* <tr>
|
||||
* <td><code>getProperty.</code><em>key</em></td>
|
||||
* <td>Retrieve the property specified by the key</td>
|
||||
* <td>Malicious code can use information from the property to better plan
|
||||
* an attack</td></tr>
|
||||
* <tr>
|
||||
* <td><code>setProperty.</code><em>key</em></td>
|
||||
* <td>Allows changing of the value of all properties implied by key</td>
|
||||
* <td>Malicious code can insert rogue classes to steal keys or recreate
|
||||
* the security policy with whatever permissions it desires</td></tr>
|
||||
* <tr>
|
||||
* <td><code>insertProvider.</code><em>key</em></td>
|
||||
* <td>Allows the named provider to be added</td>
|
||||
* <td>Malicious code can insert rogue providers that steal data</td></tr>
|
||||
* <tr>
|
||||
* <td><code>removeProvider.</code><em>key</em></td>
|
||||
* <td>Allows the named provider to be removed</td>
|
||||
* <td>A missing provider can cripple code that relies on it</td></tr>
|
||||
* <tr>
|
||||
* <td><code>setSystemScope</code></td>
|
||||
* <td>Allows the system identity scope to be set</td>
|
||||
* <td>Malicious code can add certificates not available in the original
|
||||
* identity scope, to gain more permissions</td></tr>
|
||||
* <tr>
|
||||
* <td><code>setIdentityPublicKey</code></td>
|
||||
* <td>Allows the public key of an Identity to be set</td>
|
||||
* <td>Malicious code can install its own key to gain permissions not
|
||||
* allowed by the original identity scope</td></tr>
|
||||
* <tr>
|
||||
* <td><code>SetIdentityInfo</code></td>
|
||||
* <td>Allows the description of an Identity to be set</td>
|
||||
* <td>Malicious code can spoof users into trusting a fake identity</td></tr>
|
||||
* <tr>
|
||||
* <td><code>addIdentityCertificate</code></td>
|
||||
* <td>Allows a certificate to be set for the public key of an identity</td>
|
||||
* <td>The public key can become trusted to a wider audience than originally
|
||||
* intended</td></tr>
|
||||
* <tr>
|
||||
* <td><code>removeIdentityCertificate</code></td>
|
||||
* <td>Allows removal of a certificate from an identity's public key</td>
|
||||
* <td>The public key can become less trusted than it should be</td></tr>
|
||||
* <tr>
|
||||
* <td><code>printIdentity</code></td>
|
||||
* <td>View the name of the identity and scope, and whether they are
|
||||
* trusted</td>
|
||||
* <td>The scope may include a filename, which provides an entry point for
|
||||
* further security breaches</td></tr>
|
||||
* <tr>
|
||||
* <td><code>clearProviderProperties.</code><em>key</em></td>
|
||||
* <td>Allows the properties of the named provider to be cleared</td>
|
||||
* <td>This can disable parts of the program which depend on finding the
|
||||
* provider</td></tr>
|
||||
* <tr>
|
||||
* <td><code>putProviderProperty.</code><em>key</em></td>
|
||||
* <td>Allows the properties of the named provider to be changed</td>
|
||||
* <td>Malicious code can replace the implementation of a provider</td></tr>
|
||||
* <tr>
|
||||
* <td><code>removeProviderProperty.</code><em>key</em></td>
|
||||
* <td>Allows the properties of the named provider to be deleted</td>
|
||||
* <td>This can disable parts of the program which depend on finding the
|
||||
* provider</td></tr>
|
||||
* <tr>
|
||||
* <td><code>getSignerPrivateKey</code></td>
|
||||
* <td>Allows the retrieval of the private key for a signer</td>
|
||||
* <td>Anyone that can access the private key can claim to be the
|
||||
* Signer</td></tr>
|
||||
* <tr>
|
||||
* <td><code>setSignerKeyPair</code></td>
|
||||
* <td>Allows the public and private key of a Signer to be changed</td>
|
||||
* <td>The replacement might be a weaker encryption, or the attacker
|
||||
* can use knowledge of the replaced key to decrypt an entire
|
||||
* communication session</td></tr>
|
||||
* </table>
|
||||
*
|
||||
* <p>There is some degree of security risk in granting any of these
|
||||
* permissions. Some of them can completely compromise system security.
|
||||
* Please exercise extreme caution in granting these permissions.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see Permission
|
||||
* @see SecurityManager
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public final class SecurityPermission extends BasicPermission
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 5236109936224050470L;
|
||||
|
||||
/**
|
||||
* Create a new instance with the specified name.
|
||||
*
|
||||
* @param name the name to assign to this permission
|
||||
*/
|
||||
public SecurityPermission(String name)
|
||||
{
|
||||
super(name);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new instance with the specified name. As SecurityPermission
|
||||
* carries no actions, the second parameter is ignored.
|
||||
*
|
||||
* @param name the name to assign to this permission
|
||||
* @param actions ignored
|
||||
*/
|
||||
public SecurityPermission(String name, String actions)
|
||||
{
|
||||
super(name);
|
||||
}
|
||||
} // class SecurityPermission
|
||||
@@ -1,636 +0,0 @@
|
||||
/* Signature.java --- Signature Class
|
||||
Copyright (C) 1999, 2002, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.security.cert.Certificate;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
|
||||
/**
|
||||
* <p>This <code>Signature</code> class is used to provide applications the
|
||||
* functionality of a digital signature algorithm. Digital signatures are used
|
||||
* for authentication and integrity assurance of digital data.</p>
|
||||
*
|
||||
* <p>The signature algorithm can be, among others, the NIST standard <i>DSS</i>,
|
||||
* using <i>DSA</i> and <i>SHA-1</i>. The <i>DSA</i> algorithm using the
|
||||
* <i>SHA-1</i> message digest algorithm can be specified as <code>SHA1withDSA
|
||||
* </code>. In the case of <i>RSA</i>, there are multiple choices for the
|
||||
* message digest algorithm, so the signing algorithm could be specified as, for
|
||||
* example, <code>MD2withRSA</code>, <code>MD5withRSA</code>, or
|
||||
* <code>SHA1withRSA</code>. The algorithm name must be specified, as there is
|
||||
* no default.</p>
|
||||
*
|
||||
* <p>Like other algorithm-based classes in Java Security, <code>Signature</code>
|
||||
* provides implementation-independent algorithms, whereby a caller (application
|
||||
* code) requests a particular signature algorithm and is handed back a properly
|
||||
* initialized <code>Signature</code> object. It is also possible, if desired,
|
||||
* to request a particular algorithm from a particular provider. See the
|
||||
* <code>getInstance()</code> methods.</p>
|
||||
*
|
||||
* <p>Thus, there are two ways to request a <code>Signature</code> algorithm
|
||||
* object: by specifying either just an algorithm name, or both an algorithm
|
||||
* name and a package provider.</p>
|
||||
*
|
||||
* <p>If just an algorithm name is specified, the system will determine if there
|
||||
* is an implementation of the algorithm requested available in the environment,
|
||||
* and if there is more than one, if there is a preferred one.</p>
|
||||
*
|
||||
* <p>If both an algorithm name and a package provider are specified, the system
|
||||
* will determine if there is an implementation of the algorithm in the package
|
||||
* requested, and throw an exception if there is not.</p>
|
||||
*
|
||||
* <p>A <code>Signature</code> object can be used to generate and verify digital
|
||||
* signatures.</p>
|
||||
*
|
||||
* <p>There are three phases to the use of a <code>Signature</code> object for
|
||||
* either signing data or verifying a signature:</p>
|
||||
*
|
||||
* <ol>
|
||||
* <li>Initialization, with either
|
||||
* <ul>
|
||||
* <li>a public key, which initializes the signature for verification
|
||||
* (see <code>initVerify()</code>), or</li>
|
||||
* <li>a private key (and optionally a Secure Random Number Generator),
|
||||
* which initializes the signature for signing (see
|
||||
* {@link #initSign(PrivateKey)} and {@link #initSign(PrivateKey, SecureRandom)}
|
||||
* ).</li>
|
||||
* </ul></li>
|
||||
* <li>Updating<br/>
|
||||
* Depending on the type of initialization, this will update the bytes to
|
||||
* be signed or verified. See the update methods.<br/></li>
|
||||
* <li>Signing or Verifying a signature on all updated bytes. See the
|
||||
* <code>sign()</code> methods and the <code>verify()</code> method.</li>
|
||||
* </ol>
|
||||
*
|
||||
* <p>Note that this class is abstract and extends from {@link SignatureSpi} for
|
||||
* historical reasons. Application developers should only take notice of the
|
||||
* methods defined in this <code>Signature</code> class; all the methods in the
|
||||
* superclass are intended for cryptographic service providers who wish to
|
||||
* supply their own implementations of digital signature algorithms.
|
||||
*
|
||||
* @author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
*/
|
||||
public abstract class Signature extends SignatureSpi
|
||||
{
|
||||
/** Service name for signatures. */
|
||||
private static final String SIGNATURE = "Signature";
|
||||
|
||||
/**
|
||||
* Possible <code>state</code> value, signifying that this signature object
|
||||
* has not yet been initialized.
|
||||
*/
|
||||
protected static final int UNINITIALIZED = 0;
|
||||
|
||||
// Constructor.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Possible <code>state</code> value, signifying that this signature object
|
||||
* has been initialized for signing.
|
||||
*/
|
||||
protected static final int SIGN = 2;
|
||||
|
||||
/**
|
||||
* Possible <code>state</code> value, signifying that this signature object
|
||||
* has been initialized for verification.
|
||||
*/
|
||||
protected static final int VERIFY = 3;
|
||||
|
||||
/** Current state of this signature object. */
|
||||
protected int state = UNINITIALIZED;
|
||||
|
||||
private String algorithm;
|
||||
Provider provider;
|
||||
|
||||
/**
|
||||
* Creates a <code>Signature</code> object for the specified algorithm.
|
||||
*
|
||||
* @param algorithm the standard string name of the algorithm. See Appendix A
|
||||
* in the Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
*/
|
||||
protected Signature(String algorithm)
|
||||
{
|
||||
this.algorithm = algorithm;
|
||||
state = UNINITIALIZED;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>Signature</code> object that implements the specified
|
||||
* digest algorithm. If the default provider package provides an
|
||||
* implementation of the requested digest algorithm, an instance of
|
||||
* <code>Signature</code> containing that implementation is returned. If the
|
||||
* algorithm is not available in the default package, other packages are
|
||||
* searched.
|
||||
*
|
||||
* @param algorithm the standard name of the algorithm requested. See Appendix
|
||||
* A in the Java Cryptography Architecture API Specification & Reference
|
||||
* for information about standard algorithm names.
|
||||
* @return the new Signature object.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available in the
|
||||
* environment.
|
||||
*/
|
||||
public static Signature getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignored.
|
||||
}
|
||||
}
|
||||
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>Signature</code> object implementing the specified
|
||||
* algorithm, as supplied from the specified provider, if such an algorithm
|
||||
* is available from the provider.
|
||||
*
|
||||
* @param algorithm the name of the algorithm requested. See Appendix A in
|
||||
* the Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
* @param provider the name of the provider.
|
||||
* @return the new <code>Signature</code> object.
|
||||
* @throws NoSuchAlgorithmException if the algorithm is not available in the
|
||||
* package supplied by the requested provider.
|
||||
* @throws NoSuchProviderException if the provider is not available in the
|
||||
* environment.
|
||||
* @throws IllegalArgumentException if the provider name is <code>null</code>
|
||||
* or empty.
|
||||
* @see Provider
|
||||
*/
|
||||
public static Signature getInstance(String algorithm, String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
if (provider == null || provider.length() == 0)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a <code>Signature</code> object implementing the specified
|
||||
* algorithm, as supplied from the specified provider, if such an algorithm
|
||||
* is available from the provider. Note: the provider doesn't have to be
|
||||
* registered.
|
||||
*
|
||||
* @param algorithm the name of the algorithm requested. See Appendix A in
|
||||
* the Java Cryptography Architecture API Specification & Reference for
|
||||
* information about standard algorithm names.
|
||||
* @param provider the provider.
|
||||
* @return the new <code>Signature</code> object.
|
||||
* @throws NoSuchAlgorithmException if the <code>algorithm</code> is not
|
||||
* available in the package supplied by the requested <code>provider</code>.
|
||||
* @throws IllegalArgumentException if the <code>provider</code> is
|
||||
* <code>null</code>.
|
||||
* @since 1.4
|
||||
* @see Provider
|
||||
*/
|
||||
public static Signature getInstance(String algorithm, Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("Illegal provider");
|
||||
|
||||
Signature result = null;
|
||||
Object o = null;
|
||||
try
|
||||
{
|
||||
o = Engine.getInstance(SIGNATURE, algorithm, provider);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
if (o instanceof SignatureSpi)
|
||||
{
|
||||
result = new DummySignature((SignatureSpi) o, algorithm);
|
||||
}
|
||||
else if (o instanceof Signature)
|
||||
{
|
||||
result = (Signature) o;
|
||||
result.algorithm = algorithm;
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
result.provider = provider;
|
||||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the provider of this signature object.
|
||||
*
|
||||
* @return the provider of this signature object.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this object for verification. If this method is called again
|
||||
* with a different argument, it negates the effect of this call.
|
||||
*
|
||||
* @param publicKey the public key of the identity whose signature is going
|
||||
* to be verified.
|
||||
* @throws InvalidKeyException if the key is invalid.
|
||||
*/
|
||||
public final void initVerify(PublicKey publicKey) throws InvalidKeyException
|
||||
{
|
||||
state = VERIFY;
|
||||
engineInitVerify(publicKey);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Initializes this object for verification, using the public key from the
|
||||
* given certificate.</p>
|
||||
*
|
||||
* <p>If the certificate is of type <i>X.509</i> and has a <i>key usage</i>
|
||||
* extension field marked as <i>critical</i>, and the value of the <i>key
|
||||
* usage</i> extension field implies that the public key in the certificate
|
||||
* and its corresponding private key are not supposed to be used for digital
|
||||
* signatures, an {@link InvalidKeyException} is thrown.</p>
|
||||
*
|
||||
* @param certificate the certificate of the identity whose signature is
|
||||
* going to be verified.
|
||||
* @throws InvalidKeyException if the public key in the certificate is not
|
||||
* encoded properly or does not include required parameter information or
|
||||
* cannot be used for digital signature purposes.
|
||||
*/
|
||||
public final void initVerify(Certificate certificate)
|
||||
throws InvalidKeyException
|
||||
{
|
||||
state = VERIFY;
|
||||
if (certificate.getType().equals("X509"))
|
||||
{
|
||||
X509Certificate cert = (X509Certificate) certificate;
|
||||
boolean[]array = cert.getKeyUsage();
|
||||
if (array != null && array[0] == false)
|
||||
throw new InvalidKeyException(
|
||||
"KeyUsage of this Certificate indicates it cannot be used for digital signing");
|
||||
}
|
||||
this.initVerify(certificate.getPublicKey());
|
||||
}
|
||||
|
||||
/**
|
||||
* Initialize this object for signing. If this method is called again with a
|
||||
* different argument, it negates the effect of this call.
|
||||
*
|
||||
* @param privateKey the private key of the identity whose signature is going
|
||||
* to be generated.
|
||||
* @throws InvalidKeyException if the key is invalid.
|
||||
*/
|
||||
public final void initSign(PrivateKey privateKey) throws InvalidKeyException
|
||||
{
|
||||
state = SIGN;
|
||||
engineInitSign(privateKey);
|
||||
}
|
||||
|
||||
/**
|
||||
* Initialize this object for signing. If this method is called again with a
|
||||
* different argument, it negates the effect of this call.
|
||||
*
|
||||
* @param privateKey the private key of the identity whose signature is going
|
||||
* to be generated.
|
||||
* @param random the source of randomness for this signature.
|
||||
* @throws InvalidKeyException if the key is invalid.
|
||||
*/
|
||||
public final void initSign(PrivateKey privateKey, SecureRandom random)
|
||||
throws InvalidKeyException
|
||||
{
|
||||
state = SIGN;
|
||||
engineInitSign(privateKey, random);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns the signature bytes of all the data updated. The format of the
|
||||
* signature depends on the underlying signature scheme.</p>
|
||||
*
|
||||
* <p>A call to this method resets this signature object to the state it was
|
||||
* in when previously initialized for signing via a call to
|
||||
* <code>initSign(PrivateKey)</code>. That is, the object is reset and
|
||||
* available to generate another signature from the same signer, if desired,
|
||||
* via new calls to <code>update()</code> and <code>sign()</code>.</p>
|
||||
*
|
||||
* @return the signature bytes of the signing operation's result.
|
||||
* @throws SignatureException if this signature object is not initialized
|
||||
* properly.
|
||||
*/
|
||||
public final byte[] sign() throws SignatureException
|
||||
{
|
||||
if (state == SIGN)
|
||||
return engineSign();
|
||||
else
|
||||
throw new SignatureException();
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Finishes the signature operation and stores the resulting signature
|
||||
* bytes in the provided buffer <code>outbuf</code>, starting at <code>offset
|
||||
* </code>. The format of the signature depends on the underlying signature
|
||||
* scheme.</p>
|
||||
*
|
||||
* <p>This signature object is reset to its initial state (the state it was
|
||||
* in after a call to one of the <code>initSign()</code> methods) and can be
|
||||
* reused to generate further signatures with the same private key.</p>
|
||||
*
|
||||
* @param outbuf buffer for the signature result.
|
||||
* @param offset offset into outbuf where the signature is stored.
|
||||
* @param len number of bytes within outbuf allotted for the signature.
|
||||
* @return the number of bytes placed into outbuf.
|
||||
* @throws SignatureException if an error occurs or len is less than the
|
||||
* actual signature length.
|
||||
* @since 1.2
|
||||
*/
|
||||
public final int sign(byte[] outbuf, int offset, int len)
|
||||
throws SignatureException
|
||||
{
|
||||
if (state == SIGN)
|
||||
return engineSign(outbuf, offset, len);
|
||||
else
|
||||
throw new SignatureException();
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Verifies the passed-in signature.</p>
|
||||
*
|
||||
* <p>A call to this method resets this signature object to the state it was
|
||||
* in when previously initialized for verification via a call to
|
||||
* <code>initVerify(PublicKey)</code>. That is, the object is reset and
|
||||
* available to verify another signature from the identity whose public key
|
||||
* was specified in the call to <code>initVerify()</code>.</p>
|
||||
*
|
||||
* @param signature the signature bytes to be verified.
|
||||
* @return <code>true</code> if the signature was verified, <code>false</code>
|
||||
* if not.
|
||||
* @throws SignatureException if this signature object is not initialized
|
||||
* properly, or the passed-in signature is improperly encoded or of the wrong
|
||||
* type, etc.
|
||||
*/
|
||||
public final boolean verify(byte[]signature) throws SignatureException
|
||||
{
|
||||
if (state == VERIFY)
|
||||
return engineVerify(signature);
|
||||
else
|
||||
throw new SignatureException();
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Verifies the passed-in <code>signature</code> in the specified array of
|
||||
* bytes, starting at the specified <code>offset</code>.</p>
|
||||
*
|
||||
* <p>A call to this method resets this signature object to the state it was
|
||||
* in when previously initialized for verification via a call to
|
||||
* <code>initVerify(PublicKey)</code>. That is, the object is reset and
|
||||
* available to verify another signature from the identity whose public key
|
||||
* was specified in the call to <code>initVerify()</code>.</p>
|
||||
*
|
||||
* @param signature the signature bytes to be verified.
|
||||
* @param offset the offset to start from in the array of bytes.
|
||||
* @param length the number of bytes to use, starting at offset.
|
||||
* @return <code>true</code> if the signature was verified, <code>false</code>
|
||||
* if not.
|
||||
* @throws SignatureException if this signature object is not initialized
|
||||
* properly, or the passed-in <code>signature</code> is improperly encoded or
|
||||
* of the wrong type, etc.
|
||||
* @throws IllegalArgumentException if the <code>signature</code> byte array
|
||||
* is <code>null</code>, or the <code>offset</code> or <code>length</code> is
|
||||
* less than <code>0</code>, or the sum of the <code>offset</code> and
|
||||
* <code>length</code> is greater than the length of the <code>signature</code>
|
||||
* byte array.
|
||||
*/
|
||||
public final boolean verify(byte[] signature, int offset, int length)
|
||||
throws SignatureException
|
||||
{
|
||||
if (state != VERIFY)
|
||||
throw new SignatureException("illegal state");
|
||||
|
||||
if (signature == null)
|
||||
throw new IllegalArgumentException("signature is null");
|
||||
if (offset < 0)
|
||||
throw new IllegalArgumentException("offset is less than 0");
|
||||
if (length < 0)
|
||||
throw new IllegalArgumentException("length is less than 0");
|
||||
if (offset + length < signature.length)
|
||||
throw new IllegalArgumentException("range is out of bounds");
|
||||
|
||||
return engineVerify(signature, offset, length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the data to be signed or verified by a byte.
|
||||
*
|
||||
* @param b the byte to use for the update.
|
||||
* @throws SignatureException if this signature object is not initialized
|
||||
* properly.
|
||||
*/
|
||||
public final void update(byte b) throws SignatureException
|
||||
{
|
||||
if (state != UNINITIALIZED)
|
||||
engineUpdate(b);
|
||||
else
|
||||
throw new SignatureException();
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the data to be signed or verified, using the specified array of
|
||||
* bytes.
|
||||
*
|
||||
* @param data the byte array to use for the update.
|
||||
* @throws SignatureException if this signature object is not initialized
|
||||
* properly.
|
||||
*/
|
||||
public final void update(byte[]data) throws SignatureException
|
||||
{
|
||||
if (state != UNINITIALIZED)
|
||||
engineUpdate(data, 0, data.length);
|
||||
else
|
||||
throw new SignatureException();
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the data to be signed or verified, using the specified array of
|
||||
* bytes, starting at the specified offset.
|
||||
*
|
||||
* @param data the array of bytes.
|
||||
* @param off the offset to start from in the array of bytes.
|
||||
* @param len the number of bytes to use, starting at offset.
|
||||
* @throws SignatureException if this signature object is not initialized
|
||||
* properly.
|
||||
*/
|
||||
public final void update(byte[]data, int off, int len)
|
||||
throws SignatureException
|
||||
{
|
||||
if (state != UNINITIALIZED)
|
||||
engineUpdate(data, off, len);
|
||||
else
|
||||
throw new SignatureException();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the name of the algorithm for this signature object.
|
||||
*
|
||||
* @return the name of the algorithm for this signature object.
|
||||
*/
|
||||
public final String getAlgorithm()
|
||||
{
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a string representation of this signature object, providing
|
||||
* information that includes the state of the object and the name of the
|
||||
* algorithm used.
|
||||
*
|
||||
* @return a string representation of this signature object.
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return (algorithm + " Signature");
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the specified algorithm parameter to the specified value. This method
|
||||
* supplies a general-purpose mechanism through which it is possible to set
|
||||
* the various parameters of this object. A parameter may be any settable
|
||||
* parameter for the algorithm, such as a parameter size, or a source of
|
||||
* random bits for signature generation (if appropriate), or an indication of
|
||||
* whether or not to perform a specific but optional computation. A uniform
|
||||
* algorithm-specific naming scheme for each parameter is desirable but left
|
||||
* unspecified at this time.
|
||||
*
|
||||
* @param param the string identifier of the parameter.
|
||||
* @param value the parameter value.
|
||||
* @throws InvalidParameterException if param is an invalid parameter for this
|
||||
* signature algorithm engine, the parameter is already set and cannot be set
|
||||
* again, a security exception occurs, and so on.
|
||||
* @see #getParameter(String)
|
||||
* @deprecated Use setParameter(AlgorithmParameterSpec).
|
||||
*/
|
||||
public final void setParameter(String param, Object value)
|
||||
throws InvalidParameterException
|
||||
{
|
||||
engineSetParameter(param, value);
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this signature engine with the specified parameter set.
|
||||
*
|
||||
* @param params the parameters.
|
||||
* @throws InvalidAlgorithmParameterException if the given parameters are
|
||||
* inappropriate for this signature engine.
|
||||
* @see #getParameters()
|
||||
*/
|
||||
public final void setParameter(AlgorithmParameterSpec params)
|
||||
throws InvalidAlgorithmParameterException
|
||||
{
|
||||
engineSetParameter(params);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns the parameters used with this signature object.</p>
|
||||
*
|
||||
* <p>The returned parameters may be the same that were used to initialize
|
||||
* this signature, or may contain a combination of default and randomly
|
||||
* generated parameter values used by the underlying signature implementation
|
||||
* if this signature requires algorithm parameters but was not initialized
|
||||
* with any.
|
||||
*
|
||||
* @return the parameters used with this signature, or <code>null</code> if
|
||||
* this signature does not use any parameters.
|
||||
* @see #setParameter(AlgorithmParameterSpec)
|
||||
*/
|
||||
public final AlgorithmParameters getParameters()
|
||||
{
|
||||
return engineGetParameters();
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the value of the specified algorithm parameter. This method supplies
|
||||
* a general-purpose mechanism through which it is possible to get the various
|
||||
* parameters of this object. A parameter may be any settable parameter for
|
||||
* the algorithm, such as a parameter size, or a source of random bits for
|
||||
* signature generation (if appropriate), or an indication of whether or not
|
||||
* to perform a specific but optional computation. A uniform
|
||||
* algorithm-specific naming scheme for each parameter is desirable but left
|
||||
* unspecified at this time.
|
||||
*
|
||||
* @param param the string name of the parameter.
|
||||
* @return the object that represents the parameter value, or null if there
|
||||
* is none.
|
||||
* @throws InvalidParameterException if param is an invalid parameter for this
|
||||
* engine, or another exception occurs while trying to get this parameter.
|
||||
* @see #setParameter(String, Object)
|
||||
* @deprecated
|
||||
*/
|
||||
public final Object getParameter(String param)
|
||||
throws InvalidParameterException
|
||||
{
|
||||
return engineGetParameter(param);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a clone if the implementation is cloneable.
|
||||
*
|
||||
* @return a clone if the implementation is cloneable.
|
||||
* @throws CloneNotSupportedException if this is called on an implementation
|
||||
* that does not support {@link Cloneable}.
|
||||
*/
|
||||
public Object clone() throws CloneNotSupportedException
|
||||
{
|
||||
return super.clone();
|
||||
}
|
||||
}
|
||||
@@ -1,70 +0,0 @@
|
||||
/* SignatureException.java -- Generic error in signature
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception is thrown when a problem is encountered with a
|
||||
* digital signature.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class SignatureException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 7509989324975124438L;
|
||||
|
||||
/**
|
||||
* Create an instance with no descriptive error message.
|
||||
*/
|
||||
public SignatureException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an instance with a descriptive error message.
|
||||
*
|
||||
* @param msg the message
|
||||
*/
|
||||
public SignatureException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,302 +0,0 @@
|
||||
/* SignatureSpi.java --- Signature Service Provider Interface
|
||||
Copyright (C) 1999, 2003, Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.security.spec.AlgorithmParameterSpec;
|
||||
|
||||
/**
|
||||
* <p>This class defines the <i>Service Provider Interface (SPI)</i> for the
|
||||
* {@link Signature} class, which is used to provide the functionality of a
|
||||
* digital signature algorithm. Digital signatures are used for authentication
|
||||
* and integrity assurance of digital data.</p>
|
||||
*
|
||||
* <p>All the abstract methods in this class must be implemented by each
|
||||
* cryptographic service provider who wishes to supply the implementation of a
|
||||
* particular signature algorithm.
|
||||
*
|
||||
* @author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
* @since 1.2
|
||||
* @see Signature
|
||||
*/
|
||||
public abstract class SignatureSpi
|
||||
{
|
||||
/** Application-specified source of randomness. */
|
||||
protected SecureRandom appRandom;
|
||||
|
||||
public SignatureSpi()
|
||||
{
|
||||
appRandom = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initializes this signature object with the specified public key for
|
||||
* verification operations.
|
||||
*
|
||||
* @param publicKey the public key of the identity whose signature is going
|
||||
* to be verified.
|
||||
* @throws InvalidKeyException if the key is improperly encoded, parameters
|
||||
* are missing, and so on.
|
||||
*/
|
||||
protected abstract void engineInitVerify(PublicKey publicKey)
|
||||
throws InvalidKeyException;
|
||||
|
||||
/**
|
||||
* Initializes this signature object with the specified private key for
|
||||
* signing operations.
|
||||
*
|
||||
* @param privateKey the private key of the identity whose signature will be
|
||||
* generated.
|
||||
* @throws InvalidKeyException if the key is improperly encoded, parameters
|
||||
* are missing, and so on.
|
||||
*/
|
||||
protected abstract void engineInitSign(PrivateKey privateKey)
|
||||
throws InvalidKeyException;
|
||||
|
||||
/**
|
||||
* <p>Initializes this signature object with the specified private key and
|
||||
* source of randomness for signing operations.</p>
|
||||
*
|
||||
* <p>This concrete method has been added to this previously-defined abstract
|
||||
* class. (For backwards compatibility, it cannot be abstract.)</p>
|
||||
*
|
||||
* @param privateKey the private key of the identity whose signature will be
|
||||
* generated.
|
||||
* @param random the source of randomness.
|
||||
* @throws InvalidKeyException if the key is improperly encoded, parameters
|
||||
* are missing, and so on.
|
||||
* @since 1.2
|
||||
*/
|
||||
protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
|
||||
throws InvalidKeyException
|
||||
{
|
||||
appRandom = random;
|
||||
engineInitSign(privateKey);
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the data to be signed or verified using the specified byte.
|
||||
*
|
||||
* @param b the byte to use for the update.
|
||||
* @throws SignatureException if the engine is not initialized properly.
|
||||
*/
|
||||
protected abstract void engineUpdate(byte b) throws SignatureException;
|
||||
|
||||
/**
|
||||
* Updates the data to be signed or verified, using the specified array of
|
||||
* bytes, starting at the specified offset.
|
||||
*
|
||||
* @param b the array of bytes.
|
||||
* @param off the offset to start from in the array of bytes.
|
||||
* @param len the number of bytes to use, starting at offset.
|
||||
* @throws SignatureException if the engine is not initialized properly.
|
||||
*/
|
||||
protected abstract void engineUpdate(byte[] b, int off, int len)
|
||||
throws SignatureException;
|
||||
|
||||
/**
|
||||
* Returns the signature bytes of all the data updated so far. The format of
|
||||
* the signature depends on the underlying signature scheme.
|
||||
*
|
||||
* @return the signature bytes of the signing operation's result.
|
||||
* @throws SignatureException if the engine is not initialized properly.
|
||||
*/
|
||||
protected abstract byte[] engineSign() throws SignatureException;
|
||||
|
||||
/**
|
||||
* <p>Finishes this signature operation and stores the resulting signature
|
||||
* bytes in the provided buffer <code>outbuf</code>, starting at <code>offset
|
||||
* </code>. The format of the signature depends on the underlying signature
|
||||
* scheme.</p>
|
||||
*
|
||||
* <p>The signature implementation is reset to its initial state (the state it
|
||||
* was in after a call to one of the <code>engineInitSign()</code> methods)
|
||||
* and can be reused to generate further signatures with the same private key.
|
||||
* This method should be abstract, but we leave it concrete for binary
|
||||
* compatibility. Knowledgeable providers should override this method.</p>
|
||||
*
|
||||
* @param outbuf buffer for the signature result.
|
||||
* @param offset offset into outbuf where the signature is stored.
|
||||
* @param len number of bytes within outbuf allotted for the signature. Both
|
||||
* this default implementation and the <b>GNU</b> provider do not return
|
||||
* partial digests. If the value of this parameter is less than the actual
|
||||
* signature length, this method will throw a {@link SignatureException}. This
|
||||
* parameter is ignored if its value is greater than or equal to the actual
|
||||
* signature length.
|
||||
* @return the number of bytes placed into <code>outbuf</code>.
|
||||
* @throws SignatureException if an error occurs or len is less than the
|
||||
* actual signature length.
|
||||
* @since 1.2
|
||||
*/
|
||||
protected int engineSign(byte[] outbuf, int offset, int len)
|
||||
throws SignatureException
|
||||
{
|
||||
byte[] tmp = engineSign();
|
||||
if (tmp.length > len)
|
||||
throw new SignatureException("Invalid Length");
|
||||
|
||||
System.arraycopy(outbuf, offset, tmp, 0, tmp.length);
|
||||
return tmp.length;
|
||||
}
|
||||
|
||||
/**
|
||||
* Verifies the passed-in signature.
|
||||
*
|
||||
* @param sigBytes the signature bytes to be verified.
|
||||
* @return <code>true</code> if the signature was verified, <code>false</code>
|
||||
* if not.
|
||||
* @throws SignatureException if the engine is not initialized properly, or
|
||||
* the passed-in signature is improperly encoded or of the wrong type, etc.
|
||||
*/
|
||||
protected abstract boolean engineVerify(byte[] sigBytes)
|
||||
throws SignatureException;
|
||||
|
||||
/**
|
||||
* <p>Verifies the passed-in <code>signature</code> in the specified array of
|
||||
* bytes, starting at the specified <code>offset</code>.</p>
|
||||
*
|
||||
* <p>Note: Subclasses should overwrite the default implementation.</p>
|
||||
*
|
||||
* @param sigBytes the signature bytes to be verified.
|
||||
* @param offset the offset to start from in the array of bytes.
|
||||
* @param length the number of bytes to use, starting at offset.
|
||||
* @return <code>true</code> if the signature was verified, <code>false</code>
|
||||
* if not.
|
||||
* @throws SignatureException if the engine is not initialized properly, or
|
||||
* the passed-in <code>signature</code> is improperly encoded or of the wrong
|
||||
* type, etc.
|
||||
*/
|
||||
protected boolean engineVerify(byte[] sigBytes, int offset, int length)
|
||||
throws SignatureException
|
||||
{
|
||||
byte[] tmp = new byte[length];
|
||||
System.arraycopy(sigBytes, offset, tmp, 0, length);
|
||||
return engineVerify(tmp);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the specified algorithm parameter to the specified value. This method
|
||||
* supplies a general-purpose mechanism through which it is possible to set
|
||||
* the various parameters of this object. A parameter may be any settable
|
||||
* parameter for the algorithm, such as a parameter size, or a source of
|
||||
* random bits for signature generation (if appropriate), or an indication of
|
||||
* whether or not to perform a specific but optional computation. A uniform
|
||||
* algorithm-specific naming scheme for each parameter is desirable but left
|
||||
* unspecified at this time.
|
||||
*
|
||||
* @param param the string identifier of the parameter.
|
||||
* @param value the parameter value.
|
||||
* @throws InvalidParameterException if <code>param</code> is an invalid
|
||||
* parameter for this signature algorithm engine, the parameter is already set
|
||||
* and cannot be set again, a security exception occurs, and so on.
|
||||
* @deprecated Replaced by engineSetParameter(AlgorithmParameterSpec).
|
||||
*/
|
||||
protected abstract void engineSetParameter(String param, Object value)
|
||||
throws InvalidParameterException;
|
||||
|
||||
/**
|
||||
* This method is overridden by providers to initialize this signature engine
|
||||
* with the specified parameter set.
|
||||
*
|
||||
* @param params the parameters.
|
||||
* @throws UnsupportedOperationException if this method is not overridden by
|
||||
* a provider.
|
||||
* @throws InvalidAlgorithmParameterException if this method is overridden by
|
||||
* a provider and the the given parameters are inappropriate for this
|
||||
* signature engine.
|
||||
*/
|
||||
protected void engineSetParameter(AlgorithmParameterSpec params)
|
||||
throws InvalidAlgorithmParameterException
|
||||
{
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>This method is overridden by providers to return the parameters used
|
||||
* with this signature engine, or <code>null</code> if this signature engine
|
||||
* does not use any parameters.</p>
|
||||
*
|
||||
* <p>The returned parameters may be the same that were used to initialize
|
||||
* this signature engine, or may contain a combination of default and randomly
|
||||
* generated parameter values used by the underlying signature implementation
|
||||
* if this signature engine requires algorithm parameters but was not
|
||||
* initialized with any.</p>
|
||||
*
|
||||
* @return the parameters used with this signature engine, or <code>null</code>
|
||||
* if this signature engine does not use any parameters.
|
||||
* @throws UnsupportedOperationException if this method is not overridden by
|
||||
* a provider.
|
||||
*/
|
||||
protected AlgorithmParameters engineGetParameters()
|
||||
{
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the value of the specified algorithm parameter. This method supplies
|
||||
* a general-purpose mechanism through which it is possible to get the various
|
||||
* parameters of this object. A parameter may be any settable parameter for
|
||||
* the algorithm, such as a parameter size, or a source of random bits for
|
||||
* signature generation (if appropriate), or an indication of whether or not
|
||||
* to perform a specific but optional computation. A uniform algorithm-specific
|
||||
* naming scheme for each parameter is desirable but left unspecified at this
|
||||
* time.
|
||||
*
|
||||
* @param param the string name of the parameter.
|
||||
* @return the object that represents the parameter value, or <code>null</code>
|
||||
* if there is none.
|
||||
* @throws InvalidParameterException if <code>param</code> is an invalid
|
||||
* parameter for this engine, or another exception occurs while trying to get
|
||||
* this parameter.
|
||||
* @deprecated
|
||||
*/
|
||||
protected abstract Object engineGetParameter(String param)
|
||||
throws InvalidParameterException;
|
||||
|
||||
/**
|
||||
* Returns a clone if the implementation is cloneable.
|
||||
*
|
||||
* @return a clone if the implementation is cloneable.
|
||||
* @throws CloneNotSupportedException if this is called on an implementation
|
||||
* that does not support {@link Cloneable}.
|
||||
* @see Cloneable
|
||||
*/
|
||||
public Object clone() throws CloneNotSupportedException
|
||||
{
|
||||
return super.clone();
|
||||
}
|
||||
}
|
||||
@@ -1,240 +0,0 @@
|
||||
/* SignedObject.java --- Signed Object Class
|
||||
Copyright (C) 1999, 2003, Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.ObjectInput;
|
||||
import java.io.ObjectInputStream;
|
||||
import java.io.ObjectOutputStream;
|
||||
import java.io.Serializable;
|
||||
|
||||
/**
|
||||
* <p><code>SignedObject</code> is a class for the purpose of creating authentic
|
||||
* runtime objects whose integrity cannot be compromised without being detected.
|
||||
* </p>
|
||||
*
|
||||
* <p>More specifically, a <code>SignedObject</code> contains another
|
||||
* {@link Serializable} object, the (to-be-)signed object and its signature.</p>
|
||||
*
|
||||
* <p>The signed object is a <i>"deep copy"</i> (in serialized form) of an
|
||||
* original object. Once the copy is made, further manipulation of the original
|
||||
* object has no side effect on the copy.</p>
|
||||
*
|
||||
* <p>The underlying signing algorithm is designated by the {@link Signature}
|
||||
* object passed to the constructor and the <code>verify()</code> method. A
|
||||
* typical usage for signing is the following:</p>
|
||||
*
|
||||
* <pre>
|
||||
* Signature signingEngine = Signature.getInstance(algorithm, provider);
|
||||
* SignedObject so = new SignedObject(myobject, signingKey, signingEngine);
|
||||
* </pre>
|
||||
*
|
||||
* <p>A typical usage for verification is the following (having received
|
||||
* <code>SignedObject</code> so):</p>
|
||||
*
|
||||
* <pre>
|
||||
* Signature verificationEngine = Signature.getInstance(algorithm, provider);
|
||||
* if (so.verify(publickey, verificationEngine))
|
||||
* try
|
||||
* {
|
||||
* Object myobj = so.getObject();
|
||||
* }
|
||||
* catch (ClassNotFoundException ignored) {};
|
||||
* </pre>
|
||||
*
|
||||
* <p>Several points are worth noting. First, there is no need to initialize the
|
||||
* signing or verification engine, as it will be re-initialized inside the
|
||||
* constructor and the <code>verify()</code> method. Secondly, for verification
|
||||
* to succeed, the specified public key must be the public key corresponding to
|
||||
* the private key used to generate the <code>SignedObject</code>.</p>
|
||||
*
|
||||
* <p>More importantly, for flexibility reasons, the <code>constructor</code>
|
||||
* and <code>verify()</code> method allow for customized signature engines,
|
||||
* which can implement signature algorithms that are not installed formally as
|
||||
* part of a crypto provider. However, it is crucial that the programmer writing
|
||||
* the verifier code be aware what {@link Signature} engine is being used, as
|
||||
* its own implementation of the <code>verify()</code> method is invoked to
|
||||
* verify a signature. In other words, a malicious {@link Signature} may choose
|
||||
* to always return <code>true</code> on verification in an attempt to bypass a
|
||||
* security check.</p>
|
||||
*
|
||||
* <p>The signature algorithm can be, among others, the NIST standard <i>DSS</i>,
|
||||
* using <i>DSA</i> and <i>SHA-1</i>. The algorithm is specified using the same
|
||||
* convention as that for signatures. The <i>DSA</i> algorithm using the
|
||||
* <i>SHA-1</i> message digest algorithm can be specified, for example, as
|
||||
* <code>"SHA/DSA"</code> or <code>"SHA-1/DSA"</code> (they are equivalent). In
|
||||
* the case of <i>RSA</i>, there are multiple choices for the message digest
|
||||
* algorithm, so the signing algorithm could be specified as, for example,
|
||||
* <code>"MD2/RSA"</code>, <code>"MD5/RSA"</code> or <code>"SHA-1/RSA"</code>.
|
||||
* The algorithm name must be specified, as there is no default.</p>
|
||||
*
|
||||
* <p>The name of the Cryptography Package Provider is designated also by the
|
||||
* {@link Signature} parameter to the <code>constructor</code> and the <code>
|
||||
* verify()</code> method. If the provider is not specified, the default
|
||||
* provider is used. Each installation can be configured to use a particular
|
||||
* provider as default.</p>
|
||||
*
|
||||
* <p>Potential applications of <code>SignedObject</code> include:</p>
|
||||
*
|
||||
* <ul>
|
||||
* <li>It can be used internally to any Java runtime as an unforgeable
|
||||
* authorization token -- one that can be passed around without the fear that
|
||||
* the token can be maliciously modified without being detected.</li>
|
||||
* <li>It can be used to sign and serialize data/object for storage outside the
|
||||
* Java runtime (e.g., storing critical access control data on disk).</li>
|
||||
* <li>Nested <i>SignedObjects</i> can be used to construct a logical sequence
|
||||
* of signatures, resembling a chain of authorization and delegation.</li>
|
||||
* </ul>
|
||||
*
|
||||
* @author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
* @since 1.2
|
||||
* @see Signature
|
||||
*/
|
||||
public final class SignedObject implements Serializable
|
||||
{
|
||||
private static final long serialVersionUID = 720502720485447167L;
|
||||
|
||||
/** @serial */
|
||||
private byte[] content;
|
||||
/** @serial */
|
||||
private byte[] signature;
|
||||
/** @serial */
|
||||
private String thealgorithm;
|
||||
|
||||
/**
|
||||
* Constructs a <code>SignedObject</code> from any {@link Serializable}
|
||||
* object. The given object is signed with the given signing key, using the
|
||||
* designated signature engine.
|
||||
*
|
||||
* @param object the object to be signed.
|
||||
* @param signingKey the private key for signing.
|
||||
* @param signingEngine the signature signing engine.
|
||||
* @throws IOException if an error occurs during serialization.
|
||||
* @throws InvalidKeyException if the key is invalid.
|
||||
* @throws SignatureException if signing fails.
|
||||
*/
|
||||
public SignedObject(Serializable object, PrivateKey signingKey,
|
||||
Signature signingEngine)
|
||||
throws IOException, InvalidKeyException, SignatureException
|
||||
{
|
||||
thealgorithm = signingEngine.getAlgorithm();
|
||||
|
||||
ByteArrayOutputStream ostream = new ByteArrayOutputStream();
|
||||
ObjectOutputStream p = new ObjectOutputStream(ostream);
|
||||
p.writeObject(object);
|
||||
p.flush();
|
||||
p.close();
|
||||
|
||||
content = ostream.toByteArray();
|
||||
|
||||
signingEngine.initSign(signingKey);
|
||||
signingEngine.update(content);
|
||||
signature = signingEngine.sign();
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the encapsulated object. The encapsulated object is de-serialized
|
||||
* before it is returned.
|
||||
*
|
||||
* @return the encapsulated object.
|
||||
* @throws IOException if an error occurs during de-serialization.
|
||||
* @throws ClassNotFoundException if an error occurs during de-serialization.
|
||||
*/
|
||||
public Object getObject() throws IOException, ClassNotFoundException
|
||||
{
|
||||
ByteArrayInputStream bais = new ByteArrayInputStream(content);
|
||||
ObjectInput oi = new ObjectInputStream(bais);
|
||||
Object obj = oi.readObject();
|
||||
oi.close();
|
||||
bais.close();
|
||||
|
||||
return obj;
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the signature on the signed object, in the form of a byte array.
|
||||
*
|
||||
* @return a copy of the signature.
|
||||
*/
|
||||
public byte[] getSignature()
|
||||
{
|
||||
return (byte[]) signature.clone();
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieves the name of the signature algorithm.
|
||||
*
|
||||
* @return the signature algorithm name.
|
||||
*/
|
||||
public String getAlgorithm()
|
||||
{
|
||||
return thealgorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Verifies that the signature in this <code>SignedObject</code> is the valid
|
||||
* signature for the object stored inside, with the given verification key,
|
||||
* using the designated verification engine.
|
||||
*
|
||||
* @param verificationKey the public key for verification.
|
||||
* @param verificationEngine the signature verification engine.
|
||||
* @return <code>true</code> if the signature is valid, <code>false</code>
|
||||
* otherwise.
|
||||
* @throws SignatureException if signature verification failed.
|
||||
* @throws InvalidKeyException if the verification key is invalid.
|
||||
*/
|
||||
public boolean verify(PublicKey verificationKey, Signature verificationEngine)
|
||||
throws InvalidKeyException, SignatureException
|
||||
{
|
||||
verificationEngine.initVerify(verificationKey);
|
||||
verificationEngine.update(content);
|
||||
return verificationEngine.verify(signature);
|
||||
}
|
||||
|
||||
/** Called to restore the state of the SignedObject from a stream. */
|
||||
private void readObject(ObjectInputStream s)
|
||||
throws IOException, ClassNotFoundException
|
||||
{
|
||||
s.defaultReadObject();
|
||||
content = (byte[]) content.clone();
|
||||
signature = (byte[]) signature.clone();
|
||||
}
|
||||
}
|
||||
@@ -1,164 +0,0 @@
|
||||
/* Signer.java --- Signer Class
|
||||
Copyright (C) 1999, 2003, Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* <p>This class is used to represent an {@link Identity} that can also
|
||||
* digitally sign data.</p>
|
||||
*
|
||||
* <p>The management of a signer's private keys is an important and sensitive
|
||||
* issue that should be handled by subclasses as appropriate to their intended
|
||||
* use.</p>
|
||||
*
|
||||
* @author Mark Benvenuto (ivymccough@worldnet.att.net)
|
||||
* @deprecated This class is no longer used. Its functionality has been replaced
|
||||
* by <code>java.security.KeyStore</code>, the <code>java.security.cert</code>
|
||||
* package, and <code>java.security.Principal</code>.
|
||||
*/
|
||||
public abstract class Signer extends Identity
|
||||
{
|
||||
private static final long serialVersionUID = -1763464102261361480L;
|
||||
private PrivateKey privateKey = null;
|
||||
|
||||
/**
|
||||
* Creates a <code>Signer</code>. This constructor should only be used for
|
||||
* serialization.
|
||||
*/
|
||||
protected Signer()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a <code>Signer</code> with the specified identity name.
|
||||
*
|
||||
* @param name the identity name.
|
||||
*/
|
||||
public Signer(String name)
|
||||
{
|
||||
super(name);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a <code>Signer</code> with the specified identity name and scope.
|
||||
*
|
||||
* @param name the identity name.
|
||||
* @param scope the scope of the identity.
|
||||
* @throws KeyManagementException if there is already an identity with the
|
||||
* same name in the scope.
|
||||
*/
|
||||
public Signer(String name, IdentityScope scope) throws KeyManagementException
|
||||
{
|
||||
super(name, scope);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Returns this signer's private key.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"getSignerPrivateKey"</code> as its
|
||||
* argument to see if it's ok to return the private key.</p>
|
||||
*
|
||||
* @return this signer's private key, or <code>null</code> if the private key
|
||||
* has not yet been set.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow returning the
|
||||
* private key.
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public PrivateKey getPrivateKey()
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("getSignerPrivateKey");
|
||||
|
||||
return privateKey;
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Sets the key pair (public key and private key) for this signer.</p>
|
||||
*
|
||||
* <p>First, if there is a security manager, its <code>checkSecurityAccess()
|
||||
* </code> method is called with <code>"setSignerKeyPair"</code> as its
|
||||
* argument to see if it's ok to set the key pair.</p>
|
||||
*
|
||||
* @param pair an initialized key pair.
|
||||
* @throws InvalidParameterException if the key pair is not properly
|
||||
* initialized.
|
||||
* @throws KeyException if the key pair cannot be set for any other reason.
|
||||
* @throws SecurityException if a security manager exists and its
|
||||
* <code>checkSecurityAccess()</code> method doesn't allow setting the key
|
||||
* pair.
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public final void setKeyPair(KeyPair pair)
|
||||
throws InvalidParameterException, KeyException
|
||||
{
|
||||
SecurityManager sm = System.getSecurityManager();
|
||||
if (sm != null)
|
||||
sm.checkSecurityAccess("setSignerKeyPair");
|
||||
|
||||
try
|
||||
{
|
||||
if (pair.getPublic() != null)
|
||||
setPublicKey(pair.getPublic());
|
||||
else
|
||||
throw new InvalidParameterException();
|
||||
|
||||
}
|
||||
catch (KeyManagementException kme)
|
||||
{
|
||||
throw new KeyException();
|
||||
}
|
||||
|
||||
if (pair.getPrivate() != null)
|
||||
privateKey = pair.getPrivate();
|
||||
else
|
||||
throw new InvalidParameterException();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a string of information about the signer.
|
||||
*
|
||||
* @return a string of information about the signer.
|
||||
* @see SecurityManager#checkSecurityAccess(String)
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return (getName() + ": " + privateKey);
|
||||
}
|
||||
}
|
||||
@@ -1,71 +0,0 @@
|
||||
/* UnrecoverableKeyException.java -- Cannot recover a key from the key store
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security;
|
||||
|
||||
/**
|
||||
* This exception is thrown when a key cannot be recovered from the key
|
||||
* store.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class UnrecoverableKeyException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = 7275063078190151277L;
|
||||
|
||||
/**
|
||||
* Create an instance with no descriptive error message.
|
||||
*/
|
||||
public UnrecoverableKeyException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an instance with a descriptive error message.
|
||||
*
|
||||
* @param msg the descriptive error message
|
||||
*/
|
||||
public UnrecoverableKeyException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,304 +0,0 @@
|
||||
/* UnresolvedPermission.java -- Placeholder for unresolved permissions
|
||||
Copyright (C) 1998, 2001, 2002, 2004, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security;
|
||||
|
||||
// All uses of Certificate in this file refer to the one in the listed
|
||||
// package, not this one.
|
||||
import java.security.cert.Certificate;
|
||||
import java.util.Arrays;
|
||||
import java.util.Enumeration;
|
||||
import java.util.Hashtable;
|
||||
import java.util.NoSuchElementException;
|
||||
import java.util.Vector;
|
||||
|
||||
/**
|
||||
* This class is used to hold instances of all permissions that cannot
|
||||
* be resolved to available permission classes when the security
|
||||
* <code>Policy</code> object is instantiated. This may happen when the
|
||||
* necessary security class has not yet been downloaded from the network.
|
||||
*
|
||||
* <p>Instances of this class are re-resolved when
|
||||
* <code>AccessController</code> check is done. At that time, a scan is
|
||||
* made of all existing <code>UnresolvedPermission</code> objects and they
|
||||
* are converted to objects of the appropriate permission type if the class
|
||||
* for that type is then available.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see Permission
|
||||
* @see Permissions
|
||||
* @see PermissionCollection
|
||||
* @see Policy
|
||||
* @since 1.1
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public final class UnresolvedPermission extends Permission
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -4821973115467008846L;
|
||||
|
||||
/**
|
||||
* The list of actions associated with this permission object.
|
||||
*
|
||||
* @serial the permission actions
|
||||
*/
|
||||
private final String actions;
|
||||
|
||||
/**
|
||||
* The list of <code>Certificates</code> associated with this object.
|
||||
*/
|
||||
private final transient Certificate[] certs;
|
||||
|
||||
/**
|
||||
* The name of the class this object should be resolved to.
|
||||
*
|
||||
* @serial the fully-qualified classname of the resolved type
|
||||
*/
|
||||
// Package visible for use by UnresolvedPermissionCollection.
|
||||
final String type;
|
||||
|
||||
/**
|
||||
* The name of the permission.
|
||||
*
|
||||
* @serial the permission name
|
||||
*/
|
||||
private final String name;
|
||||
|
||||
/**
|
||||
* Create a new instance with all the information necessary to resolve it
|
||||
* to an instance of the proper class at a future time.
|
||||
*
|
||||
* @param type the fully-qualified name of the class of this permission
|
||||
* @param name the name of this permission
|
||||
* @param actions the action list for this permission
|
||||
* @param certs the list of certificates that sign this permission
|
||||
*/
|
||||
public UnresolvedPermission(String type, String name, String actions,
|
||||
Certificate[] certs)
|
||||
{
|
||||
super(name);
|
||||
this.name = name;
|
||||
this.type = type;
|
||||
this.actions = actions;
|
||||
this.certs = certs;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns <code>false</code> always to indicate that this
|
||||
* permission does not imply the specified permission. An
|
||||
* <code>UnresolvedPermission</code> never grants any permissions.
|
||||
*
|
||||
* @param perm the <code>Permission</code> object to test
|
||||
* @return false; until a permission is resolved, it implies nothing
|
||||
*/
|
||||
public boolean implies(Permission perm)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method tests this permission for equality against the specified
|
||||
* <code>Object</code>. This will be true if and only if the following
|
||||
* conditions are met:<ul>
|
||||
* <li>The specified <code>Object</code> is an UnresolvedPermission</li>
|
||||
* <li>The specified permission has the same type (i.e., desired class name)
|
||||
* as this permission.</li>
|
||||
* <li>The specified permission has the same name as this one.</li>
|
||||
* <li>The specified permissoin has the same action list as this one.</li>
|
||||
* <li>The specified permission has the same certificate list as this
|
||||
* one.</li>
|
||||
* </ul>
|
||||
*
|
||||
* @param obj the <code>Object</code> to test for equality
|
||||
* @return true if the specified object is equal to this one
|
||||
*/
|
||||
public boolean equals(Object obj)
|
||||
{
|
||||
if (! (obj instanceof UnresolvedPermission))
|
||||
return (false);
|
||||
UnresolvedPermission up = (UnresolvedPermission) obj;
|
||||
return up.name.equals(name) && up.actions.equals(actions)
|
||||
&& up.type.equals(type) && Arrays.equals(up.certs, certs);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a hash code value for this object. Following the lead of
|
||||
* Permission, this returns the hashcode of the permission name.
|
||||
*
|
||||
* @return A hash value
|
||||
*/
|
||||
public int hashCode()
|
||||
{
|
||||
return name.hashCode();
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns the list of actions associated with this
|
||||
* permission.
|
||||
*
|
||||
* @return the action list
|
||||
*/
|
||||
public String getActions()
|
||||
{
|
||||
return actions;
|
||||
}
|
||||
|
||||
/**
|
||||
* This method returns a <code>String</code> representation of this
|
||||
* class. The format is: '(unresolved "ClassName "name" "actions")'
|
||||
*
|
||||
* @return <code>String</code> representation of this object
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return "(unresolved " + type + ' ' + name + ' ' + actions + ')';
|
||||
}
|
||||
|
||||
/**
|
||||
* This class returns a <code>PermissionCollection</code> object that can
|
||||
* be used to store instances of <code>UnresolvedPermission</code>.
|
||||
*
|
||||
* @return a new <code>PermissionCollection</code>
|
||||
*/
|
||||
public PermissionCollection newPermissionCollection()
|
||||
{
|
||||
return new UnresolvedPermissionCollection();
|
||||
}
|
||||
} // class UnresolvedPermission
|
||||
|
||||
/**
|
||||
* Implements the permission collection for unresolved permissions, and
|
||||
* obeys serialization of JDK.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
*/
|
||||
class UnresolvedPermissionCollection extends PermissionCollection
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -7176153071733132400L;
|
||||
|
||||
// Package-private to avoid a trampoline.
|
||||
/**
|
||||
* Hashtable where we store permissions.
|
||||
*
|
||||
* @serial map of typename to a Vector of permissions (you'd think Sun
|
||||
* would document this better!)
|
||||
*/
|
||||
final Hashtable permissions = new Hashtable();
|
||||
|
||||
/**
|
||||
* Add a permission.
|
||||
*
|
||||
* @param perm the permission to add
|
||||
* @throws IllegalArgumentException if perm is not an UnresolvedPermission
|
||||
* @throws SecurityException if the collection is read-only
|
||||
*/
|
||||
public void add(Permission perm)
|
||||
{
|
||||
if (isReadOnly())
|
||||
throw new SecurityException();
|
||||
if (! (perm instanceof UnresolvedPermission))
|
||||
throw new IllegalArgumentException();
|
||||
UnresolvedPermission up = (UnresolvedPermission) perm;
|
||||
Vector v = (Vector) permissions.get(up.type);
|
||||
if (v == null)
|
||||
{
|
||||
v = new Vector();
|
||||
permissions.put(up.type, v);
|
||||
}
|
||||
v.add(up);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns true if perm is implied by the collection.
|
||||
*
|
||||
* @param perm the permission to check
|
||||
* @return false; unresolved permissions imply nothing
|
||||
*/
|
||||
public boolean implies(Permission perm)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the elements.
|
||||
*
|
||||
* @return the elements
|
||||
*/
|
||||
public Enumeration elements()
|
||||
{
|
||||
return new Enumeration()
|
||||
{
|
||||
Enumeration main_enum = permissions.elements();
|
||||
Enumeration sub_enum;
|
||||
|
||||
public boolean hasMoreElements()
|
||||
{
|
||||
if (sub_enum == null)
|
||||
{
|
||||
if (main_enum == null)
|
||||
return false;
|
||||
if (! main_enum.hasMoreElements())
|
||||
{
|
||||
main_enum = null;
|
||||
return false;
|
||||
}
|
||||
Vector v = (Vector) main_enum.nextElement();
|
||||
sub_enum = v.elements();
|
||||
}
|
||||
if (! sub_enum.hasMoreElements())
|
||||
{
|
||||
sub_enum = null;
|
||||
return hasMoreElements();
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
public Object nextElement()
|
||||
{
|
||||
if (! hasMoreElements())
|
||||
throw new NoSuchElementException();
|
||||
return sub_enum.nextElement();
|
||||
}
|
||||
};
|
||||
}
|
||||
} // class UnresolvedPermissionCollection
|
||||
@@ -1,153 +0,0 @@
|
||||
/* Acl.java -- An access control list
|
||||
Copyright (C) 1998 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.acl;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* A Java access control list (ACL) is a group of individual ACL entries.
|
||||
* These entries consist of a <code>Principal</code> and a list of
|
||||
* permissions this <code>Principal</code> is either granted or denied.
|
||||
* A given <code>Principal</code> can have at most one positive ACL entry
|
||||
* (i.e., one that grants permissions) and one negative ACL entry (i.e., one
|
||||
* that denies permissions). If a given permission is both granted and
|
||||
* denied, the ACL treats it as if it were never granted or denied. If
|
||||
* both a <code>Principal</code> and a <code>Group</code> to which the
|
||||
* <code>Principal</code> belongs have an ACL entry, the permissions for
|
||||
* the individual <code>Principal</code> take precedence over the
|
||||
* permissions of the <code>Group</code> if there is a conflict.
|
||||
* <p>
|
||||
* Additionally, the ACL interface extends the <code>Owner</code> interface
|
||||
* and so an ACL has owners. Actions which modify the ACL are restricted
|
||||
* to owners.
|
||||
*
|
||||
* @version 0.0
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
*/
|
||||
public interface Acl extends Owner
|
||||
{
|
||||
|
||||
/**
|
||||
* This method returns the name of this ACL.
|
||||
*
|
||||
* @return The name of this ACL
|
||||
*/
|
||||
String getName();
|
||||
|
||||
/**
|
||||
* This method sets the name of the ACL
|
||||
*
|
||||
* @param caller The <code>Principal</code> requesting the action.
|
||||
* @param name The new name for this ACL.
|
||||
*
|
||||
* @exception NotOwnerException If the caller is not an owner of this ACL.
|
||||
*/
|
||||
void setName(Principal caller, String name)
|
||||
throws NotOwnerException;
|
||||
|
||||
/**
|
||||
* This method adds the specified entry to the ACL
|
||||
*
|
||||
* @param caller The <code>Principal</code> requesting the addition
|
||||
* @param entry The ACL entry to add
|
||||
*
|
||||
* @return <code>true</code> if the entry was added, <code>false</code>
|
||||
* if there is already an entry of the same type for the
|
||||
* <code>Principal</code>.
|
||||
*
|
||||
* @exception NotOwnerException If the caller is not an owner of this ACL.
|
||||
*/
|
||||
boolean addEntry(Principal caller, AclEntry entry)
|
||||
throws NotOwnerException;
|
||||
|
||||
/**
|
||||
* This method delets the specified entry from the ACL
|
||||
*
|
||||
* @param caller The <code>Principal</code> requesting the deletion.
|
||||
* @param entry The ACL entry to delete
|
||||
*
|
||||
* @return <code>true</code> if the entry was deleted, or <code>false</code>
|
||||
* if this entry was not part of the ACL to begin with
|
||||
*
|
||||
* @exception NotOwnerException If the caller is not an owner of this ACL.
|
||||
*/
|
||||
boolean removeEntry(Principal caller, AclEntry entry)
|
||||
throws NotOwnerException;
|
||||
|
||||
/**
|
||||
* This method returns a list of all the entries in the ACL as an
|
||||
* <code>Enumeration</code>.
|
||||
*
|
||||
* @return An enumeration of the ACL entries
|
||||
*/
|
||||
Enumeration entries();
|
||||
|
||||
/**
|
||||
* This method tests whether or not the specified <code>Principal</code>
|
||||
* has the specified <code>Permission</code>
|
||||
*
|
||||
* @param user The <code>Principal</code> to test
|
||||
* @param perm The <code>Permission</code> to test for
|
||||
*
|
||||
* @return <code>true</code> if the user has been granted the permission,
|
||||
* <code>false</code> otherwise
|
||||
*/
|
||||
boolean checkPermission(Principal user, Permission perm);
|
||||
|
||||
/**
|
||||
* This method returns a list of <code>Permission</code>'s that are granted
|
||||
* to a particular <code>Principal</code>. This includes any permissions
|
||||
* that are granted to <code>Group</code>'s to which the <code>Principal</code>
|
||||
* belongs unless they are overridden by a negative ACL. This permission
|
||||
* list is returned as an <code>Enumeration</code>.
|
||||
*
|
||||
* @param user The <code>Principal</code> to retrieve permissions for.
|
||||
*
|
||||
* @return A list of permissions for the <code>Principal</code>.
|
||||
*/
|
||||
Enumeration getPermissions(Principal user);
|
||||
|
||||
/**
|
||||
* This method returns the ACL as a <code>String</code>
|
||||
*
|
||||
* @return A <code>String</code> representation of this ACL
|
||||
*/
|
||||
String toString();
|
||||
}
|
||||
@@ -1,143 +0,0 @@
|
||||
/* AclEntry.java -- An entry in an ACL list.
|
||||
Copyright (C) 1998 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.acl;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* This interface models an entry in an access control list (ACL). Java
|
||||
* ACL's consist of a list of entries, where each consists of a
|
||||
* <code>Principal</code> and a list of <code>Permission</code>'s which
|
||||
* have been granted to that <code>Principal</code>. An ACL can also
|
||||
* be <em>negative</em>, which indicates that the list of
|
||||
* <code>Permission</code>'s is a list of permissions that are <em>not</em>
|
||||
* granted to the <code>Principal</code>. A <code>Principal</code> can
|
||||
* have at most one regular (or positive) ACL entry and one negative
|
||||
* ACL entry.
|
||||
*
|
||||
* @version 0.0
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
*/
|
||||
public interface AclEntry extends Cloneable
|
||||
{
|
||||
/**
|
||||
* This method returns the <code>Principal</code> associated with this
|
||||
* ACL entry.
|
||||
*
|
||||
* @return The <code>Principal</code> for this ACL entry
|
||||
*/
|
||||
Principal getPrincipal();
|
||||
|
||||
/**
|
||||
* This method sets ths <code>Principal</code> associated with this
|
||||
* ACL entry. This operation will only succeed if there is not already
|
||||
* a <code>Principal</code> assigned.
|
||||
*
|
||||
* @param user The <code>Principal</code> for this ACL entry
|
||||
*
|
||||
* @return <code>true</code> if the <code>Principal</code> was successfully set or <code>false</code> if this entry already has a <code>Principal</code>.
|
||||
*/
|
||||
boolean setPrincipal(Principal user);
|
||||
|
||||
/**
|
||||
* This method sets this ACL entry to be a <em>negative</em> entry, indicating
|
||||
* that it contains a list of permissions that are <em>not</em> granted
|
||||
* to the entry's <code>Principal</code>. Note that there is no way to
|
||||
* undo this operation.
|
||||
*/
|
||||
void setNegativePermissions();
|
||||
|
||||
/**
|
||||
* This method tests whether or not this ACL entry is a negative entry or not.
|
||||
*
|
||||
* @return <code>true</code> if this ACL entry is negative, <code>false</code> otherwise
|
||||
*/
|
||||
boolean isNegative();
|
||||
|
||||
/**
|
||||
* This method adds the specified permission to this ACL entry.
|
||||
*
|
||||
* @param perm The <code>Permission</code> to add
|
||||
*
|
||||
* @return <code>true</code> if the permission was added or <code>false</code> if it was already set for this entry
|
||||
*/
|
||||
boolean addPermission(Permission permission);
|
||||
|
||||
/**
|
||||
* This method deletes the specified permission to this ACL entry.
|
||||
*
|
||||
* @param perm The <code>Permission</code> to delete from this ACL entry.
|
||||
*
|
||||
* @return <code>true</code> if the permission was successfully deleted or <code>false</code> if the permission was not part of this ACL to begin with
|
||||
*/
|
||||
boolean removePermission(Permission perm);
|
||||
|
||||
/**
|
||||
* This method tests whether or not the specified permission is associated
|
||||
* with this ACL entry.
|
||||
*
|
||||
* @param perm The <code>Permission</code> to test
|
||||
*
|
||||
* @return <code>true</code> if this permission is associated with this entry or <code>false</code> otherwise
|
||||
*/
|
||||
boolean checkPermission(Permission permission);
|
||||
|
||||
/**
|
||||
* This method returns a list of all <code>Permission</code> objects
|
||||
* associated with this ACL entry as an <code>Enumeration</code>.
|
||||
*
|
||||
* @return A list of permissions for this ACL entry
|
||||
*/
|
||||
Enumeration permissions();
|
||||
|
||||
/**
|
||||
* This method returns this object as a <code>String</code>.
|
||||
*
|
||||
* @return A <code>String</code> representation of this object
|
||||
*/
|
||||
String toString();
|
||||
|
||||
/**
|
||||
* This method returns a clone of this ACL entry
|
||||
*
|
||||
* @return A clone of this ACL entry
|
||||
*/
|
||||
Object clone();
|
||||
}
|
||||
@@ -1,60 +0,0 @@
|
||||
/* AclNotFoundException.java -- thrown when an ACL is not found
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.acl;
|
||||
|
||||
/**
|
||||
* This exception is thrown when a requested access control list (ACL) is
|
||||
* not found.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class AclNotFoundException extends Exception
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = 5684295034092681791L;
|
||||
|
||||
/**
|
||||
* Initializes a new instance of this class with no descriptive message
|
||||
*/
|
||||
public AclNotFoundException()
|
||||
{
|
||||
}
|
||||
}
|
||||
@@ -1,90 +0,0 @@
|
||||
/* Group.java -- Represents a group of Principals
|
||||
Copyright (C) 1998, 2001 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.acl;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.Enumeration;
|
||||
|
||||
/**
|
||||
* This interface represents a group of <code>Principals</code>. Note that
|
||||
* since this interface extends <code>Principal</code>, a <code>Group</code>
|
||||
* can be used where ever a <code>Principal</code> is requested. This
|
||||
* includes arguments to the methods in this interface.
|
||||
*
|
||||
* @version 0.0
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
*/
|
||||
public interface Group extends Principal
|
||||
{
|
||||
/**
|
||||
* This method adds a new <code>Principal</code> to this group.
|
||||
*
|
||||
* @param user The new <code>Principal</code> to add
|
||||
*
|
||||
* @return <code>true</code> if the user was successfully added or <code>false</code> if the user is already a member
|
||||
*/
|
||||
boolean addMember(Principal user);
|
||||
|
||||
/**
|
||||
* This method deletes a member from the group.
|
||||
*
|
||||
* @param user The <code>Principal</code> to delete
|
||||
*
|
||||
* @return <code>true</code> if the user was successfully deleted or <code>false</code> if the user is not a member of the group
|
||||
*/
|
||||
boolean removeMember(Principal user);
|
||||
|
||||
/**
|
||||
* This method tests whether or not a given <code>Principal</code> is a
|
||||
* member of this group.
|
||||
*
|
||||
* @param user The <code>Principal</code> to test for membership
|
||||
*
|
||||
* @return <code>true</code> if the user is member, <code>false</code> otherwise
|
||||
*/
|
||||
boolean isMember(Principal member);
|
||||
|
||||
/**
|
||||
* This method returns a list of all members of the group as an
|
||||
* <code>Enumeration</code>.
|
||||
*
|
||||
* @return The list of all members of the group
|
||||
*/
|
||||
Enumeration members();
|
||||
}
|
||||
@@ -1,62 +0,0 @@
|
||||
/* LastOwnerException.java -- User attempted to delete last ACL owner
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.acl;
|
||||
|
||||
/**
|
||||
* This exception is thrown when an attempt is made to delete the last owner
|
||||
* of an access control list (ACL)
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @see Owner#deleteOwner(java.security.Principal, java.security.Principal)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class LastOwnerException extends Exception
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -5141997548211140359L;
|
||||
|
||||
/**
|
||||
* Initialize a new instance of <code>LastOwnerException</code> that does
|
||||
* not have a log message.
|
||||
*/
|
||||
public LastOwnerException()
|
||||
{
|
||||
}
|
||||
}
|
||||
@@ -1,62 +0,0 @@
|
||||
/* NotOwnerException.java -- Attempt to modify an unowned ACL
|
||||
Copyright (C) 1998, 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.acl;
|
||||
|
||||
/**
|
||||
* This exception is thrown whenever an operation is attempted that requires
|
||||
* the caller to be the owner of the access control list (ACL) when the caller
|
||||
* is in fact not the owner of the ACL.
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class NotOwnerException extends Exception
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.1+.
|
||||
*/
|
||||
private static final long serialVersionUID = -5555597911163362399L;
|
||||
|
||||
/**
|
||||
* Initializes a new instance of <code>NotOwnerException</code> that does
|
||||
* not have a descriptive message.
|
||||
*/
|
||||
public NotOwnerException()
|
||||
{
|
||||
}
|
||||
}
|
||||
@@ -1,95 +0,0 @@
|
||||
/* Owner.java -- ACL owner
|
||||
Copyright (C) 1998 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.acl;
|
||||
|
||||
import java.security.Principal;
|
||||
|
||||
/**
|
||||
* This interface provides a mechanism for maintaining a list of owners
|
||||
* of an access control list (ACL). Since a <code>Principal</code> must
|
||||
* be an owner in order to modify the owner list, a mechanism must be
|
||||
* provided to specify the initial owner of the ACL. The proper way to do
|
||||
* this is for the implementing class to specify the initial owner in
|
||||
* the contructor for that class.
|
||||
*
|
||||
* @version 0.0
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
*/
|
||||
public interface Owner
|
||||
{
|
||||
/**
|
||||
* This method adds an owner to the access control list (ACL). Only a
|
||||
* <code>Principal</code> who is already an owner can perform this operation.
|
||||
*
|
||||
* @param caller The <code>Principal</code> who is requesting that an owner be added
|
||||
* @param owner The <code>Principal</code> to add as a new owner
|
||||
*
|
||||
* @param <code>true</code> if the new owner was successfully added or <code>false</code> if the specified new owner is already an owner
|
||||
*
|
||||
* @exception NotOwnerException If the caller is not already an owner of this ACL
|
||||
*/
|
||||
boolean addOwner(Principal caller, Principal owner)
|
||||
throws NotOwnerException;
|
||||
|
||||
/**
|
||||
* This method delets an owner from the access control list (ACL). Only a
|
||||
* <code>Principal</code> who is an owner can perform this operation. An
|
||||
* owner can delete itself from the list. If there is only one
|
||||
* owner remaining on this list, any attempt to delete it will throw an
|
||||
* exception.
|
||||
*
|
||||
* @param caller The <code>Principal</code> who is requesting that an owner be deleted
|
||||
* @param owner The <code>Principal</code> to delete as an owner
|
||||
*
|
||||
* @param <code>true</code> if the new owner was successfully deleted or <code>false</code> if the specified owner is not currently an owner
|
||||
*
|
||||
* @exception NotOwnerException If the caller is not already an owner of this ACL
|
||||
* @exception LastOwnerException If completing the operation would delete the last ACL owner
|
||||
*/
|
||||
boolean deleteOwner(Principal caller, Principal owner)
|
||||
throws NotOwnerException, LastOwnerException;
|
||||
|
||||
/**
|
||||
* This method tests whether or not a given <code>Principal</code> is an
|
||||
* owner of this access control list (ACL).
|
||||
*
|
||||
* @return <code>true</code> if the <code>Principal</code> is an owner, <code>false</code> otherwise
|
||||
*/
|
||||
boolean isOwner(Principal owner);
|
||||
}
|
||||
@@ -1,67 +0,0 @@
|
||||
/* Permission.java -- Information about an ACL permission
|
||||
Copyright (C) 1998 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.acl;
|
||||
|
||||
/**
|
||||
* This interface provides information about a permission that can be
|
||||
* granted. Note that this is <em>not</em> the same as the class
|
||||
* <code>java.security.Permission</code>.
|
||||
*
|
||||
* @version 0.0
|
||||
*
|
||||
* @author Aaron M. Renn (arenn@urbanophile.com)
|
||||
*/
|
||||
public interface Permission
|
||||
{
|
||||
/**
|
||||
* This method tests whether or not a specified <code>Permission</code>
|
||||
* (passed as an <code>Object</code>) is the same as this permission.
|
||||
*
|
||||
* @param perm The permission to check for equality
|
||||
*
|
||||
* @return <code>true</code> if the specified permission is the same as this one, <code>false</code> otherwise
|
||||
*/
|
||||
boolean equals (Object perm);
|
||||
|
||||
/**
|
||||
* This method returns this <code>Permission</code> as a <code>String</code>.
|
||||
*
|
||||
* @return A <code>String</code> representing this permission.
|
||||
*/
|
||||
String toString();
|
||||
}
|
||||
@@ -1,98 +0,0 @@
|
||||
/* CRL.java --- Certificate Revocation List
|
||||
Copyright (C) 1999 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
Certificate Revocation List class for managing CRLs that
|
||||
have different formats but the same general use. They
|
||||
all serve as lists of revoked certificates and can
|
||||
be queried for a given certificate.
|
||||
|
||||
Specialized CRLs extend this class.
|
||||
|
||||
@author Mark Benvenuto
|
||||
|
||||
@since JDK 1.2
|
||||
*/
|
||||
public abstract class CRL
|
||||
{
|
||||
|
||||
private String type;
|
||||
|
||||
/**
|
||||
Creates a new CRL for the specified type. An example
|
||||
is "X.509".
|
||||
|
||||
@param type the standard name for the CRL type.
|
||||
*/
|
||||
protected CRL(String type)
|
||||
{
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the CRL type.
|
||||
|
||||
@return a string representing the CRL type
|
||||
*/
|
||||
public final String getType()
|
||||
{
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns a string representing the CRL.
|
||||
|
||||
@return a string representing the CRL.
|
||||
*/
|
||||
public abstract String toString();
|
||||
|
||||
/**
|
||||
Determines whether or not the specified Certificate
|
||||
is revoked.
|
||||
|
||||
@param cert A certificate to check if it is revoked
|
||||
|
||||
@return true if the certificate is revoked,
|
||||
false otherwise.
|
||||
*/
|
||||
public abstract boolean isRevoked(Certificate cert);
|
||||
|
||||
|
||||
}
|
||||
@@ -1,73 +0,0 @@
|
||||
/* CRLException.java -- Certificate Revocation List Exception
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.security.GeneralSecurityException;
|
||||
|
||||
/**
|
||||
* Exception for a Certificate Revocation List.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CRLException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = -6694728944094197147L;
|
||||
|
||||
/**
|
||||
* Constructs an CRLExceptionwithout a message string.
|
||||
*/
|
||||
public CRLException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an CRLException with a message string.
|
||||
*
|
||||
* @param msg a message to display with exception
|
||||
*/
|
||||
public CRLException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,69 +0,0 @@
|
||||
/* CRLSelector.java -- matches CRLs against criteria.
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* A generic interface to classes that match certificate revocation
|
||||
* lists (CRLs) to some given criteria. Implementations of this
|
||||
* interface are useful for finding {@link CRL} objects in a {@link
|
||||
* CertStore}.
|
||||
*
|
||||
* @see CertStore
|
||||
* @see CertSelector
|
||||
* @see X509CRLSelector
|
||||
*/
|
||||
public interface CRLSelector extends Cloneable
|
||||
{
|
||||
|
||||
/**
|
||||
* Returns a clone of this instance.
|
||||
*
|
||||
* @return The clone.
|
||||
*/
|
||||
Object clone();
|
||||
|
||||
/**
|
||||
* Match a given certificate revocation list to this selector's
|
||||
* criteria, returning true if it matches, false otherwise.
|
||||
*
|
||||
* @param crl The certificate revocation list to test.
|
||||
* @return The boolean result of this test.
|
||||
*/
|
||||
boolean match(CRL crl);
|
||||
}
|
||||
@@ -1,252 +0,0 @@
|
||||
/* CertPath.java -- a sequence of certificates
|
||||
Copyright (C) 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.NotSerializableException;
|
||||
import java.io.ObjectStreamException;
|
||||
import java.io.Serializable;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This class represents an immutable sequence, or path, of security
|
||||
* certificates. The path type must match the type of each certificate in the
|
||||
* path, or in other words, for all instances of cert in a certpath object,
|
||||
* <code>cert.getType().equals(certpath.getType())</code> will return true.
|
||||
*
|
||||
* <p>Since this class is immutable, it is thread-safe. During serialization,
|
||||
* the path is consolidated into a {@link CertPathRep}, which preserves the
|
||||
* data regardless of the underlying implementation of the path.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @since 1.4
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public abstract class CertPath implements Serializable
|
||||
{
|
||||
/**
|
||||
* The serialized representation of a path.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
*/
|
||||
protected static class CertPathRep implements Serializable
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.4+.
|
||||
*/
|
||||
private static final long serialVersionUID = 3015633072427920915L;
|
||||
|
||||
/**
|
||||
* The certificate type.
|
||||
*
|
||||
* @serial the type of the certificate path
|
||||
*/
|
||||
private final String type;
|
||||
|
||||
/**
|
||||
* The encoded form of the path.
|
||||
*
|
||||
* @serial the encoded form
|
||||
*/
|
||||
private final byte[] data;
|
||||
|
||||
/**
|
||||
* Create the new serial representation.
|
||||
*
|
||||
* @param type the path type
|
||||
* @param data the encoded path data
|
||||
*/
|
||||
protected CertPathRep(String type, byte[] data)
|
||||
{
|
||||
this.type = type;
|
||||
this.data = data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Decode the data into an actual {@link CertPath} upon deserialization.
|
||||
*
|
||||
* @return the replacement object
|
||||
* @throws ObjectStreamException if replacement fails
|
||||
*/
|
||||
protected Object readResolve() throws ObjectStreamException
|
||||
{
|
||||
try
|
||||
{
|
||||
return CertificateFactory.getInstance(type)
|
||||
.generateCertPath(new ByteArrayInputStream(data));
|
||||
}
|
||||
catch (CertificateException e)
|
||||
{
|
||||
throw (ObjectStreamException)
|
||||
new NotSerializableException("java.security.cert.CertPath: "
|
||||
+ type).initCause(e);
|
||||
}
|
||||
}
|
||||
} // class CertPathRep
|
||||
|
||||
/**
|
||||
* Compatible with JDK 1.4+.
|
||||
*/
|
||||
private static final long serialVersionUID = 6068470306649138683L;
|
||||
|
||||
/**
|
||||
* The path type.
|
||||
*
|
||||
* @serial the type of all certificates in this path
|
||||
*/
|
||||
private final String type;
|
||||
|
||||
/**
|
||||
* Create a certificate path with the given type. Most code should use
|
||||
* {@link CertificateFactory} to create CertPaths.
|
||||
*
|
||||
* @param type the type of the path
|
||||
*/
|
||||
protected CertPath(String type)
|
||||
{
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the (non-null) type of all certificates in the path.
|
||||
*
|
||||
* @return the path certificate type
|
||||
*/
|
||||
public String getType()
|
||||
{
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an immutable iterator over the path encodings (all String names),
|
||||
* starting with the default encoding. The iterator will throw an
|
||||
* <code>UnsupportedOperationException</code> if an attempt is made to
|
||||
* remove items from the list.
|
||||
*
|
||||
* @return the iterator of supported encodings in the path
|
||||
*/
|
||||
public abstract Iterator getEncodings();
|
||||
|
||||
/**
|
||||
* Compares this path to another for semantic equality. To be equal, both
|
||||
* must be instances of CertPath, with the same type, and identical
|
||||
* certificate lists. Overriding classes must not change this behavior.
|
||||
*
|
||||
* @param o the object to compare to
|
||||
* @return true if the two are equal
|
||||
*/
|
||||
public boolean equals(Object o)
|
||||
{
|
||||
if (! (o instanceof CertPath))
|
||||
return false;
|
||||
CertPath cp = (CertPath) o;
|
||||
return type.equals(cp.type)
|
||||
&& getCertificates().equals(cp.getCertificates());
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the hashcode of this certificate path. This is defined as:<br>
|
||||
* <code>31 * getType().hashCode() + getCertificates().hashCode()</code>.
|
||||
*
|
||||
* @return the hashcode
|
||||
*/
|
||||
public int hashCode()
|
||||
{
|
||||
return 31 * type.hashCode() + getCertificates().hashCode();
|
||||
}
|
||||
|
||||
public String toString()
|
||||
{
|
||||
List l = getCertificates();
|
||||
int size = l.size();
|
||||
int i = 0;
|
||||
StringBuffer result = new StringBuffer(type);
|
||||
result.append(" Cert Path: length = ").append(size).append(".\n[\n");
|
||||
while (--size >= 0)
|
||||
result.append(l.get(i++)).append('\n');
|
||||
return result.append("\n]").toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the encoded form of this path, via the default encoding.
|
||||
*
|
||||
* @return the encoded form
|
||||
* @throws CertificateEncodingException if encoding fails
|
||||
*/
|
||||
public abstract byte[] getEncoded() throws CertificateEncodingException;
|
||||
|
||||
/**
|
||||
* Returns the encoded form of this path, via the specified encoding.
|
||||
*
|
||||
* @param encoding the encoding to use
|
||||
* @return the encoded form
|
||||
* @throws CertificateEncodingException if encoding fails or does not exist
|
||||
*/
|
||||
public abstract byte[] getEncoded(String encoding)
|
||||
throws CertificateEncodingException;
|
||||
|
||||
/**
|
||||
* Returns the immutable, thread-safe list of certificates in this path.
|
||||
*
|
||||
* @return the list of certificates, non-null but possibly empty
|
||||
*/
|
||||
public abstract List getCertificates();
|
||||
|
||||
/**
|
||||
* Serializes the path in its encoded form, to ensure reserialization with
|
||||
* the appropriate factory object without worrying about list implementation.
|
||||
* The result will always be an instance of {@link CertPathRep}.
|
||||
*
|
||||
* @return the replacement object
|
||||
* @throws ObjectStreamException if the replacement creation fails
|
||||
*/
|
||||
protected Object writeReplace() throws ObjectStreamException
|
||||
{
|
||||
try
|
||||
{
|
||||
return new CertPathRep(type, getEncoded());
|
||||
}
|
||||
catch (CertificateEncodingException e)
|
||||
{
|
||||
throw (ObjectStreamException)
|
||||
new NotSerializableException("java.security.cert.CertPath: "
|
||||
+ type).initCause(e);
|
||||
}
|
||||
}
|
||||
} // class CertPath
|
||||
@@ -1,238 +0,0 @@
|
||||
/* CertPathBuilder.java -- bulids CertPath objects from Certificates.
|
||||
Copyright (C) 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.Provider;
|
||||
import java.security.Security;
|
||||
|
||||
/**
|
||||
* This class builds certificate paths (also called certificate chains),
|
||||
* which can be used to establish trust for a particular certificate by
|
||||
* building a path from a trusted certificate (a trust anchor) to the
|
||||
* untrusted certificate.
|
||||
*
|
||||
* @see CertPath
|
||||
*/
|
||||
public class CertPathBuilder
|
||||
{
|
||||
|
||||
// Constants and fields.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/** Service name for CertPathBuilder. */
|
||||
private static final String CERT_PATH_BUILDER = "CertPathBuilder";
|
||||
|
||||
/** The underlying implementation. */
|
||||
private CertPathBuilderSpi cpbSpi;
|
||||
|
||||
/** The provider of this implementation. */
|
||||
private Provider provider;
|
||||
|
||||
/** The name of this implementation. */
|
||||
private String algorithm;
|
||||
|
||||
// Constructor.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Creates a new CertPathBuilder.
|
||||
*
|
||||
* @param cpbSpi The underlying implementation.
|
||||
* @param provider The provider of the implementation.
|
||||
* @param algorithm This implementation's name.
|
||||
*/
|
||||
protected CertPathBuilder(CertPathBuilderSpi cpbSpi, Provider provider,
|
||||
String algorithm)
|
||||
{
|
||||
this.cpbSpi = cpbSpi;
|
||||
this.provider = provider;
|
||||
this.algorithm = algorithm;
|
||||
}
|
||||
|
||||
// Class methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Get the default cert path builder type.
|
||||
*
|
||||
* <p>This value can be set at run-time by the security property
|
||||
* <code>"certpathbuilder.type"</code>. If this property is not set,
|
||||
* then the value returned is <code>"PKIX"</code>.
|
||||
*
|
||||
* @return The default CertPathBuilder algorithm.
|
||||
*/
|
||||
public static final String getDefaultType()
|
||||
{
|
||||
String type = Security.getProperty("certpathbuilder.type");
|
||||
if (type == null)
|
||||
type = "PKIX";
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of a named CertPathBuilder, from the first provider
|
||||
* that implements it.
|
||||
*
|
||||
* @param algorithm The name of the CertPathBuilder to create.
|
||||
* @return The new instance.
|
||||
* @throws NoSuchAlgorithmException If no installed provider
|
||||
* implements the named algorithm.
|
||||
*/
|
||||
public static CertPathBuilder getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignored.
|
||||
}
|
||||
}
|
||||
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of a named CertPathBuilder from the named
|
||||
* provider.
|
||||
*
|
||||
* @param algorithm The name of the CertPathBuilder to create.
|
||||
* @param provider The name of the provider from which to get the
|
||||
* implementation.
|
||||
* @return The new instance.
|
||||
* @throws NoSuchAlgorithmException If no installed provider
|
||||
* implements the named algorithm.
|
||||
* @throws NoSuchProviderException If the named provider does not
|
||||
* exist.
|
||||
*/
|
||||
public static CertPathBuilder getInstance(String algorithm, String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of a named CertPathBuilder from the specified
|
||||
* provider.
|
||||
*
|
||||
* @param algorithm The name of the CertPathBuilder to create.
|
||||
* @param provider The provider from which to get the implementation.
|
||||
* @return The new instance.
|
||||
* @throws NoSuchAlgorithmException If no installed provider
|
||||
* implements the named algorithm.
|
||||
* @throws IllegalArgumentException If <i>provider</i> in
|
||||
* <tt>null</tt>.
|
||||
*/
|
||||
public static CertPathBuilder getInstance(String algorithm, Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("null provider");
|
||||
try
|
||||
{
|
||||
return new CertPathBuilder((CertPathBuilderSpi)
|
||||
Engine.getInstance(CERT_PATH_BUILDER, algorithm, provider),
|
||||
provider, algorithm);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
}
|
||||
|
||||
// Instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Return the name of this CertPathBuilder algorithm.
|
||||
*
|
||||
* @return The algorithm name.
|
||||
*/
|
||||
public final String getAlgorithm()
|
||||
{
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the provider of this instance's implementation.
|
||||
*
|
||||
* @return The provider.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Builds a certificate path. The {@link CertPathParameters} parameter
|
||||
* passed to this method is implementation-specific, but in general
|
||||
* should contain some number of certificates and some number of
|
||||
* trusted certificates (or "trust anchors").
|
||||
*
|
||||
* @param params The parameters.
|
||||
* @retrun The certificate path result.
|
||||
* @throws CertPathBuilderException If the certificate path cannot be
|
||||
* built.
|
||||
* @throws InvalidAlgorithmParameterException If the implementation
|
||||
* rejects the specified parameters.
|
||||
*/
|
||||
public final CertPathBuilderResult build(CertPathParameters params)
|
||||
throws CertPathBuilderException, InvalidAlgorithmParameterException
|
||||
{
|
||||
return cpbSpi.engineBuild(params);
|
||||
}
|
||||
}
|
||||
@@ -1,159 +0,0 @@
|
||||
/* CertPathBuilderException.java -- wraps an exception during certificate
|
||||
path building
|
||||
Copyright (C) 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.io.PrintStream;
|
||||
import java.io.PrintWriter;
|
||||
import java.security.GeneralSecurityException;
|
||||
|
||||
/**
|
||||
* Indicates a problem while using a <code>CertPathBuilder</code>, wrapping
|
||||
* the lower exception. This class is not thread-safe.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @see CertPathBuilder
|
||||
* @since 1.4
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CertPathBuilderException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.4+.
|
||||
*/
|
||||
private static final long serialVersionUID = 5316471420178794402L;
|
||||
|
||||
/**
|
||||
* Create an exception without a message. The cause may be initialized.
|
||||
*/
|
||||
public CertPathBuilderException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a message. The cause may be initialized.
|
||||
*
|
||||
* @param msg a message to display with exception
|
||||
*/
|
||||
public CertPathBuilderException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a cause. The message will be
|
||||
* <code>cause == null ? null : cause.toString()</code>.
|
||||
*
|
||||
* @param cause the cause
|
||||
*/
|
||||
public CertPathBuilderException(Throwable cause)
|
||||
{
|
||||
this(cause == null ? null : cause.toString(), cause);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a cause and a message.
|
||||
*
|
||||
* @param msg the message
|
||||
* @param cause the cause
|
||||
*/
|
||||
public CertPathBuilderException(String msg, Throwable cause)
|
||||
{
|
||||
super(msg);
|
||||
initCause(cause);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the detail message.
|
||||
*
|
||||
* @return the detail message
|
||||
*/
|
||||
public String getMessage()
|
||||
{
|
||||
return super.getMessage();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the cause, null if unknown.
|
||||
*
|
||||
* @return the cause
|
||||
*/
|
||||
public Throwable getCause()
|
||||
{
|
||||
return super.getCause();
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert this to a string, including its cause.
|
||||
*
|
||||
* @return the string conversion
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return super.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to <code>System.err</code>.
|
||||
*/
|
||||
public void printStackTrace()
|
||||
{
|
||||
super.printStackTrace();
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to a stream.
|
||||
*
|
||||
* @param stream the stream
|
||||
*/
|
||||
public void printStackTrace(PrintStream stream)
|
||||
{
|
||||
super.printStackTrace(stream);
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to a stream.
|
||||
*
|
||||
* @param stream the stream
|
||||
*/
|
||||
public void printStackTrace(PrintWriter stream)
|
||||
{
|
||||
super.printStackTrace(stream);
|
||||
}
|
||||
}
|
||||
@@ -1,63 +0,0 @@
|
||||
/* CertPathBuilderResult -- results from building cert paths.
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* A standard interface for the result of building a certificate path.
|
||||
* All implementations of this class must provide a way to get the
|
||||
* certificate path, but may also define additional methods for
|
||||
* returning other result data generated by the certificate path
|
||||
* builder.
|
||||
*/
|
||||
public interface CertPathBuilderResult extends Cloneable {
|
||||
|
||||
/**
|
||||
* Creates a copy of this builder result.
|
||||
*
|
||||
* @return The copy.
|
||||
*/
|
||||
Object clone();
|
||||
|
||||
/**
|
||||
* Get the certificate path that was built.
|
||||
*
|
||||
* @retrn The certificate path.
|
||||
*/
|
||||
CertPath getCertPath();
|
||||
}
|
||||
@@ -1,74 +0,0 @@
|
||||
/* CertPathBuilderSpi -- CertPathBuilder service provider interface.
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* The {@link CertPathBuilder} <i>Service Provider Interface</i>
|
||||
* (<b>SPI</b>).
|
||||
*
|
||||
* @see CertPathBuilder
|
||||
*/
|
||||
public abstract class CertPathBuilderSpi {
|
||||
|
||||
// Constructors.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Creates a new CertPathBuilderSpi.
|
||||
*/
|
||||
public CertPathBuilderSpi() {
|
||||
super();
|
||||
}
|
||||
|
||||
// Abstract methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Creates a certificate path from the specified parameters.
|
||||
*
|
||||
* @param params The parameters to use.
|
||||
* @return The certificate path result.
|
||||
* @throws CertPathBuilderException If the certificate path cannot be
|
||||
* built.
|
||||
* @throws java.security.InvalidAlgorithmParameterException If the
|
||||
* implementation rejects the specified parameters.
|
||||
*/
|
||||
public abstract CertPathBuilderResult engineBuild(CertPathParameters params)
|
||||
throws CertPathBuilderException,
|
||||
java.security.InvalidAlgorithmParameterException;
|
||||
}
|
||||
@@ -1,58 +0,0 @@
|
||||
/* CertPathParameters.java -- parameters for CertPathBuilder.
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* Parameters for generating and validating certificate paths. This
|
||||
* class does not define any methods (except a required cloneable
|
||||
* interface) and is provided only to provide type safety for
|
||||
* implementations. Concrete implementations implement this interface
|
||||
* in accord with thier own needs.
|
||||
*
|
||||
* @see CertPathBuilder
|
||||
* @see CertPathValidator
|
||||
*/
|
||||
public interface CertPathParameters extends Cloneable {
|
||||
|
||||
/**
|
||||
* Makes a copy of this CertPathParameters instance.
|
||||
*
|
||||
* @return The copy.
|
||||
*/
|
||||
Object clone();
|
||||
}
|
||||
@@ -1,249 +0,0 @@
|
||||
/* CertPathValidator -- validates certificate paths.
|
||||
Copyright (C) 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.security.AccessController;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.security.Provider;
|
||||
import java.security.Security;
|
||||
|
||||
/**
|
||||
* Generic interface to classes that validate certificate paths.
|
||||
*
|
||||
* <p>Using this class is similar to all the provider-based security
|
||||
* classes; the method of interest, {@link
|
||||
* #validate(java.security.cert.CertPath,java.security.cert.CertPathParameters)},
|
||||
* which takes provider-specific implementations of {@link
|
||||
* CertPathParameters}, and return provider-specific implementations of
|
||||
* {@link CertPathValidatorResult}.
|
||||
*
|
||||
* @since JDK 1.4
|
||||
* @see CertPath
|
||||
*/
|
||||
public class CertPathValidator {
|
||||
|
||||
// Constants and fields.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/** Service name for CertPathValidator. */
|
||||
private static final String CERT_PATH_VALIDATOR = "CertPathValidator";
|
||||
|
||||
/** The underlying implementation. */
|
||||
private final CertPathValidatorSpi validatorSpi;
|
||||
|
||||
/** The provider of this implementation. */
|
||||
private final Provider provider;
|
||||
|
||||
/** The algorithm's name. */
|
||||
private final String algorithm;
|
||||
|
||||
// Constructor.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Creates a new CertPathValidator.
|
||||
*
|
||||
* @param validatorSpi The underlying implementation.
|
||||
* @param provider The provider of the implementation.
|
||||
* @param algorithm The algorithm name.
|
||||
*/
|
||||
protected CertPathValidator(CertPathValidatorSpi validatorSpi,
|
||||
Provider provider, String algorithm)
|
||||
{
|
||||
this.validatorSpi = validatorSpi;
|
||||
this.provider = provider;
|
||||
this.algorithm = algorithm;
|
||||
}
|
||||
|
||||
// Class methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Returns the default validator type.
|
||||
*
|
||||
* <p>This value may be set at run-time via the security property
|
||||
* "certpathvalidator.type", or the value "PKIX" if this property is
|
||||
* not set.
|
||||
*
|
||||
* @return The default validator type.
|
||||
*/
|
||||
public static synchronized String getDefaultType() {
|
||||
String type = (String) AccessController.doPrivileged(
|
||||
new PrivilegedAction()
|
||||
{
|
||||
public Object run()
|
||||
{
|
||||
return Security.getProperty("certpathvalidator.type");
|
||||
}
|
||||
}
|
||||
);
|
||||
if (type == null)
|
||||
type = "PKIX";
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of the given validator from the first provider that
|
||||
* implements it.
|
||||
*
|
||||
* @param algorithm The name of the algorithm to get.
|
||||
* @return The new instance.
|
||||
* @throws NoSuchAlgorithmException If no installed provider
|
||||
* implements the requested algorithm.
|
||||
*/
|
||||
public static CertPathValidator getInstance(String algorithm)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(algorithm, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignored.
|
||||
}
|
||||
}
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of the given validator from the named provider.
|
||||
*
|
||||
* @param algorithm The name of the algorithm to get.
|
||||
* @param provider The name of the provider from which to get the
|
||||
* implementation.
|
||||
* @return The new instance.
|
||||
* @throws NoSuchAlgorithmException If the named provider does not
|
||||
* implement the algorithm.
|
||||
* @throws NoSuchProviderException If no provider named
|
||||
* <i>provider</i> is installed.
|
||||
*/
|
||||
public static CertPathValidator getInstance(String algorithm,
|
||||
String provider)
|
||||
throws NoSuchAlgorithmException, NoSuchProviderException
|
||||
{
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(algorithm, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of the given validator from the given provider.
|
||||
*
|
||||
* @param algorithm The name of the algorithm to get.
|
||||
* @param provider The provider from which to get the implementation.
|
||||
* @return The new instance.
|
||||
* @throws NoSuchAlgorithmException If the provider does not implement
|
||||
* the algorithm.
|
||||
* @throws IllegalArgumentException If <i>provider</i> is null.
|
||||
*/
|
||||
public static CertPathValidator getInstance(String algorithm,
|
||||
Provider provider)
|
||||
throws NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("null provider");
|
||||
|
||||
try
|
||||
{
|
||||
return new CertPathValidator((CertPathValidatorSpi)
|
||||
Engine.getInstance(CERT_PATH_VALIDATOR, algorithm, provider),
|
||||
provider, algorithm);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(algorithm);
|
||||
}
|
||||
}
|
||||
|
||||
// Instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Return the name of this validator.
|
||||
*
|
||||
* @return This validator's name.
|
||||
*/
|
||||
public final String getAlgorithm()
|
||||
{
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the provider of this implementation.
|
||||
*
|
||||
* @return The provider.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Attempt to validate a certificate path.
|
||||
*
|
||||
* @param certPath The path to validate.
|
||||
* @param params The algorithm-specific parameters.
|
||||
* @return The result of this validation attempt.
|
||||
* @throws CertPathValidatorException If the certificate path cannot
|
||||
* be validated.
|
||||
* @throws InvalidAlgorithmParameterException If this implementation
|
||||
* rejects the specified parameters.
|
||||
*/
|
||||
public final CertPathValidatorResult validate(CertPath certPath,
|
||||
CertPathParameters params)
|
||||
throws CertPathValidatorException, InvalidAlgorithmParameterException
|
||||
{
|
||||
return validatorSpi.engineValidate(certPath, params);
|
||||
}
|
||||
}
|
||||
@@ -1,226 +0,0 @@
|
||||
/* CertPathValidatorException.java -- wraps an exception during validation
|
||||
of a CertPath
|
||||
Copyright (C) 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.io.PrintStream;
|
||||
import java.io.PrintWriter;
|
||||
import java.security.GeneralSecurityException;
|
||||
|
||||
/**
|
||||
* Indicates a problem while validating a certification path. In addition,
|
||||
* it can store the path an index in that path that caused the problem. This
|
||||
* class is not thread-safe.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @see CertPathValidator
|
||||
* @since 1.4
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CertPathValidatorException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.4+.
|
||||
*/
|
||||
private static final long serialVersionUID = -3083180014971893139L;
|
||||
|
||||
/**
|
||||
* The index of the certificate path that failed, or -1.
|
||||
*
|
||||
* @serial the failed index
|
||||
*/
|
||||
private final int index;
|
||||
|
||||
/**
|
||||
* The <code>CertPath</code> that failed.
|
||||
*
|
||||
* @serial the object being validated at time of failure
|
||||
*/
|
||||
private final CertPath certPath;
|
||||
|
||||
/**
|
||||
* Create an exception without a message. The cause may be initialized. The
|
||||
* index is set to -1 and the failed CertPath object to null.
|
||||
*/
|
||||
public CertPathValidatorException()
|
||||
{
|
||||
this((String) null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a message. The cause may be initialized. The
|
||||
* index is set to -1 and the failed CertPath object to null.
|
||||
*
|
||||
* @param msg a message to display with exception
|
||||
*/
|
||||
public CertPathValidatorException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
index = -1;
|
||||
certPath = null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a cause. The message will be
|
||||
* <code>cause == null ? null : cause.toString()</code>. The index is set
|
||||
* to -1 and the failed CertPath object to null.
|
||||
*
|
||||
* @param cause the cause
|
||||
*/
|
||||
public CertPathValidatorException(Throwable cause)
|
||||
{
|
||||
this(cause == null ? null : cause.toString(), cause, null, -1);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a cause and a message. The index is set to -1
|
||||
* and the failed CertPath object to null.
|
||||
*
|
||||
* @param msg the message
|
||||
* @param cause the cause
|
||||
*/
|
||||
public CertPathValidatorException(String msg, Throwable cause)
|
||||
{
|
||||
this(msg, cause, null, -1);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a cause, message, failed object, and index of
|
||||
* failure in that CertPath.
|
||||
*
|
||||
* @param msg the message
|
||||
* @param cause the cause
|
||||
* @param certPath the path that was being validated, or null
|
||||
* @param index the index of the path, or -1
|
||||
* @throws IndexOutOfBoundsException if index is < -1 or
|
||||
* > certPath.getCertificates().size()
|
||||
* @throws IllegalArgumentException if certPath is null but index != -1
|
||||
*/
|
||||
public CertPathValidatorException(String msg, Throwable cause,
|
||||
CertPath certPath, int index)
|
||||
{
|
||||
super(msg);
|
||||
initCause(cause);
|
||||
if (index < -1 || (certPath != null
|
||||
&& index >= certPath.getCertificates().size()))
|
||||
throw new IndexOutOfBoundsException();
|
||||
if ((certPath == null) != (index == -1))
|
||||
throw new IllegalArgumentException();
|
||||
this.certPath = certPath;
|
||||
this.index = index;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the detail message.
|
||||
*
|
||||
* @return the detail message
|
||||
*/
|
||||
public String getMessage()
|
||||
{
|
||||
return super.getMessage();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the certificate path that had the failure, or null.
|
||||
*
|
||||
* @return the culprit path
|
||||
*/
|
||||
public CertPath getCertPath()
|
||||
{
|
||||
return certPath;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the index that failed, or -1.
|
||||
*
|
||||
* @return the colprit index
|
||||
*/
|
||||
public int getIndex()
|
||||
{
|
||||
return index;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the cause, null if unknown.
|
||||
*
|
||||
* @return the cause
|
||||
*/
|
||||
public Throwable getCause()
|
||||
{
|
||||
return super.getCause();
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert this to a string, including its cause.
|
||||
*
|
||||
* @return the string conversion
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return super.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to <code>System.err</code>.
|
||||
*/
|
||||
public void printStackTrace()
|
||||
{
|
||||
super.printStackTrace();
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to a stream.
|
||||
*
|
||||
* @param stream the stream
|
||||
*/
|
||||
public void printStackTrace(PrintStream stream)
|
||||
{
|
||||
super.printStackTrace(stream);
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to a stream.
|
||||
*
|
||||
* @param stream the stream
|
||||
*/
|
||||
public void printStackTrace(PrintWriter stream)
|
||||
{
|
||||
super.printStackTrace(stream);
|
||||
}
|
||||
}
|
||||
@@ -1,63 +0,0 @@
|
||||
/* CertPathValidatorResult -- result of validating certificate paths
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* Interface to the result of calling {@link
|
||||
* CertPathValidator#validate(java.security.cert.CertPath,java.security.cert.CertPathParameters)}.
|
||||
*
|
||||
* <p>This interface defines no methods other than the required
|
||||
* {@link java.lang.Cloneable} interface, and is intended to group and
|
||||
* provide type safety for validator results. Providers that implement
|
||||
* a certificate path validator must also provide an implementation of
|
||||
* this interface, possibly defining additional methods.
|
||||
*
|
||||
* @since JDK 1.4
|
||||
* @see CertPathValidator
|
||||
*/
|
||||
public interface CertPathValidatorResult extends Cloneable
|
||||
{
|
||||
|
||||
/**
|
||||
* Returns a copy of this validator result.
|
||||
*
|
||||
* @return The copy.
|
||||
*/
|
||||
Object clone();
|
||||
}
|
||||
@@ -1,79 +0,0 @@
|
||||
/* CertPathValidatorSpi -- cert path validator service provider interface
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* The <i>service provider interface</i> (<b>SPI</b>) for the {@link
|
||||
* CertPathValidator} class. Providers implementing certificate path
|
||||
* validators must subclass this class and implement its abstract
|
||||
* methods.
|
||||
*/
|
||||
public abstract class CertPathValidatorSpi
|
||||
{
|
||||
|
||||
// Constructor.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Default constructor.
|
||||
*/
|
||||
public CertPathValidatorSpi()
|
||||
{
|
||||
super();
|
||||
}
|
||||
|
||||
// Abstract methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Attempt to validate a certificate path.
|
||||
*
|
||||
* @param certPath The path to validate.
|
||||
* @param params The algorithm-specific parameters.
|
||||
* @return The result of this validation attempt.
|
||||
* @throws CertPathValidatorException If the certificate path cannot
|
||||
* be validated.
|
||||
* @throws InvalidAlgorithmParameterException If this implementation
|
||||
* rejects the specified parameters.
|
||||
*/
|
||||
public abstract CertPathValidatorResult
|
||||
engineValidate(CertPath certPath, CertPathParameters params)
|
||||
throws CertPathValidatorException,
|
||||
java.security.InvalidAlgorithmParameterException;
|
||||
}
|
||||
@@ -1,58 +0,0 @@
|
||||
/* CertSelector.java -- certificate selector interface.
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
public interface CertSelector extends Cloneable
|
||||
{
|
||||
|
||||
/**
|
||||
* Returns a copy of this CertSelector.
|
||||
*
|
||||
* @return The copy.
|
||||
*/
|
||||
Object clone();
|
||||
|
||||
/**
|
||||
* Match a certificate according to this selector's criteria.
|
||||
*
|
||||
* @param cert The certificate to match.
|
||||
* @return true if the certificate matches thin criteria.
|
||||
*/
|
||||
boolean match(Certificate cert);
|
||||
}
|
||||
@@ -1,294 +0,0 @@
|
||||
/* CertStore -- stores and retrieves certificates.
|
||||
Copyright (C) 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.security.Provider;
|
||||
import java.security.Security;
|
||||
import java.util.Collection;
|
||||
|
||||
/**
|
||||
* A CertStore is a read-only repository for certificates and
|
||||
* certificate revocation lists.
|
||||
*
|
||||
* @since JDK 1.4
|
||||
*/
|
||||
public class CertStore
|
||||
{
|
||||
|
||||
// Constants and fields.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/** Service name for CertStore. */
|
||||
private static final String CERT_STORE = "CertStore";
|
||||
|
||||
/** The underlying implementation. */
|
||||
private CertStoreSpi storeSpi;
|
||||
|
||||
/** This implementation's provider. */
|
||||
private Provider provider;
|
||||
|
||||
/** The name of this key store type. */
|
||||
private String type;
|
||||
|
||||
/** The parameters used to initialize this instance, if any. */
|
||||
private CertStoreParameters params;
|
||||
|
||||
// Constructor.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Create a new CertStore.
|
||||
*
|
||||
* @param storeSpi The underlying implementation.
|
||||
* @param provider The provider of this implementation.
|
||||
* @param type The type of CertStore this class represents.
|
||||
* @param params The parameters used to initialize this instance, if any.
|
||||
*/
|
||||
protected CertStore(CertStoreSpi storeSpi, Provider provider, String type,
|
||||
CertStoreParameters params)
|
||||
{
|
||||
this.storeSpi = storeSpi;
|
||||
this.provider = provider;
|
||||
this.type = type;
|
||||
this.params = params;
|
||||
}
|
||||
|
||||
// Class methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Returns the default certificate store type.
|
||||
*
|
||||
* <p>This value can be set at run-time via the security property
|
||||
* "certstore.type"; if not specified than the default type will be
|
||||
* "LDAP".
|
||||
*
|
||||
* @return The default CertStore type.
|
||||
*/
|
||||
public static final synchronized String getDefaultType()
|
||||
{
|
||||
String type = null;
|
||||
type = (String) java.security.AccessController.doPrivileged(
|
||||
new PrivilegedAction() {
|
||||
public Object run() {
|
||||
return Security.getProperty("certstore.type");
|
||||
}
|
||||
}
|
||||
);
|
||||
if (type == null)
|
||||
type = "LDAP";
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of the given certificate store from the first
|
||||
* installed provider.
|
||||
*
|
||||
* @param type The type of CertStore to create.
|
||||
* @param params The parameters to initialize this cert store with.
|
||||
* @return The new instance.
|
||||
* @throws InvalidAlgorithmParameterException If the instance rejects
|
||||
* the specified parameters.
|
||||
* @throws NoSuchAlgorithmException If no installed provider
|
||||
* implements the specified CertStore.
|
||||
* @throws IllegalArgumentException If <i>provider</i> is null.
|
||||
*/
|
||||
public static CertStore getInstance(String type, CertStoreParameters params)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(type, params, p[i]);
|
||||
}
|
||||
catch (NoSuchAlgorithmException e)
|
||||
{
|
||||
// Ignored.
|
||||
}
|
||||
}
|
||||
|
||||
throw new NoSuchAlgorithmException(type);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of the given certificate store from the named
|
||||
* provider.
|
||||
*
|
||||
* @param type The type of CertStore to create.
|
||||
* @param params The parameters to initialize this cert store with.
|
||||
* @param provider The name of the provider from which to get the
|
||||
* implementation.
|
||||
* @return The new instance.
|
||||
* @throws InvalidAlgorithmParameterException If the instance rejects
|
||||
* the specified parameters.
|
||||
* @throws NoSuchAlgorithmException If the specified provider does not
|
||||
* implement the specified CertStore.
|
||||
* @throws NoSuchProviderException If no provider named
|
||||
* <i>provider</i> is installed.
|
||||
* @throws IllegalArgumentException If <i>provider</i> is null.
|
||||
*/
|
||||
public static CertStore getInstance(String type, CertStoreParameters params,
|
||||
String provider)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException,
|
||||
NoSuchProviderException
|
||||
{
|
||||
Provider p = Security.getProvider(provider);
|
||||
if (p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
return getInstance(type, params, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an instance of the given certificate store from the given
|
||||
* provider.
|
||||
*
|
||||
* @param type The type of CertStore to create.
|
||||
* @param params The parameters to initialize this cert store with.
|
||||
* @param provider The provider from which to get the implementation.
|
||||
* @return The new instance.
|
||||
* @throws InvalidAlgorithmParameterException If the instance rejects
|
||||
* the specified parameters.
|
||||
* @throws NoSuchAlgorithmException If the specified provider does not
|
||||
* implement the specified CertStore.
|
||||
* @throws IllegalArgumentException If <i>provider</i> is null.
|
||||
*/
|
||||
public static CertStore getInstance(String type, CertStoreParameters params,
|
||||
Provider provider)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("null provider");
|
||||
|
||||
try
|
||||
{
|
||||
return new CertStore((CertStoreSpi) Engine.getInstance(CERT_STORE,
|
||||
type, provider, new Object[] { params }), provider, type, params);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new NoSuchAlgorithmException(type);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
Throwable cause = ite.getCause();
|
||||
if (cause instanceof InvalidAlgorithmParameterException)
|
||||
throw (InvalidAlgorithmParameterException) cause;
|
||||
else
|
||||
throw new NoSuchAlgorithmException(type);
|
||||
}
|
||||
}
|
||||
|
||||
// Instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Return the type of certificate store this instance represents.
|
||||
*
|
||||
* @return The CertStore type.
|
||||
*/
|
||||
public final String getType()
|
||||
{
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the provider of this implementation.
|
||||
*
|
||||
* @return The provider.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the parameters this instance was created with, if any. The
|
||||
* parameters will be cloned before they are returned.
|
||||
*
|
||||
* @return The parameters, or null.
|
||||
*/
|
||||
public final CertStoreParameters getCertStoreParameters()
|
||||
{
|
||||
return params != null ? (CertStoreParameters) params.clone() : null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a collection of certificates from this CertStore, optionally
|
||||
* filtered by the specified CertSelector. The Collection returned may
|
||||
* be empty, but will never be null.
|
||||
*
|
||||
* <p>Implementations may not allow a null argument, even if no
|
||||
* filtering is desired.
|
||||
*
|
||||
* @param selector The certificate selector.
|
||||
* @return The collection of certificates.
|
||||
* @throws CertStoreException If the certificates cannot be retrieved.
|
||||
*/
|
||||
public final Collection getCertificates(CertSelector selector)
|
||||
throws CertStoreException
|
||||
{
|
||||
return storeSpi.engineGetCertificates(selector);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a collection of certificate revocation lists from this CertStore,
|
||||
* optionally filtered by the specified CRLSelector. The Collection
|
||||
* returned may be empty, but will never be null.
|
||||
*
|
||||
* <p>Implementations may not allow a null argument, even if no
|
||||
* filtering is desired.
|
||||
*
|
||||
* @param selector The certificate selector.
|
||||
* @return The collection of certificate revocation lists.
|
||||
* @throws CertStoreException If the CRLs cannot be retrieved.
|
||||
*/
|
||||
public final Collection getCRLs(CRLSelector selector)
|
||||
throws CertStoreException
|
||||
{
|
||||
return storeSpi.engineGetCRLs(selector);
|
||||
}
|
||||
}
|
||||
@@ -1,159 +0,0 @@
|
||||
/* CertStoreException.java -- wraps an exception during certificate storage
|
||||
Copyright (C) 2002, 2005 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.io.PrintStream;
|
||||
import java.io.PrintWriter;
|
||||
import java.security.GeneralSecurityException;
|
||||
|
||||
/**
|
||||
* Indicates a problem while retrieving certificates and CRLs from
|
||||
* <code>CertStore</code>, wrapping the lower exception. This class is not
|
||||
* thread-safe.
|
||||
*
|
||||
* @author Eric Blake (ebb9@email.byu.edu)
|
||||
* @see CertStore
|
||||
* @since 1.4
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CertStoreException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.4+.
|
||||
*/
|
||||
private static final long serialVersionUID = 2395296107471573245L;
|
||||
|
||||
/**
|
||||
* Create an exception without a message. The cause may be initialized.
|
||||
*/
|
||||
public CertStoreException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a message. The cause may be initialized.
|
||||
*
|
||||
* @param msg a message to display with exception
|
||||
*/
|
||||
public CertStoreException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a cause. The message will be
|
||||
* <code>cause == null ? null : cause.toString()</code>.
|
||||
*
|
||||
* @param cause the cause
|
||||
*/
|
||||
public CertStoreException(Throwable cause)
|
||||
{
|
||||
this(cause == null ? null : cause.toString(), cause);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an exception with a cause and a message.
|
||||
*
|
||||
* @param msg the message
|
||||
* @param cause the cause
|
||||
*/
|
||||
public CertStoreException(String msg, Throwable cause)
|
||||
{
|
||||
super(msg);
|
||||
initCause(cause);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the detail message.
|
||||
*
|
||||
* @return the detail message
|
||||
*/
|
||||
public String getMessage()
|
||||
{
|
||||
return super.getMessage();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the cause, null if unknown.
|
||||
*
|
||||
* @return the cause
|
||||
*/
|
||||
public Throwable getCause()
|
||||
{
|
||||
return super.getCause();
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert this to a string, including its cause.
|
||||
*
|
||||
* @return the string conversion
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return super.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to <code>System.err</code>.
|
||||
*/
|
||||
public void printStackTrace()
|
||||
{
|
||||
super.printStackTrace();
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to a stream.
|
||||
*
|
||||
* @param stream the stream
|
||||
*/
|
||||
public void printStackTrace(PrintStream stream)
|
||||
{
|
||||
super.printStackTrace(stream);
|
||||
}
|
||||
|
||||
/**
|
||||
* Print the stack trace to a stream.
|
||||
*
|
||||
* @param stream the stream
|
||||
*/
|
||||
public void printStackTrace(PrintWriter stream)
|
||||
{
|
||||
super.printStackTrace(stream);
|
||||
}
|
||||
}
|
||||
@@ -1,60 +0,0 @@
|
||||
/* CertStoreParameters -- interface to CertStore parameters.
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* Parameters used when creating instances of {@link CertStore}. This
|
||||
* class does not define any methods (except a required cloneable
|
||||
* interface) and is provided only to provide type safety for
|
||||
* implementations. Concrete implementations implement this interface
|
||||
* in accord with thier own needs.
|
||||
*
|
||||
* @see LDAPCertStoreParameters
|
||||
* @see CollectionCertStoreParameters
|
||||
*/
|
||||
public interface CertStoreParameters extends Cloneable
|
||||
{
|
||||
|
||||
/**
|
||||
* Create a copy of these parameters.
|
||||
*
|
||||
* @return The copy.
|
||||
*/
|
||||
Object clone();
|
||||
}
|
||||
@@ -1,102 +0,0 @@
|
||||
/* CertStoreSpi -- certificate store service provider interface.
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
/**
|
||||
* The <i>service provider interface</i> (<b>SPI</b>) for the {@link
|
||||
* CertStore} class.
|
||||
*
|
||||
* <p>Providers wishing to implement a CertStore must subclass this
|
||||
* class, implementing all the abstract methods. Providers may also
|
||||
* implement the {@link CertStoreParameters} interface, if they require
|
||||
* parameters.
|
||||
*
|
||||
* @since JDK 1.4
|
||||
* @see CertStore
|
||||
* @see CollectionCertStoreParameters
|
||||
* @see LDAPCertStoreParameters
|
||||
*/
|
||||
public abstract class CertStoreSpi
|
||||
{
|
||||
|
||||
// Constructors.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Creates a new CertStoreSpi.
|
||||
*
|
||||
* @param params The parameters to initialize this instance with, or
|
||||
* null if no parameters are required.
|
||||
* @throws InvalidAlgorithmParameterException If the specified
|
||||
* parameters are inappropriate for this class.
|
||||
*/
|
||||
public CertStoreSpi(CertStoreParameters params)
|
||||
throws java.security.InvalidAlgorithmParameterException
|
||||
{
|
||||
super();
|
||||
}
|
||||
|
||||
// Abstract methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Get the certificates from this store, filtering them through the
|
||||
* specified CertSelector.
|
||||
*
|
||||
* @param selector The CertSelector to filter certificates.
|
||||
* @return A (non-null) collection of certificates.
|
||||
* @throws CertStoreException If the certificates cannot be retrieved.
|
||||
*/
|
||||
public abstract Collection engineGetCertificates(CertSelector selector)
|
||||
throws CertStoreException;
|
||||
|
||||
/**
|
||||
* Get the certificate revocation list from this store, filtering them
|
||||
* through the specified CRLSelector.
|
||||
*
|
||||
* @param selector The CRLSelector to filter certificate revocation
|
||||
* lists.
|
||||
* @return A (non-null) collection of certificate revocation list.
|
||||
* @throws CertStoreException If the CRLs cannot be retrieved.
|
||||
*/
|
||||
public abstract Collection engineGetCRLs(CRLSelector selector)
|
||||
throws CertStoreException;
|
||||
}
|
||||
@@ -1,306 +0,0 @@
|
||||
/* Certificate.java --- Certificate class
|
||||
Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.InvalidObjectException;
|
||||
import java.io.ObjectStreamException;
|
||||
import java.io.Serializable;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.PublicKey;
|
||||
import java.security.SignatureException;
|
||||
|
||||
/**
|
||||
* The Certificate class is an abstract class used to manage
|
||||
* identity certificates. An identity certificate is a
|
||||
* combination of a principal and a public key which is
|
||||
* certified by another principal. This is the puprose of
|
||||
* Certificate Authorities (CA).
|
||||
*
|
||||
* <p>This class is used to manage different types of certificates
|
||||
* but have important common puposes. Different types of
|
||||
* certificates like X.509 and OpenPGP share general certificate
|
||||
* functions (like encoding and verifying) and information like
|
||||
* public keys.
|
||||
*
|
||||
* <p>X.509, OpenPGP, and SDSI can be implemented by subclassing this
|
||||
* class even though they differ in storage methods and information
|
||||
* stored.
|
||||
*
|
||||
* @see CertificateFactory
|
||||
* @see X509Certificate
|
||||
* @since JDK 1.2
|
||||
* @author Mark Benvenuto
|
||||
* @author Casey Marshall
|
||||
*/
|
||||
public abstract class Certificate implements Serializable
|
||||
{
|
||||
private static final long serialVersionUID = -6751606818319535583L;
|
||||
|
||||
private String type;
|
||||
|
||||
/**
|
||||
Constructs a new certificate of the specified type. An example
|
||||
is "X.509".
|
||||
|
||||
@param type a valid standard name for a certificate.
|
||||
*/
|
||||
protected Certificate(String type)
|
||||
{
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns the Certificate type.
|
||||
|
||||
@return a string representing the Certificate type
|
||||
*/
|
||||
public final String getType()
|
||||
{
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
Compares this Certificate to other. It checks if the
|
||||
object if instanceOf Certificate and then checks if
|
||||
the encoded form matches.
|
||||
|
||||
@param other An Object to test for equality
|
||||
|
||||
@return true if equal, false otherwise
|
||||
*/
|
||||
public boolean equals(Object other)
|
||||
{
|
||||
if( other instanceof Certificate ) {
|
||||
try {
|
||||
Certificate x = (Certificate) other;
|
||||
if( getEncoded().length != x.getEncoded().length )
|
||||
return false;
|
||||
|
||||
byte[] b1 = getEncoded();
|
||||
byte[] b2 = x.getEncoded();
|
||||
|
||||
for( int i = 0; i < b1.length; i++ )
|
||||
if( b1[i] != b2[i] )
|
||||
return false;
|
||||
|
||||
} catch( CertificateEncodingException cee ) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
Returns a hash code for this Certificate in its encoded
|
||||
form.
|
||||
|
||||
@return A hash code of this class
|
||||
*/
|
||||
public int hashCode()
|
||||
{
|
||||
return super.hashCode();
|
||||
}
|
||||
|
||||
/**
|
||||
Gets the DER ASN.1 encoded format for this Certificate.
|
||||
It assumes each certificate has only one encoding format.
|
||||
Ex: X.509 is encoded as ASN.1 DER
|
||||
|
||||
@return byte array containg encoded form
|
||||
|
||||
@throws CertificateEncodingException if an error occurs
|
||||
*/
|
||||
public abstract byte[] getEncoded() throws CertificateEncodingException;
|
||||
|
||||
/**
|
||||
Verifies that this Certificate was properly signed with the
|
||||
PublicKey that corresponds to its private key.
|
||||
|
||||
@param key PublicKey to verify with
|
||||
|
||||
@throws CertificateException encoding error
|
||||
@throws NoSuchAlgorithmException unsupported algorithm
|
||||
@throws InvalidKeyException incorrect key
|
||||
@throws NoSuchProviderException no provider
|
||||
@throws SignatureException signature error
|
||||
*/
|
||||
public abstract void verify(PublicKey key)
|
||||
throws CertificateException,
|
||||
NoSuchAlgorithmException,
|
||||
InvalidKeyException,
|
||||
NoSuchProviderException,
|
||||
SignatureException;
|
||||
|
||||
/**
|
||||
Verifies that this Certificate was properly signed with the
|
||||
PublicKey that corresponds to its private key and uses
|
||||
the signature engine provided by the provider.
|
||||
|
||||
@param key PublicKey to verify with
|
||||
@param sigProvider Provider to use for signature algorithm
|
||||
|
||||
@throws CertificateException encoding error
|
||||
@throws NoSuchAlgorithmException unsupported algorithm
|
||||
@throws InvalidKeyException incorrect key
|
||||
@throws NoSuchProviderException incorrect provider
|
||||
@throws SignatureException signature error
|
||||
*/
|
||||
public abstract void verify(PublicKey key,
|
||||
String sigProvider)
|
||||
throws CertificateException,
|
||||
NoSuchAlgorithmException,
|
||||
InvalidKeyException,
|
||||
NoSuchProviderException,
|
||||
SignatureException;
|
||||
|
||||
/**
|
||||
Returns a string representing the Certificate.
|
||||
|
||||
@return a string representing the Certificate.
|
||||
*/
|
||||
public abstract String toString();
|
||||
|
||||
|
||||
/**
|
||||
Returns the public key stored in the Certificate.
|
||||
|
||||
@return The public key
|
||||
*/
|
||||
public abstract PublicKey getPublicKey();
|
||||
|
||||
// Protected methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Returns a replacement for this certificate to be serialized. This
|
||||
* method returns the equivalent to the following for this class:
|
||||
*
|
||||
* <blockquote>
|
||||
* <pre>new CertificateRep(getType(), getEncoded());</pre>
|
||||
* </blockquote>
|
||||
*
|
||||
* <p>This thusly replaces the certificate with its name and its
|
||||
* encoded form, which can be deserialized later with the {@link
|
||||
* CertificateFactory} implementation for this certificate's type.
|
||||
*
|
||||
* @return The replacement object to be serialized.
|
||||
* @throws ObjectStreamException If the replacement could not be
|
||||
* created.
|
||||
*/
|
||||
protected Object writeReplace() throws ObjectStreamException
|
||||
{
|
||||
try
|
||||
{
|
||||
return new CertificateRep(getType(), getEncoded());
|
||||
}
|
||||
catch (CertificateEncodingException cee)
|
||||
{
|
||||
throw new InvalidObjectException(cee.toString());
|
||||
}
|
||||
}
|
||||
|
||||
// Inner class.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
Certificate.CertificateRep is an inner class used to provide an alternate
|
||||
storage mechanism for serialized Certificates.
|
||||
*/
|
||||
protected static class CertificateRep implements java.io.Serializable
|
||||
{
|
||||
|
||||
/** From JDK1.4. */
|
||||
private static final long serialVersionUID = -8563758940495660020L;
|
||||
|
||||
/** The certificate type, e.g. "X.509". */
|
||||
private String type;
|
||||
|
||||
/** The encoded certificate data. */
|
||||
private byte[] data;
|
||||
|
||||
/**
|
||||
* Create an alternative representation of this certificate. The
|
||||
* <code>(type, data)</code> pair is typically the certificate's
|
||||
* type as returned by {@link Certificate#getType()} (i.e. the
|
||||
* canonical name of the certificate type) and the encoded form as
|
||||
* returned by {@link Certificate#getEncoded()}.
|
||||
*
|
||||
* <p>For example, X.509 certificates would create an instance of
|
||||
* this class with the parameters "X.509" and the ASN.1
|
||||
* representation of the certificate, encoded as DER bytes.
|
||||
*
|
||||
* @param type The certificate type.
|
||||
* @param data The encoded certificate data.
|
||||
*/
|
||||
protected CertificateRep(String type, byte[] data)
|
||||
{
|
||||
this.type = type;
|
||||
this.data = data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Deserialize this certificate replacement into the appropriate
|
||||
* certificate object. That is, this method attempts to create a
|
||||
* {@link CertificateFactory} for this certificate's type, then
|
||||
* attempts to parse the encoded data with that factory, returning
|
||||
* the resulting certificate.
|
||||
*
|
||||
* @return The deserialized certificate.
|
||||
* @throws ObjectStreamException If there is no appropriate
|
||||
* certificate factory for the given type, or if the encoded form
|
||||
* cannot be parsed.
|
||||
*/
|
||||
protected Object readResolve() throws ObjectStreamException
|
||||
{
|
||||
try
|
||||
{
|
||||
CertificateFactory fact = CertificateFactory.getInstance(type);
|
||||
return fact.generateCertificate(new ByteArrayInputStream(data));
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
throw new InvalidObjectException(e.toString());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,71 +0,0 @@
|
||||
/* CertificateEncodingException.java -- Certificate Encoding Exception
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* Exception for a Certificate Encoding.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CertificateEncodingException extends CertificateException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = 6219492851589449162L;
|
||||
|
||||
/**
|
||||
* Constructs an exception without a message string.
|
||||
*/
|
||||
public CertificateEncodingException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an exception with a message string.
|
||||
*
|
||||
* @param msg A message to display with exception
|
||||
*/
|
||||
public CertificateEncodingException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,74 +0,0 @@
|
||||
/* CertificateException.java -- Certificate Exception
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.security.GeneralSecurityException;
|
||||
|
||||
/**
|
||||
* Exception for a Certificate.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @see Certificate
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CertificateException extends GeneralSecurityException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = 3192535253797119798L;
|
||||
|
||||
/**
|
||||
* Constructs an exception without a message string.
|
||||
*/
|
||||
public CertificateException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an exception with a message string.
|
||||
*
|
||||
* @param msg a message to display with exception
|
||||
*/
|
||||
public CertificateException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,71 +0,0 @@
|
||||
/* CertificateExpiredException.java --- Certificate Expired Exception
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* Exception for a Certificate Expiring.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CertificateExpiredException extends CertificateException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = 9071001339691533771L;
|
||||
|
||||
/**
|
||||
* Constructs an exception without a message string.
|
||||
*/
|
||||
public CertificateExpiredException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an exception with a message string.
|
||||
*
|
||||
* @param msg a message to display with exception
|
||||
*/
|
||||
public CertificateExpiredException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,358 +0,0 @@
|
||||
/* CertificateFactory.java -- Certificate Factory Class
|
||||
Copyright (C) 1999, 2002, 2003, 2004 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import gnu.java.security.Engine;
|
||||
|
||||
import java.io.InputStream;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.Provider;
|
||||
import java.security.Security;
|
||||
import java.util.Collection;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* This class implements the CertificateFactory class interface used to
|
||||
* generate certificates, certificate revocation lists (CRLs), and certificate
|
||||
* paths objects from their encoded forms.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @author Casey Marshall
|
||||
* @since JDK 1.2
|
||||
* @status Fully compatible with JDK 1.4.
|
||||
*/
|
||||
public class CertificateFactory
|
||||
{
|
||||
|
||||
/** The service name for certificate factories. */
|
||||
private static final String CERTIFICATE_FACTORY = "CertificateFactory";
|
||||
|
||||
private CertificateFactorySpi certFacSpi;
|
||||
private Provider provider;
|
||||
private String type;
|
||||
|
||||
/**
|
||||
* Creates an instance of CertificateFactory.
|
||||
*
|
||||
* @param certFacSpi The underlying CertificateFactory engine.
|
||||
* @param provider The provider of this implementation.
|
||||
* @param type The type of Certificate this factory creates.
|
||||
*/
|
||||
protected CertificateFactory(CertificateFactorySpi certFacSpi,
|
||||
Provider provider, String type)
|
||||
{
|
||||
this.certFacSpi = certFacSpi;
|
||||
this.provider = provider;
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
// Class methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Gets an instance of the CertificateFactory class representing
|
||||
* the specified certificate factory. If the type is not
|
||||
* found then, it throws CertificateException.
|
||||
*
|
||||
* @param type The type of certificate factory to create.
|
||||
* @return a CertificateFactory repesenting the desired type
|
||||
* @throws CertificateException If the type of certificate is not
|
||||
* implemented by any installed provider.
|
||||
*/
|
||||
public static final CertificateFactory getInstance(String type)
|
||||
throws CertificateException
|
||||
{
|
||||
Provider[] p = Security.getProviders();
|
||||
|
||||
for (int i = 0; i < p.length; i++)
|
||||
{
|
||||
try
|
||||
{
|
||||
return getInstance(type, p[i]);
|
||||
}
|
||||
catch (CertificateException e)
|
||||
{
|
||||
// Ignored.
|
||||
}
|
||||
}
|
||||
|
||||
throw new CertificateException(type);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets an instance of the CertificateFactory class representing
|
||||
* the specified certificate factory from the specified provider.
|
||||
* If the type is not found then, it throws {@link CertificateException}.
|
||||
* If the provider is not found, then it throws
|
||||
* {@link java.security.NoSuchProviderException}.
|
||||
*
|
||||
* @param type The type of certificate factory to create.
|
||||
* @param provider The name of the provider from which to get the
|
||||
* implementation.
|
||||
* @return A CertificateFactory for the desired type.
|
||||
* @throws CertificateException If the type of certificate is not
|
||||
* implemented by the named provider.
|
||||
* @throws NoSuchProviderException If the named provider is not installed.
|
||||
*/
|
||||
public static final CertificateFactory getInstance(String type,
|
||||
String provider)
|
||||
throws CertificateException, NoSuchProviderException
|
||||
{
|
||||
Provider p = Security.getProvider(provider);
|
||||
if( p == null)
|
||||
throw new NoSuchProviderException(provider);
|
||||
|
||||
return getInstance(type, p);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a certificate factory for the given certificate type from the
|
||||
* given provider.
|
||||
*
|
||||
* @param type The type of certificate factory to create.
|
||||
* @param provider The provider from which to get the implementation.
|
||||
* @return A CertificateFactory for the desired type.
|
||||
* @throws CertificateException If the type of certificate is not
|
||||
* implemented by the provider.
|
||||
* @throws IllegalArgumentException If the provider is null.
|
||||
*/
|
||||
public static final CertificateFactory getInstance(String type,
|
||||
Provider provider)
|
||||
throws CertificateException
|
||||
{
|
||||
if (provider == null)
|
||||
throw new IllegalArgumentException("null provider");
|
||||
|
||||
try
|
||||
{
|
||||
return new CertificateFactory((CertificateFactorySpi)
|
||||
Engine.getInstance(CERTIFICATE_FACTORY, type, provider),
|
||||
provider, type);
|
||||
}
|
||||
catch (ClassCastException cce)
|
||||
{
|
||||
throw new CertificateException(type);
|
||||
}
|
||||
catch (java.lang.reflect.InvocationTargetException ite)
|
||||
{
|
||||
throw new CertificateException(type);
|
||||
}
|
||||
catch (NoSuchAlgorithmException nsae)
|
||||
{
|
||||
throw new CertificateException(nsae.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
// Instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Gets the provider of this implementation.
|
||||
*
|
||||
* @return The provider of this implementation.
|
||||
*/
|
||||
public final Provider getProvider()
|
||||
{
|
||||
return provider;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the type of the certificate this factory creates.
|
||||
*
|
||||
* @return A string with the type of certificate
|
||||
*/
|
||||
public final String getType()
|
||||
{
|
||||
return type;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a Certificate from the encoded data read
|
||||
* from an InputStream.
|
||||
*
|
||||
* <p>The input stream must contain only one certificate.
|
||||
*
|
||||
* <p>If there exists a specialized certificate class for the
|
||||
* certificate format handled by the certificate factory
|
||||
* then the return Ceritificate should be a typecast of it.
|
||||
* Ex: A X.509 CertificateFactory should return X509Certificate.
|
||||
*
|
||||
* <p>For X.509 certificates, the certificate in inStream must be
|
||||
* DER encoded and supplied in binary or printable (Base64)
|
||||
* encoding. If the certificate is in Base64 encoding, it must be
|
||||
* bounded by -----BEGINCERTIFICATE-----, and
|
||||
* -----END CERTIFICATE-----.
|
||||
*
|
||||
* @param inStream An input stream containing the certificate data.
|
||||
* @return A certificate initialized from the decoded InputStream data.
|
||||
* @throws CertificateException If an error occurs decoding the
|
||||
* certificate.
|
||||
*/
|
||||
public final Certificate generateCertificate(InputStream inStream)
|
||||
throws CertificateException
|
||||
{
|
||||
return certFacSpi.engineGenerateCertificate(inStream);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a collection of certificates that were read from the
|
||||
* input stream. It may be empty, have only one, or have
|
||||
* multiple certificates.
|
||||
*
|
||||
* For a X.509 certificate factory, the stream may contain a
|
||||
* single DER encoded certificate or a PKCS#7 certificate
|
||||
* chain. This is a PKCS#7 <I>SignedData</I> object with the
|
||||
* most significant field being <I>certificates</I>. If no
|
||||
* CRLs are present, then an empty collection is returned.
|
||||
*
|
||||
* @param inStream An input stream containing the certificate data.
|
||||
* @return A collection of certificates initialized from the decoded
|
||||
* InputStream data.
|
||||
* @throws CertificateException If an error occurs decoding the
|
||||
* certificates.
|
||||
*/
|
||||
public final Collection generateCertificates(InputStream inStream)
|
||||
throws CertificateException
|
||||
{
|
||||
return certFacSpi.engineGenerateCertificates(inStream);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a CRL based on the encoded data read
|
||||
* from the InputStream.
|
||||
*
|
||||
* <p>The input stream must contain only one CRL.
|
||||
*
|
||||
* <p>If there exists a specialized CRL class for the
|
||||
* CRL format handled by the certificate factory
|
||||
* then the return CRL should be a typecast of it.
|
||||
* Ex: A X.509 CertificateFactory should return X509CRL.
|
||||
*
|
||||
* @param inStream An input stream containing the CRL data.
|
||||
* @return A CRL initialized from the decoded InputStream data.
|
||||
* @throws CRLException If an error occurs decoding the CRL.
|
||||
*/
|
||||
public final CRL generateCRL(InputStream inStream)
|
||||
throws CRLException
|
||||
{
|
||||
return certFacSpi.engineGenerateCRL(inStream);
|
||||
}
|
||||
|
||||
/**
|
||||
* <p>Generates CRLs based on the encoded data read
|
||||
* from the InputStream.
|
||||
*
|
||||
* <p>For a X.509 certificate factory, the stream may contain a
|
||||
* single DER encoded CRL or a PKCS#7 CRL set. This is a
|
||||
* PKCS#7 <I>SignedData</I> object with the most significant
|
||||
* field being <I>crls</I>. If no CRLs are present, then an
|
||||
* empty collection is returned.
|
||||
*
|
||||
* @param inStream an input stream containing the CRLs.
|
||||
* @return a collection of CRLs initialized from the decoded
|
||||
* InputStream data.
|
||||
* @throws CRLException If an error occurs decoding the CRLs.
|
||||
*/
|
||||
public final Collection generateCRLs(InputStream inStream)
|
||||
throws CRLException
|
||||
{
|
||||
return certFacSpi.engineGenerateCRLs( inStream );
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a {@link CertPath} and initialize it with data parsed from
|
||||
* the input stream. The default encoding of this factory is used.
|
||||
*
|
||||
* @param inStream The InputStream containing the CertPath data.
|
||||
* @return A CertPath initialized from the input stream data.
|
||||
* @throws CertificateException If an error occurs decoding the
|
||||
* CertPath.
|
||||
*/
|
||||
public final CertPath generateCertPath(InputStream inStream)
|
||||
throws CertificateException
|
||||
{
|
||||
return certFacSpi.engineGenerateCertPath(inStream);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a {@link CertPath} and initialize it with data parsed from
|
||||
* the input stream, using the specified encoding.
|
||||
*
|
||||
* @param inStream The InputStream containing the CertPath data.
|
||||
* @param encoding The encoding of the InputStream data.
|
||||
* @return A CertPath initialized from the input stream data.
|
||||
* @throws CertificateException If an error occurs decoding the
|
||||
* CertPath.
|
||||
*/
|
||||
public final CertPath generateCertPath(InputStream inStream, String encoding)
|
||||
throws CertificateException
|
||||
{
|
||||
return certFacSpi.engineGenerateCertPath(inStream, encoding);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a {@link CertPath} and initialize it with the certificates
|
||||
* in the {@link java.util.List} argument.
|
||||
*
|
||||
* @param certificates The list of certificates with which to create
|
||||
* the CertPath.
|
||||
* @return A CertPath initialized from the certificates.
|
||||
* @throws CertificateException If an error occurs generating the
|
||||
* CertPath.
|
||||
*/
|
||||
public final CertPath generateCertPath(List certificates)
|
||||
throws CertificateException
|
||||
{
|
||||
return certFacSpi.engineGenerateCertPath(certificates);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an Iterator of CertPath encodings supported by this
|
||||
* factory, with the default encoding first. The returned Iterator
|
||||
* cannot be modified.
|
||||
*
|
||||
* @return The Iterator of supported encodings.
|
||||
*/
|
||||
public final Iterator getCertPathEncodings()
|
||||
{
|
||||
return certFacSpi.engineGetCertPathEncodings();
|
||||
}
|
||||
} // class CertificateFactory
|
||||
@@ -1,225 +0,0 @@
|
||||
/* CertificateFactorySpi.java --- Certificate Factory Class
|
||||
Copyright (C) 1999,2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.io.InputStream;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Iterator;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
CertificateFactorySpi is the abstract class Service Provider
|
||||
Interface (SPI) for the CertificateFactory class. A provider
|
||||
must implement all the abstract methods if they wish to
|
||||
supply a certificate factory for a particular certificate
|
||||
type. Ex: X.509
|
||||
|
||||
Certificate factories are used to generate certificates and
|
||||
certificate revocation lists (CRL) from their encoding.
|
||||
|
||||
@since JDK 1.2
|
||||
|
||||
@author Mark Benvenuto
|
||||
*/
|
||||
public abstract class CertificateFactorySpi
|
||||
{
|
||||
|
||||
// Constructor.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Constructs a new CertificateFactorySpi
|
||||
*/
|
||||
public CertificateFactorySpi()
|
||||
{}
|
||||
|
||||
// Abstract methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
Generates a Certificate based on the encoded data read
|
||||
from the InputStream.
|
||||
|
||||
The input stream must contain only one certificate.
|
||||
|
||||
If there exists a specialized certificate class for the
|
||||
certificate format handled by the certificate factory
|
||||
then the return Ceritificate should be a typecast of it.
|
||||
Ex: A X.509 CertificateFactory should return X509Certificate.
|
||||
|
||||
For X.509 certificates, the certificate in inStream must be
|
||||
DER encoded and supplied in binary or printable (Base64)
|
||||
encoding. If the certificate is in Base64 encoding, it must be
|
||||
bounded by -----BEGIN CERTIFICATE-----, and
|
||||
-----END CERTIFICATE-----.
|
||||
|
||||
@param inStream an input stream containing the certificate data
|
||||
|
||||
@return a certificate initialized with InputStream data.
|
||||
|
||||
@throws CertificateException Certificate parsing error
|
||||
*/
|
||||
public abstract Certificate engineGenerateCertificate(InputStream inStream)
|
||||
throws CertificateException;
|
||||
|
||||
/**
|
||||
Returns a collection of certificates that were read from the
|
||||
input stream. It may be empty, have only one, or have
|
||||
multiple certificates.
|
||||
|
||||
For a X.509 certificate factory, the stream may contain a
|
||||
single DER encoded certificate or a PKCS#7 certificate
|
||||
chain. This is a PKCS#7 <I>SignedData</I> object with the
|
||||
most significant field being <I>certificates</I>. If no
|
||||
CRLs are present, then an empty collection is returned.
|
||||
|
||||
@param inStream an input stream containing the certificates
|
||||
|
||||
@return a collection of certificates initialized with
|
||||
the InputStream data.
|
||||
|
||||
@throws CertificateException Certificate parsing error
|
||||
*/
|
||||
public abstract Collection engineGenerateCertificates(InputStream inStream)
|
||||
throws CertificateException;
|
||||
|
||||
/**
|
||||
Generates a CRL based on the encoded data read
|
||||
from the InputStream.
|
||||
|
||||
The input stream must contain only one CRL.
|
||||
|
||||
If there exists a specialized CRL class for the
|
||||
CRL format handled by the certificate factory
|
||||
then the return CRL should be a typecast of it.
|
||||
Ex: A X.509 CertificateFactory should return X509CRL.
|
||||
|
||||
@param inStream an input stream containing the CRL data
|
||||
|
||||
@return a CRL initialized with InputStream data.
|
||||
|
||||
@throws CRLException CRL parsing error
|
||||
*/
|
||||
public abstract CRL engineGenerateCRL(InputStream inStream)
|
||||
throws CRLException;
|
||||
|
||||
/**
|
||||
Generates CRLs based on the encoded data read
|
||||
from the InputStream.
|
||||
|
||||
For a X.509 certificate factory, the stream may contain a
|
||||
single DER encoded CRL or a PKCS#7 CRL set. This is a
|
||||
PKCS#7 <I>SignedData</I> object with the most significant
|
||||
field being <I>crls</I>. If no CRLs are present, then an
|
||||
empty collection is returned.
|
||||
|
||||
@param inStream an input stream containing the CRLs
|
||||
|
||||
@return a collection of CRLs initialized with
|
||||
the InputStream data.
|
||||
|
||||
@throws CRLException CRL parsing error
|
||||
*/
|
||||
public abstract Collection engineGenerateCRLs(InputStream inStream)
|
||||
throws CRLException;
|
||||
|
||||
// 1.4 instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Generate a {@link CertPath} and initialize it with data parsed from
|
||||
* the input stream. The default encoding of this factory is used.
|
||||
*
|
||||
* @param inStream The InputStream containing the CertPath data.
|
||||
* @return A CertPath initialized from the input stream data.
|
||||
* @throws CertificateException If an error occurs decoding the
|
||||
* CertPath.
|
||||
*/
|
||||
public CertPath engineGenerateCertPath(InputStream inStream)
|
||||
throws CertificateException
|
||||
{
|
||||
throw new UnsupportedOperationException("not implemented");
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a {@link CertPath} and initialize it with data parsed from
|
||||
* the input stream, using the specified encoding.
|
||||
*
|
||||
* @param inStream The InputStream containing the CertPath data.
|
||||
* @param encoding The encoding of the InputStream data.
|
||||
* @return A CertPath initialized from the input stream data.
|
||||
* @throws CertificateException If an error occurs decoding the
|
||||
* CertPath.
|
||||
*/
|
||||
public CertPath engineGenerateCertPath(InputStream inStream, String encoding)
|
||||
throws CertificateException
|
||||
{
|
||||
throw new UnsupportedOperationException("not implemented");
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a {@link CertPath} and initialize it with the certificates
|
||||
* in the {@link java.util.List} argument.
|
||||
*
|
||||
* @param certificates The list of certificates with which to create
|
||||
* the CertPath.
|
||||
* @return A CertPath initialized from the certificates.
|
||||
* @throws CertificateException If an error occurs generating the
|
||||
* CertPath.
|
||||
*/
|
||||
public CertPath engineGenerateCertPath(List certificates)
|
||||
throws CertificateException
|
||||
{
|
||||
throw new UnsupportedOperationException("not implemented");
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns an Iterator of CertPath encodings supported by this
|
||||
* factory, with the default encoding first. The returned Iterator
|
||||
* cannot be modified.
|
||||
*
|
||||
* @return The Iterator of supported encodings.
|
||||
*/
|
||||
public Iterator engineGetCertPathEncodings()
|
||||
{
|
||||
throw new UnsupportedOperationException("not implemented");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,71 +0,0 @@
|
||||
/* CertificateNotYetValidException.java -- Certificate Not Yet Valid Exception
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* Exception for a Certificate that is not yet valid.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CertificateNotYetValidException extends CertificateException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = 4355919900041064702L;
|
||||
|
||||
/**
|
||||
* Constructs an exception without a message string.
|
||||
*/
|
||||
public CertificateNotYetValidException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an exception with a message string.
|
||||
*
|
||||
* @param msg A message to display with exception
|
||||
*/
|
||||
public CertificateNotYetValidException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,71 +0,0 @@
|
||||
/* CertificateParsingException.java -- Certificate Parsing Exception
|
||||
Copyright (C) 1999, 2002 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* Exception for parsing a DER-encoded Certificate.
|
||||
*
|
||||
* @author Mark Benvenuto
|
||||
* @since 1.2
|
||||
* @status updated to 1.4
|
||||
*/
|
||||
public class CertificateParsingException extends CertificateException
|
||||
{
|
||||
/**
|
||||
* Compatible with JDK 1.2+.
|
||||
*/
|
||||
private static final long serialVersionUID = -7989222416793322029L;
|
||||
|
||||
/**
|
||||
* Constructs an exception without a message string.
|
||||
*/
|
||||
public CertificateParsingException()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an exception with a message string.
|
||||
*
|
||||
* @param msg a message to display with exception
|
||||
*/
|
||||
public CertificateParsingException(String msg)
|
||||
{
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -1,121 +0,0 @@
|
||||
/* CollectionCertStoreParameters -- collection-based cert store parameters
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
|
||||
/**
|
||||
* An implementation of {@link CertStoreParameters} with a simple,
|
||||
* in-memory {@link Collection} of certificates and certificate
|
||||
* revocation list.
|
||||
*
|
||||
* <p>Note that this class is not thread-safe, and its underlying
|
||||
* collection may be changed at any time.
|
||||
*
|
||||
* @see CertStore
|
||||
*/
|
||||
public class CollectionCertStoreParameters implements CertStoreParameters
|
||||
{
|
||||
|
||||
// Constants and fields.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/** The underlying collection. */
|
||||
private final Collection collection;
|
||||
|
||||
// Constructors.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Creates a new CollectionCertStoreParameters with an empty,
|
||||
* immutable collection.
|
||||
*/
|
||||
public CollectionCertStoreParameters()
|
||||
{
|
||||
this(Collections.EMPTY_LIST);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new CollectionCertStoreParameters with the specified
|
||||
* collection. The argument is not copied, and subsequent changes to
|
||||
* the collection will change this class's collection.
|
||||
*
|
||||
* @param collection The collection.
|
||||
* @throws NullPointerException If <i>collection</i> is null.
|
||||
*/
|
||||
public CollectionCertStoreParameters(Collection collection)
|
||||
{
|
||||
if (collection == null)
|
||||
throw new NullPointerException();
|
||||
this.collection = collection;
|
||||
}
|
||||
|
||||
// Instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
public Object clone()
|
||||
{
|
||||
return new CollectionCertStoreParameters(new ArrayList(collection));
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the underlying collection. The collection is not copied
|
||||
* before being returned, so callers may update the collection that is
|
||||
* returned.
|
||||
*
|
||||
* @return The collection.
|
||||
*/
|
||||
public Collection getCollection()
|
||||
{
|
||||
return collection;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a string representation of these parameters.
|
||||
*
|
||||
* @return The string representation of these parameters.
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return "CollectionCertStoreParameters: [ collection: "
|
||||
+ collection + " ]";
|
||||
}
|
||||
}
|
||||
@@ -1,140 +0,0 @@
|
||||
/* LDAPCertStoreParameters.java -- LDAP CertStore parameters.
|
||||
Copyright (C) 2003 Free Software Foundation, Inc.
|
||||
|
||||
This file is part of GNU Classpath.
|
||||
|
||||
GNU Classpath is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2, or (at your option)
|
||||
any later version.
|
||||
|
||||
GNU Classpath is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with GNU Classpath; see the file COPYING. If not, write to the
|
||||
Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
||||
02110-1301 USA.
|
||||
|
||||
Linking this library statically or dynamically with other modules is
|
||||
making a combined work based on this library. Thus, the terms and
|
||||
conditions of the GNU General Public License cover the whole
|
||||
combination.
|
||||
|
||||
As a special exception, the copyright holders of this library give you
|
||||
permission to link this library with independent modules to produce an
|
||||
executable, regardless of the license terms of these independent
|
||||
modules, and to copy and distribute the resulting executable under
|
||||
terms of your choice, provided that you also meet, for each linked
|
||||
independent module, the terms and conditions of the license of that
|
||||
module. An independent module is a module which is not derived from
|
||||
or based on this library. If you modify this library, you may extend
|
||||
this exception to your version of the library, but you are not
|
||||
obligated to do so. If you do not wish to do so, delete this
|
||||
exception statement from your version. */
|
||||
|
||||
|
||||
package java.security.cert;
|
||||
|
||||
/**
|
||||
* Parameters for CertStores that are retrieved via the <i>lightweight
|
||||
* directory access protocol</i> (<b>LDAP</b>).
|
||||
*
|
||||
* @see CertStore
|
||||
*/
|
||||
public class LDAPCertStoreParameters implements CertStoreParameters
|
||||
{
|
||||
|
||||
// Constants and fields.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/** The default LDAP port. */
|
||||
private static final int LDAP_PORT = 389;
|
||||
|
||||
/** The server name. */
|
||||
private final String serverName;
|
||||
|
||||
/** The LDAP port. */
|
||||
private final int port;
|
||||
|
||||
// Constructors.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Create a new LDAPCertStoreParameters object, with a servername of
|
||||
* "localhost" and a port of 389.
|
||||
*/
|
||||
public LDAPCertStoreParameters()
|
||||
{
|
||||
this("localhost", LDAP_PORT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new LDAPCertStoreParameters object, with a specified
|
||||
* server name and a port of 389.
|
||||
*
|
||||
* @param serverName The LDAP server name.
|
||||
* @throws NullPointerException If <i>serverName</i> is null.
|
||||
*/
|
||||
public LDAPCertStoreParameters(String serverName)
|
||||
{
|
||||
this(serverName, LDAP_PORT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new LDAPCertStoreParameters object, with a specified
|
||||
* server name and port.
|
||||
*
|
||||
* @param serverName The LDAP server name.
|
||||
* @param port The LDAP port.
|
||||
* @throws NullPointerException If <i>serverName</i> is null.
|
||||
*/
|
||||
public LDAPCertStoreParameters(String serverName, int port)
|
||||
{
|
||||
if (serverName == null)
|
||||
throw new NullPointerException();
|
||||
this.serverName = serverName;
|
||||
this.port = port;
|
||||
}
|
||||
|
||||
// Instance methods.
|
||||
// ------------------------------------------------------------------------
|
||||
|
||||
public Object clone()
|
||||
{
|
||||
return new LDAPCertStoreParameters(serverName, port);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the server name.
|
||||
*
|
||||
* @return The server name.
|
||||
*/
|
||||
public String getServerName()
|
||||
{
|
||||
return serverName;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the port.
|
||||
*
|
||||
* @return the port.
|
||||
*/
|
||||
public int getPort()
|
||||
{
|
||||
return port;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a string representation of these parameters.
|
||||
*
|
||||
* @return The string representation of these parameters.
|
||||
*/
|
||||
public String toString()
|
||||
{
|
||||
return "LDAPCertStoreParameters: [ serverName: " + serverName
|
||||
+ "; port: " + port + " ]";
|
||||
}
|
||||
}
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user