jdk-sandbox: jaxp/src/java.xml/share/classes/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java@59a16afe7517 (annotated)

20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	1	/*
30522 59a16afe7517 8080344: Incorrect GPL header causes RE script to miss swap to commercial header for licensee source bundle joehw parents: 25868 diff changeset	2	* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	4	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	10	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	15	* accompanied this code).
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	16	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	20	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	23	* questions.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	24	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	25
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	26	package com.sun.org.apache.xerces.internal.utils;
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	27
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	28	import com.sun.org.apache.xerces.internal.impl.Constants;
20973 cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	29	import com.sun.org.apache.xerces.internal.util.SecurityManager;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	30
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	31	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	32	* This class manages standard and implementation-specific limitations.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	33	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	34	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	35	public final class XMLSecurityManager {
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	36
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	37	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	38	* States of the settings of a property, in the order: default value, value
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	39	* set by FEATURE_SECURE_PROCESSING, jaxp.properties file, jaxp system
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	40	* properties, and jaxp api properties
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	41	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	42	public static enum State {
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	43	//this order reflects the overriding order
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	44
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	45	DEFAULT("default"), FSP("FEATURE_SECURE_PROCESSING"),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	46	JAXPDOTPROPERTIES("jaxp.properties"), SYSTEMPROPERTY("system property"),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	47	APIPROPERTY("property");
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	48
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	49	final String literal;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	50	State(String literal) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	51	this.literal = literal;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	52	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	53
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	54	String literal() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	55	return literal;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	56	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	57	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	58
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	59	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	60	* Limits managed by the security manager
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	61	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	62	public static enum Limit {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	63
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	64	ENTITY_EXPANSION_LIMIT(Constants.JDK_ENTITY_EXPANSION_LIMIT, Constants.SP_ENTITY_EXPANSION_LIMIT, 0, 64000),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	65	MAX_OCCUR_NODE_LIMIT(Constants.JDK_MAX_OCCUR_LIMIT, Constants.SP_MAX_OCCUR_LIMIT, 0, 5000),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	66	ELEMENT_ATTRIBUTE_LIMIT(Constants.JDK_ELEMENT_ATTRIBUTE_LIMIT, Constants.SP_ELEMENT_ATTRIBUTE_LIMIT, 0, 10000),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	67	TOTAL_ENTITY_SIZE_LIMIT(Constants.JDK_TOTAL_ENTITY_SIZE_LIMIT, Constants.SP_TOTAL_ENTITY_SIZE_LIMIT, 0, 50000000),
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	68	GENERAL_ENTITY_SIZE_LIMIT(Constants.JDK_GENERAL_ENTITY_SIZE_LIMIT, Constants.SP_GENERAL_ENTITY_SIZE_LIMIT, 0, 0),
25591 8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	69	PARAMETER_ENTITY_SIZE_LIMIT(Constants.JDK_PARAMETER_ENTITY_SIZE_LIMIT, Constants.SP_PARAMETER_ENTITY_SIZE_LIMIT, 0, 1000000),
8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	70	MAX_ELEMENT_DEPTH_LIMIT(Constants.JDK_MAX_ELEMENT_DEPTH, Constants.SP_MAX_ELEMENT_DEPTH, 0, 0);
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	71
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	72	final String apiProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	73	final String systemProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	74	final int defaultValue;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	75	final int secureValue;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	76
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	77	Limit(String apiProperty, String systemProperty, int value, int secureValue) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	78	this.apiProperty = apiProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	79	this.systemProperty = systemProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	80	this.defaultValue = value;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	81	this.secureValue = secureValue;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	82	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	83
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	84	public boolean equalsAPIPropertyName(String propertyName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	85	return (propertyName == null) ? false : apiProperty.equals(propertyName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	86	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	87
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	88	public boolean equalsSystemPropertyName(String propertyName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	89	return (propertyName == null) ? false : systemProperty.equals(propertyName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	90	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	91
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	92	public String apiProperty() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	93	return apiProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	94	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	95
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	96	String systemProperty() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	97	return systemProperty;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	98	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	99
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	100	int defaultValue() {
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	101	return defaultValue;
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	102	}
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	103
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	104	int secureValue() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	105	return secureValue;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	106	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	107	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	108
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	109	/**
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	110	* Map old property names with the new ones
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	111	*/
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	112	public static enum NameMap {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	113
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	114	ENTITY_EXPANSION_LIMIT(Constants.SP_ENTITY_EXPANSION_LIMIT, Constants.ENTITY_EXPANSION_LIMIT),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	115	MAX_OCCUR_NODE_LIMIT(Constants.SP_MAX_OCCUR_LIMIT, Constants.MAX_OCCUR_LIMIT),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	116	ELEMENT_ATTRIBUTE_LIMIT(Constants.SP_ELEMENT_ATTRIBUTE_LIMIT, Constants.ELEMENT_ATTRIBUTE_LIMIT);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	117	final String newName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	118	final String oldName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	119
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	120	NameMap(String newName, String oldName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	121	this.newName = newName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	122	this.oldName = oldName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	123	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	124
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	125	String getOldName(String newName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	126	if (newName.equals(this.newName)) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	127	return oldName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	128	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	129	return null;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	130	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	131	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	132	private static final int NO_LIMIT = 0;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	133	/**
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	134	* Values of the properties
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	135	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	136	private final int[] values;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	137	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	138	* States of the settings for each property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	139	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	140	private State[] states;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	141	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	142	* Flag indicating if secure processing is set
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	143	*/
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	144	boolean secureProcessing;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	145
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	146	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	147	* States that determine if properties are set explicitly
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	148	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	149	private boolean[] isSet;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	150
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	151
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	152	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	153	* Index of the special entityCountInfo property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	154	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	155	private int indexEntityCountInfo = 10000;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	156	private String printEntityCountInfo = "";
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	157
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	158	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	159	* Default constructor. Establishes default values for known security
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	160	* vulnerabilities.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	161	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	162	public XMLSecurityManager() {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	163	this(false);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	164	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	165
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	166	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	167	* Instantiate Security Manager in accordance with the status of
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	168	* secure processing
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	169	* @param secureProcessing
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	170	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	171	public XMLSecurityManager(boolean secureProcessing) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	172	values = new int[Limit.values().length];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	173	states = new State[Limit.values().length];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	174	isSet = new boolean[Limit.values().length];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	175	this.secureProcessing = secureProcessing;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	176	for (Limit limit : Limit.values()) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	177	if (secureProcessing) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	178	values[limit.ordinal()] = limit.secureValue;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	179	states[limit.ordinal()] = State.FSP;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	180	} else {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	181	values[limit.ordinal()] = limit.defaultValue();
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	182	states[limit.ordinal()] = State.DEFAULT;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	183	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	184	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	185	//read system properties or jaxp.properties
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	186	readSystemProperties();
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	187	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	188
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	189	/**
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	190	* Setting FEATURE_SECURE_PROCESSING explicitly
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	191	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	192	public void setSecureProcessing(boolean secure) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	193	secureProcessing = secure;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	194	for (Limit limit : Limit.values()) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	195	if (secure) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	196	setLimit(limit.ordinal(), State.FSP, limit.secureValue());
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	197	} else {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	198	setLimit(limit.ordinal(), State.FSP, limit.defaultValue());
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	199	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	200	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	201	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	202
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	203	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	204	* Return the state of secure processing
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	205	* @return the state of secure processing
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	206	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	207	public boolean isSecureProcessing() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	208	return secureProcessing;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	209	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	210
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	211
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	212	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	213	* Set limit by property name and state
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	214	* @param propertyName property name
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	215	* @param state the state of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	216	* @param value the value of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	217	* @return true if the property is managed by the security manager; false
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	218	* if otherwise.
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	219	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	220	public boolean setLimit(String propertyName, State state, Object value) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	221	int index = getIndex(propertyName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	222	if (index > -1) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	223	setLimit(index, state, value);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	224	return true;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	225	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	226	return false;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	227	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	228
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	229	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	230	* Set the value for a specific limit.
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	231	*
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	232	* @param limit the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	233	* @param state the state of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	234	* @param value the value of the property
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	235	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	236	public void setLimit(Limit limit, State state, int value) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	237	setLimit(limit.ordinal(), state, value);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	238	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	239
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	240	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	241	* Set the value of a property by its index
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	242	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	243	* @param index the index of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	244	* @param state the state of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	245	* @param value the value of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	246	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	247	public void setLimit(int index, State state, Object value) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	248	if (index == indexEntityCountInfo) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	249	printEntityCountInfo = (String)value;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	250	} else {
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	251	int temp;
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	252	if (Integer.class.isAssignableFrom(value.getClass())) {
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	253	temp = ((Integer)value).intValue();
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	254	} else {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	255	temp = Integer.parseInt((String) value);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	256	if (temp < 0) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	257	temp = 0;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	258	}
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	259	}
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	260	setLimit(index, state, temp);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	261	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	262	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	263
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	264	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	265	* Set the value of a property by its index
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	266	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	267	* @param index the index of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	268	* @param state the state of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	269	* @param value the value of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	270	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	271	public void setLimit(int index, State state, int value) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	272	if (index == indexEntityCountInfo) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	273	//if it's explicitly set, it's treated as yes no matter the value
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	274	printEntityCountInfo = Constants.JDK_YES;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	275	} else {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	276	//only update if it shall override
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	277	if (state.compareTo(states[index]) >= 0) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	278	values[index] = value;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	279	states[index] = state;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	280	isSet[index] = true;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	281	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	282	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	283	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	284
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	285	/**
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	286	* Return the value of the specified property
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	287	*
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	288	* @param propertyName the property name
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	289	* @return the value of the property as a string. If a property is managed
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	290	* by this manager, its value shall not be null.
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	291	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	292	public String getLimitAsString(String propertyName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	293	int index = getIndex(propertyName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	294	if (index > -1) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	295	return getLimitValueByIndex(index);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	296	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	297
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	298	return null;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	299	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	300	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	301	* Return the value of the specified property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	302	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	303	* @param limit the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	304	* @return the value of the property
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	305	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	306	public int getLimit(Limit limit) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	307	return values[limit.ordinal()];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	308	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	309
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	310	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	311	* Return the value of a property by its ordinal
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	312	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	313	* @param limit the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	314	* @return value of a property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	315	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	316	public String getLimitValueAsString(Limit limit) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	317	return Integer.toString(values[limit.ordinal()]);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	318	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	319
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	320	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	321	* Return the value of a property by its ordinal
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	322	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	323	* @param index the index of a property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	324	* @return limit of a property as a string
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	325	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	326	public String getLimitValueByIndex(int index) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	327	if (index == indexEntityCountInfo) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	328	return printEntityCountInfo;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	329	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	330
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	331	return Integer.toString(values[index]);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	332	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	333
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	334	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	335	* Return the state of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	336	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	337	* @param limit the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	338	* @return the state of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	339	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	340	public State getState(Limit limit) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	341	return states[limit.ordinal()];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	342	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	343
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	344	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	345	* Return the state of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	346	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	347	* @param limit the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	348	* @return the state of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	349	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	350	public String getStateLiteral(Limit limit) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	351	return states[limit.ordinal()].literal();
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	352	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	353
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	354	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	355	* Get the index by property name
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	356	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	357	* @param propertyName property name
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	358	* @return the index of the property if found; return -1 if not
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	359	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	360	public int getIndex(String propertyName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	361	for (Limit limit : Limit.values()) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	362	if (limit.equalsAPIPropertyName(propertyName)) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	363	//internally, ordinal is used as index
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	364	return limit.ordinal();
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	365	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	366	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	367	//special property to return entity count info
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	368	if (propertyName.equals(Constants.JDK_ENTITY_COUNT_INFO)) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	369	return indexEntityCountInfo;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	370	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	371	return -1;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	372	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	373
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	374	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	375	* Check if there's no limit defined by the Security Manager
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	376	* @param limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	377	* @return
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	378	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	379	public boolean isNoLimit(int limit) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	380	return limit==NO_LIMIT;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	381	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	382	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	383	* Check if the size (length or count) of the specified limit property is
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	384	* over the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	385	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	386	* @param limit the type of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	387	* @param entityName the name of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	388	* @param size the size (count or length) of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	389	* @return true if the size is over the limit, false otherwise
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	390	*/
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	391	public boolean isOverLimit(Limit limit, String entityName, int size,
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	392	XMLLimitAnalyzer limitAnalyzer) {
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	393	return isOverLimit(limit.ordinal(), entityName, size, limitAnalyzer);
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	394	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	395
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	396	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	397	* Check if the value (length or count) of the specified limit property is
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	398	* over the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	399	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	400	* @param index the index of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	401	* @param entityName the name of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	402	* @param size the size (count or length) of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	403	* @return true if the size is over the limit, false otherwise
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	404	*/
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	405	public boolean isOverLimit(int index, String entityName, int size,
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	406	XMLLimitAnalyzer limitAnalyzer) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	407	if (values[index] == NO_LIMIT) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	408	return false;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	409	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	410	if (size > values[index]) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	411	limitAnalyzer.addValue(index, entityName, size);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	412	return true;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	413	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	414	return false;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	415	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	416
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	417	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	418	* Check against cumulated value
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	419	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	420	* @param limit the type of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	421	* @param size the size (count or length) of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	422	* @return true if the size is over the limit, false otherwise
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	423	*/
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	424	public boolean isOverLimit(Limit limit, XMLLimitAnalyzer limitAnalyzer) {
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	425	return isOverLimit(limit.ordinal(), limitAnalyzer);
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	426	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	427
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	428	public boolean isOverLimit(int index, XMLLimitAnalyzer limitAnalyzer) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	429	if (values[index] == NO_LIMIT) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	430	return false;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	431	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	432
25591 8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	433	if (index == Limit.ELEMENT_ATTRIBUTE_LIMIT.ordinal() \|\|
8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	434	index == Limit.ENTITY_EXPANSION_LIMIT.ordinal() \|\|
8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	435	index == Limit.TOTAL_ENTITY_SIZE_LIMIT.ordinal() \|\|
8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	436	index == Limit.MAX_ELEMENT_DEPTH_LIMIT.ordinal()) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	437	return (limitAnalyzer.getTotalValue(index) > values[index]);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	438	} else {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	439	return (limitAnalyzer.getValue(index) > values[index]);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	440	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	441	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	442
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	443	public void debugPrint(XMLLimitAnalyzer limitAnalyzer) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	444	if (printEntityCountInfo.equals(Constants.JDK_YES)) {
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	445	limitAnalyzer.debugPrint(this);
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	446	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	447	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	448
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	449
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	450	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	451	* Indicate if a property is set explicitly
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	452	* @param index
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	453	* @return
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	454	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	455	public boolean isSet(int index) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	456	return isSet[index];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	457	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	458
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	459	public boolean printEntityCountInfo() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	460	return printEntityCountInfo.equals(Constants.JDK_YES);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	461	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	462
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	463	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	464	* Read from system properties, or those in jaxp.properties
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	465	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	466	private void readSystemProperties() {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	467
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	468	for (Limit limit : Limit.values()) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	469	if (!getSystemProperty(limit, limit.systemProperty())) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	470	//if system property is not found, try the older form if any
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	471	for (NameMap nameMap : NameMap.values()) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	472	String oldName = nameMap.getOldName(limit.systemProperty());
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	473	if (oldName != null) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	474	getSystemProperty(limit, oldName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	475	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	476	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	477	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	478	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	479
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	480	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	481
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	482	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	483	* Read from system properties, or those in jaxp.properties
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	484	*
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	485	* @param property the type of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	486	* @param sysPropertyName the name of system property
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	487	*/
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	488	private boolean getSystemProperty(Limit limit, String sysPropertyName) {
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	489	try {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	490	String value = SecuritySupport.getSystemProperty(sysPropertyName);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	491	if (value != null && !value.equals("")) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	492	values[limit.ordinal()] = Integer.parseInt(value);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	493	states[limit.ordinal()] = State.SYSTEMPROPERTY;
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	494	return true;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	495	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	496
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	497	value = SecuritySupport.readJAXPProperty(sysPropertyName);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	498	if (value != null && !value.equals("")) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	499	values[limit.ordinal()] = Integer.parseInt(value);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	500	states[limit.ordinal()] = State.JAXPDOTPROPERTIES;
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	501	return true;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	502	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	503	} catch (NumberFormatException e) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	504	//invalid setting
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	505	throw new NumberFormatException("Invalid setting for system property: " + limit.systemProperty());
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	506	}
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	507	return false;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	508	}
20973 cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	509
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	510
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	511	/**
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	512	* Convert a value set through setProperty to XMLSecurityManager.
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	513	* If the value is an instance of XMLSecurityManager, use it to override the default;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	514	* If the value is an old SecurityManager, convert to the new XMLSecurityManager.
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	515	*
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	516	* @param value user specified security manager
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	517	* @param securityManager an instance of XMLSecurityManager
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	518	* @return an instance of the new security manager XMLSecurityManager
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	519	*/
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	520	static public XMLSecurityManager convert(Object value, XMLSecurityManager securityManager) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	521	if (value == null) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	522	if (securityManager == null) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	523	securityManager = new XMLSecurityManager(true);
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	524	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	525	return securityManager;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	526	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	527	if (XMLSecurityManager.class.isAssignableFrom(value.getClass())) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	528	return (XMLSecurityManager)value;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	529	} else {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	530	if (securityManager == null) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	531	securityManager = new XMLSecurityManager(true);
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	532	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	533	if (SecurityManager.class.isAssignableFrom(value.getClass())) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	534	SecurityManager origSM = (SecurityManager)value;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	535	securityManager.setLimit(Limit.MAX_OCCUR_NODE_LIMIT, State.APIPROPERTY, origSM.getMaxOccurNodeLimit());
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	536	securityManager.setLimit(Limit.ENTITY_EXPANSION_LIMIT, State.APIPROPERTY, origSM.getEntityExpansionLimit());
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	537	securityManager.setLimit(Limit.ELEMENT_ATTRIBUTE_LIMIT, State.APIPROPERTY, origSM.getElementAttrLimit());
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	538	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	539	return securityManager;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	540	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	541	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	542	}

author	joehw
	Thu, 14 May 2015 09:38:53 -0700
changeset 30522	59a16afe7517
parent 25868	686eef1e7a79
child 33352	35c096b5709c
permissions	-rw-r--r--