author | darcy |
Thu, 29 Aug 2019 10:52:21 -0700 | |
changeset 57950 | 4612a3cfb927 |
parent 47216 | 71c04702a3d5 |
child 59024 | b046ba510bbc |
permissions | -rw-r--r-- |
2 | 1 |
/* |
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47216
diff
changeset
|
2 |
* Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved. |
2 | 3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 |
* |
|
5 |
* This code is free software; you can redistribute it and/or modify it |
|
6 |
* under the terms of the GNU General Public License version 2 only, as |
|
5506 | 7 |
* published by the Free Software Foundation. Oracle designates this |
2 | 8 |
* particular file as subject to the "Classpath" exception as provided |
5506 | 9 |
* by Oracle in the LICENSE file that accompanied this code. |
2 | 10 |
* |
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that |
|
15 |
* accompanied this code). |
|
16 |
* |
|
17 |
* You should have received a copy of the GNU General Public License version |
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation, |
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 |
* |
|
5506 | 21 |
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
22 |
* or visit www.oracle.com if you need additional information or have any |
|
23 |
* questions. |
|
2 | 24 |
*/ |
25 |
||
26 |
package javax.crypto; |
|
27 |
||
28 |
import java.security.*; |
|
29 |
import java.util.Enumeration; |
|
30 |
import java.util.Hashtable; |
|
31 |
import java.util.Vector; |
|
32 |
import java.util.NoSuchElementException; |
|
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
33 |
import java.util.concurrent.ConcurrentHashMap; |
2 | 34 |
import java.io.Serializable; |
35 |
import java.io.InputStream; |
|
36 |
import java.io.InputStreamReader; |
|
37 |
import java.io.BufferedReader; |
|
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
38 |
import java.io.ObjectStreamField; |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
39 |
import java.io.ObjectInputStream; |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
40 |
import java.io.ObjectOutputStream; |
2 | 41 |
import java.io.IOException; |
42 |
||
43 |
/** |
|
44 |
* This class contains CryptoPermission objects, organized into |
|
45 |
* PermissionCollections according to algorithm names. |
|
46 |
* |
|
47 |
* <p>When the <code>add</code> method is called to add a |
|
48 |
* CryptoPermission, the CryptoPermission is stored in the |
|
49 |
* appropriate PermissionCollection. If no such |
|
50 |
* collection exists yet, the algorithm name associated with |
|
51 |
* the CryptoPermission object is |
|
52 |
* determined and the <code>newPermissionCollection</code> method |
|
53 |
* is called on the CryptoPermission or CryptoAllPermission class to |
|
54 |
* create the PermissionCollection and add it to the Permissions object. |
|
55 |
* |
|
56 |
* @see javax.crypto.CryptoPermission |
|
57 |
* @see java.security.PermissionCollection |
|
58 |
* @see java.security.Permissions |
|
59 |
* |
|
60 |
* @author Sharon Liu |
|
61 |
* @since 1.4 |
|
62 |
*/ |
|
63 |
final class CryptoPermissions extends PermissionCollection |
|
64 |
implements Serializable { |
|
65 |
||
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47216
diff
changeset
|
66 |
@java.io.Serial |
2 | 67 |
private static final long serialVersionUID = 4946547168093391015L; |
68 |
||
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
69 |
/** |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
70 |
* @serialField perms java.util.Hashtable |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
71 |
*/ |
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47216
diff
changeset
|
72 |
@java.io.Serial |
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
73 |
private static final ObjectStreamField[] serialPersistentFields = { |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
74 |
new ObjectStreamField("perms", Hashtable.class), |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
75 |
}; |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
76 |
|
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
77 |
// Switched from Hashtable to ConcurrentHashMap to improve scalability. |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
78 |
// To maintain serialization compatibility, this field is made transient |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
79 |
// and custom readObject/writeObject methods are used. |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
80 |
private transient ConcurrentHashMap<String,PermissionCollection> perms; |
2 | 81 |
|
82 |
/** |
|
83 |
* Creates a new CryptoPermissions object containing |
|
84 |
* no CryptoPermissionCollections. |
|
85 |
*/ |
|
86 |
CryptoPermissions() { |
|
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
87 |
perms = new ConcurrentHashMap<>(7); |
2 | 88 |
} |
89 |
||
90 |
/** |
|
91 |
* Populates the crypto policy from the specified |
|
92 |
* InputStream into this CryptoPermissions object. |
|
93 |
* |
|
94 |
* @param in the InputStream to load from. |
|
95 |
* |
|
96 |
* @exception SecurityException if cannot load |
|
97 |
* successfully. |
|
98 |
*/ |
|
99 |
void load(InputStream in) |
|
100 |
throws IOException, CryptoPolicyParser.ParsingException { |
|
101 |
CryptoPolicyParser parser = new CryptoPolicyParser(); |
|
102 |
parser.read(new BufferedReader(new InputStreamReader(in, "UTF-8"))); |
|
103 |
||
104 |
CryptoPermission[] parsingResult = parser.getPermissions(); |
|
105 |
for (int i = 0; i < parsingResult.length; i++) { |
|
106 |
this.add(parsingResult[i]); |
|
107 |
} |
|
108 |
} |
|
109 |
||
110 |
/** |
|
111 |
* Returns true if this CryptoPermissions object doesn't |
|
112 |
* contain any CryptoPermission objects; otherwise, returns |
|
113 |
* false. |
|
114 |
*/ |
|
115 |
boolean isEmpty() { |
|
116 |
return perms.isEmpty(); |
|
117 |
} |
|
118 |
||
119 |
/** |
|
120 |
* Adds a permission object to the PermissionCollection for the |
|
121 |
* algorithm returned by |
|
122 |
* <code>(CryptoPermission)permission.getAlgorithm()</code>. |
|
123 |
* |
|
124 |
* This method creates |
|
125 |
* a new PermissionCollection object (and adds the permission to it) |
|
126 |
* if an appropriate collection does not yet exist. <p> |
|
127 |
* |
|
128 |
* @param permission the Permission object to add. |
|
129 |
* |
|
130 |
* @exception SecurityException if this CryptoPermissions object is |
|
131 |
* marked as readonly. |
|
132 |
* |
|
133 |
* @see isReadOnly |
|
134 |
*/ |
|
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
135 |
@Override |
2 | 136 |
public void add(Permission permission) { |
137 |
||
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
138 |
if (isReadOnly()) { |
2 | 139 |
throw new SecurityException("Attempt to add a Permission " + |
140 |
"to a readonly CryptoPermissions " + |
|
141 |
"object"); |
|
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
142 |
} |
2 | 143 |
|
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
144 |
if (!(permission instanceof CryptoPermission)) { |
2 | 145 |
return; |
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
146 |
} |
2 | 147 |
|
148 |
CryptoPermission cryptoPerm = (CryptoPermission)permission; |
|
149 |
PermissionCollection pc = |
|
150 |
getPermissionCollection(cryptoPerm); |
|
151 |
pc.add(cryptoPerm); |
|
152 |
String alg = cryptoPerm.getAlgorithm(); |
|
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
153 |
perms.putIfAbsent(alg, pc); |
2 | 154 |
} |
155 |
||
156 |
/** |
|
157 |
* Checks if this object's PermissionCollection for permissons |
|
158 |
* of the specified permission's algorithm implies the specified |
|
159 |
* permission. Returns true if the checking succeeded. |
|
160 |
* |
|
161 |
* @param permission the Permission object to check. |
|
162 |
* |
|
163 |
* @return true if "permission" is implied by the permissions |
|
164 |
* in the PermissionCollection it belongs to, false if not. |
|
165 |
* |
|
166 |
*/ |
|
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
167 |
@Override |
2 | 168 |
public boolean implies(Permission permission) { |
169 |
if (!(permission instanceof CryptoPermission)) { |
|
170 |
return false; |
|
171 |
} |
|
172 |
||
173 |
CryptoPermission cryptoPerm = (CryptoPermission)permission; |
|
174 |
||
175 |
PermissionCollection pc = |
|
176 |
getPermissionCollection(cryptoPerm.getAlgorithm()); |
|
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
177 |
|
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
178 |
if (pc != null) { |
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
179 |
return pc.implies(cryptoPerm); |
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
180 |
} else { |
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
181 |
// none found |
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
182 |
return false; |
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
183 |
} |
2 | 184 |
} |
185 |
||
186 |
/** |
|
187 |
* Returns an enumeration of all the Permission objects in all the |
|
188 |
* PermissionCollections in this CryptoPermissions object. |
|
189 |
* |
|
190 |
* @return an enumeration of all the Permissions. |
|
191 |
*/ |
|
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
192 |
@Override |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
193 |
public Enumeration<Permission> elements() { |
2 | 194 |
// go through each Permissions in the hash table |
195 |
// and call their elements() function. |
|
196 |
return new PermissionsEnumerator(perms.elements()); |
|
197 |
} |
|
198 |
||
199 |
/** |
|
200 |
* Returns a CryptoPermissions object which |
|
201 |
* represents the minimum of the specified |
|
202 |
* CryptoPermissions object and this |
|
203 |
* CryptoPermissions object. |
|
204 |
* |
|
205 |
* @param other the CryptoPermission |
|
206 |
* object to compare with this object. |
|
207 |
*/ |
|
208 |
CryptoPermissions getMinimum(CryptoPermissions other) { |
|
209 |
if (other == null) { |
|
210 |
return null; |
|
211 |
} |
|
212 |
||
213 |
if (this.perms.containsKey(CryptoAllPermission.ALG_NAME)) { |
|
214 |
return other; |
|
215 |
} |
|
216 |
||
217 |
if (other.perms.containsKey(CryptoAllPermission.ALG_NAME)) { |
|
218 |
return this; |
|
219 |
} |
|
220 |
||
221 |
CryptoPermissions ret = new CryptoPermissions(); |
|
222 |
||
223 |
||
224 |
PermissionCollection thatWildcard = |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
225 |
other.perms.get(CryptoPermission.ALG_NAME_WILDCARD); |
2 | 226 |
int maxKeySize = 0; |
227 |
if (thatWildcard != null) { |
|
228 |
maxKeySize = ((CryptoPermission) |
|
229 |
thatWildcard.elements().nextElement()).getMaxKeySize(); |
|
230 |
} |
|
231 |
// For each algorithm in this CryptoPermissions, |
|
232 |
// find out if there is anything we should add into |
|
233 |
// ret. |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
234 |
Enumeration<String> thisKeys = this.perms.keys(); |
2 | 235 |
while (thisKeys.hasMoreElements()) { |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
236 |
String alg = thisKeys.nextElement(); |
2 | 237 |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
238 |
PermissionCollection thisPc = this.perms.get(alg); |
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
239 |
PermissionCollection thatPc = other.perms.get(alg); |
2 | 240 |
|
241 |
CryptoPermission[] partialResult; |
|
242 |
||
243 |
if (thatPc == null) { |
|
244 |
if (thatWildcard == null) { |
|
245 |
// The other CryptoPermissions |
|
246 |
// doesn't allow this given |
|
247 |
// algorithm at all. Just skip this |
|
248 |
// algorithm. |
|
249 |
continue; |
|
250 |
} |
|
251 |
partialResult = getMinimum(maxKeySize, thisPc); |
|
252 |
} else { |
|
253 |
partialResult = getMinimum(thisPc, thatPc); |
|
254 |
} |
|
255 |
||
256 |
for (int i = 0; i < partialResult.length; i++) { |
|
257 |
ret.add(partialResult[i]); |
|
258 |
} |
|
259 |
} |
|
260 |
||
261 |
PermissionCollection thisWildcard = |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
262 |
this.perms.get(CryptoPermission.ALG_NAME_WILDCARD); |
2 | 263 |
|
264 |
// If this CryptoPermissions doesn't |
|
265 |
// have a wildcard, we are done. |
|
266 |
if (thisWildcard == null) { |
|
267 |
return ret; |
|
268 |
} |
|
269 |
||
270 |
// Deal with the algorithms only appear |
|
271 |
// in the other CryptoPermissions. |
|
272 |
maxKeySize = |
|
273 |
((CryptoPermission) |
|
274 |
thisWildcard.elements().nextElement()).getMaxKeySize(); |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
275 |
Enumeration<String> thatKeys = other.perms.keys(); |
2 | 276 |
while (thatKeys.hasMoreElements()) { |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
277 |
String alg = thatKeys.nextElement(); |
2 | 278 |
|
279 |
if (this.perms.containsKey(alg)) { |
|
280 |
continue; |
|
281 |
} |
|
282 |
||
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
283 |
PermissionCollection thatPc = other.perms.get(alg); |
2 | 284 |
|
285 |
CryptoPermission[] partialResult; |
|
286 |
||
287 |
partialResult = getMinimum(maxKeySize, thatPc); |
|
288 |
||
289 |
for (int i = 0; i < partialResult.length; i++) { |
|
290 |
ret.add(partialResult[i]); |
|
291 |
} |
|
292 |
} |
|
293 |
return ret; |
|
294 |
} |
|
295 |
||
296 |
/** |
|
297 |
* Get the minimum of the two given PermissionCollection |
|
298 |
* <code>thisPc</code> and <code>thatPc</code>. |
|
299 |
* |
|
300 |
* @param thisPc the first given PermissionColloection |
|
301 |
* object. |
|
302 |
* |
|
303 |
* @param thatPc the second given PermissionCollection |
|
304 |
* object. |
|
305 |
*/ |
|
306 |
private CryptoPermission[] getMinimum(PermissionCollection thisPc, |
|
307 |
PermissionCollection thatPc) { |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
308 |
Vector<CryptoPermission> permVector = new Vector<>(2); |
2 | 309 |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
310 |
Enumeration<Permission> thisPcPermissions = thisPc.elements(); |
2 | 311 |
|
312 |
// For each CryptoPermission in |
|
313 |
// thisPc object, do the following: |
|
314 |
// 1) if this CryptoPermission is implied |
|
315 |
// by thatPc, this CryptoPermission |
|
316 |
// should be returned, and we can |
|
317 |
// move on to check the next |
|
318 |
// CryptoPermission in thisPc. |
|
319 |
// 2) otherwise, we should return |
|
320 |
// all CryptoPermissions in thatPc |
|
321 |
// which |
|
322 |
// are implied by this CryptoPermission. |
|
323 |
// Then we can move on to the |
|
324 |
// next CryptoPermission in thisPc. |
|
325 |
while (thisPcPermissions.hasMoreElements()) { |
|
326 |
CryptoPermission thisCp = |
|
327 |
(CryptoPermission)thisPcPermissions.nextElement(); |
|
328 |
||
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
329 |
Enumeration<Permission> thatPcPermissions = thatPc.elements(); |
2 | 330 |
while (thatPcPermissions.hasMoreElements()) { |
331 |
CryptoPermission thatCp = |
|
332 |
(CryptoPermission)thatPcPermissions.nextElement(); |
|
333 |
||
334 |
if (thatCp.implies(thisCp)) { |
|
335 |
permVector.addElement(thisCp); |
|
336 |
break; |
|
337 |
} |
|
338 |
if (thisCp.implies(thatCp)) { |
|
339 |
permVector.addElement(thatCp); |
|
340 |
} |
|
341 |
} |
|
342 |
} |
|
343 |
||
344 |
CryptoPermission[] ret = new CryptoPermission[permVector.size()]; |
|
345 |
permVector.copyInto(ret); |
|
346 |
return ret; |
|
347 |
} |
|
348 |
||
349 |
/** |
|
350 |
* Returns all the CryptoPermission objects in the given |
|
351 |
* PermissionCollection object |
|
352 |
* whose maximum keysize no greater than <code>maxKeySize</code>. |
|
353 |
* For all CryptoPermission objects with a maximum keysize greater |
|
354 |
* than <code>maxKeySize</code>, this method constructs a |
|
355 |
* corresponding CryptoPermission object whose maximum keysize is |
|
356 |
* set to <code>maxKeySize</code>, and includes that in the result. |
|
357 |
* |
|
358 |
* @param maxKeySize the given maximum key size. |
|
359 |
* |
|
360 |
* @param pc the given PermissionCollection object. |
|
361 |
*/ |
|
362 |
private CryptoPermission[] getMinimum(int maxKeySize, |
|
363 |
PermissionCollection pc) { |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
364 |
Vector<CryptoPermission> permVector = new Vector<>(1); |
2 | 365 |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
366 |
Enumeration<Permission> enum_ = pc.elements(); |
2 | 367 |
|
368 |
while (enum_.hasMoreElements()) { |
|
369 |
CryptoPermission cp = |
|
370 |
(CryptoPermission)enum_.nextElement(); |
|
371 |
if (cp.getMaxKeySize() <= maxKeySize) { |
|
372 |
permVector.addElement(cp); |
|
373 |
} else { |
|
374 |
if (cp.getCheckParam()) { |
|
375 |
permVector.addElement( |
|
376 |
new CryptoPermission(cp.getAlgorithm(), |
|
377 |
maxKeySize, |
|
378 |
cp.getAlgorithmParameterSpec(), |
|
379 |
cp.getExemptionMechanism())); |
|
380 |
} else { |
|
381 |
permVector.addElement( |
|
382 |
new CryptoPermission(cp.getAlgorithm(), |
|
383 |
maxKeySize, |
|
384 |
cp.getExemptionMechanism())); |
|
385 |
} |
|
386 |
} |
|
387 |
} |
|
388 |
||
389 |
CryptoPermission[] ret = new CryptoPermission[permVector.size()]; |
|
390 |
permVector.copyInto(ret); |
|
391 |
return ret; |
|
392 |
} |
|
393 |
||
394 |
/** |
|
395 |
* Returns the PermissionCollection for the |
|
396 |
* specified algorithm. Returns null if there |
|
397 |
* isn't such a PermissionCollection. |
|
398 |
* |
|
399 |
* @param alg the algorithm name. |
|
400 |
*/ |
|
401 |
PermissionCollection getPermissionCollection(String alg) { |
|
402 |
// If this CryptoPermissions includes CryptoAllPermission, |
|
403 |
// we should return CryptoAllPermission. |
|
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
404 |
PermissionCollection pc = perms.get(CryptoAllPermission.ALG_NAME); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
405 |
if (pc == null) { |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
406 |
pc = perms.get(alg); |
2 | 407 |
|
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
408 |
// If there isn't a PermissionCollection for |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
409 |
// the given algorithm,we should return the |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
410 |
// PermissionCollection for the wildcard |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
411 |
// if there is one. |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
412 |
if (pc == null) { |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
413 |
pc = perms.get(CryptoPermission.ALG_NAME_WILDCARD); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
414 |
} |
2 | 415 |
} |
416 |
return pc; |
|
417 |
} |
|
418 |
||
419 |
/** |
|
420 |
* Returns the PermissionCollection for the algorithm |
|
421 |
* associated with the specified CryptoPermission |
|
422 |
* object. Creates such a PermissionCollection |
|
423 |
* if such a PermissionCollection does not |
|
424 |
* exist yet. |
|
425 |
* |
|
426 |
* @param cryptoPerm the CryptoPermission object. |
|
427 |
*/ |
|
428 |
private PermissionCollection getPermissionCollection( |
|
429 |
CryptoPermission cryptoPerm) { |
|
430 |
||
431 |
String alg = cryptoPerm.getAlgorithm(); |
|
432 |
||
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
433 |
PermissionCollection pc = perms.get(alg); |
2 | 434 |
|
435 |
if (pc == null) { |
|
436 |
pc = cryptoPerm.newPermissionCollection(); |
|
437 |
} |
|
438 |
return pc; |
|
439 |
} |
|
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
440 |
|
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47216
diff
changeset
|
441 |
@java.io.Serial |
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
442 |
private void readObject(ObjectInputStream s) |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
443 |
throws IOException, ClassNotFoundException { |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
444 |
ObjectInputStream.GetField fields = s.readFields(); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
445 |
@SuppressWarnings("unchecked") |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
446 |
Hashtable<String,PermissionCollection> permTable = |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
447 |
(Hashtable<String,PermissionCollection>) |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
448 |
(fields.get("perms", null)); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
449 |
if (permTable != null) { |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
450 |
perms = new ConcurrentHashMap<>(permTable); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
451 |
} else { |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
452 |
perms = new ConcurrentHashMap<>(); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
453 |
} |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
454 |
} |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
455 |
|
57950
4612a3cfb927
8229999: Apply java.io.Serial annotations to security types in java.base
darcy
parents:
47216
diff
changeset
|
456 |
@java.io.Serial |
13557
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
457 |
private void writeObject(ObjectOutputStream s) throws IOException { |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
458 |
Hashtable<String,PermissionCollection> permTable = |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
459 |
new Hashtable<>(perms); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
460 |
ObjectOutputStream.PutField fields = s.putFields(); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
461 |
fields.put("perms", permTable); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
462 |
s.writeFields(); |
f0156a32c08f
7107613: scalability bloker in javax.crypto.CryptoPermissions
valeriep
parents:
10336
diff
changeset
|
463 |
} |
2 | 464 |
} |
465 |
||
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
466 |
final class PermissionsEnumerator implements Enumeration<Permission> { |
2 | 467 |
|
468 |
// all the perms |
|
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
469 |
private final Enumeration<PermissionCollection> perms; |
2 | 470 |
// the current set |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
471 |
private Enumeration<Permission> permset; |
2 | 472 |
|
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
473 |
PermissionsEnumerator(Enumeration<PermissionCollection> e) { |
2 | 474 |
perms = e; |
475 |
permset = getNextEnumWithMore(); |
|
476 |
} |
|
477 |
||
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
478 |
@Override |
2 | 479 |
public synchronized boolean hasMoreElements() { |
480 |
// if we enter with permissionimpl null, we know |
|
481 |
// there are no more left. |
|
482 |
||
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
483 |
if (permset == null) { |
2 | 484 |
return false; |
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
485 |
} |
2 | 486 |
|
487 |
// try to see if there are any left in the current one |
|
488 |
||
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
489 |
if (permset.hasMoreElements()) { |
2 | 490 |
return true; |
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
491 |
} |
2 | 492 |
|
493 |
// get the next one that has something in it... |
|
494 |
permset = getNextEnumWithMore(); |
|
495 |
||
496 |
// if it is null, we are done! |
|
497 |
return (permset != null); |
|
498 |
} |
|
499 |
||
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
500 |
@Override |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
501 |
public synchronized Permission nextElement() { |
2 | 502 |
// hasMoreElements will update permset to the next permset |
503 |
// with something in it... |
|
504 |
||
505 |
if (hasMoreElements()) { |
|
506 |
return permset.nextElement(); |
|
507 |
} else { |
|
508 |
throw new NoSuchElementException("PermissionsEnumerator"); |
|
509 |
} |
|
510 |
} |
|
511 |
||
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
512 |
private Enumeration<Permission> getNextEnumWithMore() { |
2 | 513 |
while (perms.hasMoreElements()) { |
10336
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
514 |
PermissionCollection pc = perms.nextElement(); |
0bb1999251f8
7064075: Security libraries don't build with javac -Xlint:all,-deprecation -Werror
jjg
parents:
5506
diff
changeset
|
515 |
Enumeration<Permission> next = pc.elements(); |
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
516 |
if (next.hasMoreElements()) { |
2 | 517 |
return next; |
39880
d4cfdddbc897
8161527: NPE is thrown if exempt application is bundled with specific cryptoPerms
wetmore
parents:
25859
diff
changeset
|
518 |
} |
2 | 519 |
} |
520 |
return null; |
|
521 |
} |
|
522 |
} |