jdk-sandbox: src/java.base/share/classes/sun/security/util/AbstractAlgorithmConstraints.java@8bf9268df0e2 (annotated)

31689 1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	1	/*
39759 427916042881 8161718: Copyright/License updates to corba, jdk bchristi parents: 37726 diff changeset	2	* Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
31689 1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	4	*
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	10	*
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	15	* accompanied this code).
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	16	*
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	20	*
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	23	* questions.
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	24	*/
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	25
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	26	package sun.security.util;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	27
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	28	import java.security.AccessController;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	29	import java.security.AlgorithmConstraints;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	30	import java.security.PrivilegedAction;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	31	import java.security.Security;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	32	import java.util.Set;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	33
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	34	/**
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	35	* The class contains common functionality for algorithm constraints classes.
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	36	*/
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	37	public abstract class AbstractAlgorithmConstraints
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	38	implements AlgorithmConstraints {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	39
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	40	protected final AlgorithmDecomposer decomposer;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	41
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	42	protected AbstractAlgorithmConstraints(AlgorithmDecomposer decomposer) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	43	this.decomposer = decomposer;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	44	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	45
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	46	// Get algorithm constraints from the specified security property.
37726 bbecfff95ec3 8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions ascarpino parents: 33295 diff changeset	47	static String[] getAlgorithms(String propertyName) {
31689 1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	48	String property = AccessController.doPrivileged(
41956 69deb06bb8f1 8168911: Increased number of classes initialized during initialization of SignatureFileVerifier redestad parents: 39759 diff changeset	49	new PrivilegedAction<String>() {
69deb06bb8f1 8168911: Increased number of classes initialized during initialization of SignatureFileVerifier redestad parents: 39759 diff changeset	50	@Override
69deb06bb8f1 8168911: Increased number of classes initialized during initialization of SignatureFileVerifier redestad parents: 39759 diff changeset	51	public String run() {
69deb06bb8f1 8168911: Increased number of classes initialized during initialization of SignatureFileVerifier redestad parents: 39759 diff changeset	52	return Security.getProperty(propertyName);
69deb06bb8f1 8168911: Increased number of classes initialized during initialization of SignatureFileVerifier redestad parents: 39759 diff changeset	53	}
69deb06bb8f1 8168911: Increased number of classes initialized during initialization of SignatureFileVerifier redestad parents: 39759 diff changeset	54	});
31689 1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	55
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	56	String[] algorithmsInProperty = null;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	57	if (property != null && !property.isEmpty()) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	58	// remove double quote marks from beginning/end of the property
33295 052d130b84ed 8081760: Better group dynamics xuelei parents: 31689 diff changeset	59	if (property.length() >= 2 && property.charAt(0) == '"' &&
052d130b84ed 8081760: Better group dynamics xuelei parents: 31689 diff changeset	60	property.charAt(property.length() - 1) == '"') {
31689 1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	61	property = property.substring(1, property.length() - 1);
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	62	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	63	algorithmsInProperty = property.split(",");
33295 052d130b84ed 8081760: Better group dynamics xuelei parents: 31689 diff changeset	64	for (int i = 0; i < algorithmsInProperty.length; i++) {
31689 1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	65	algorithmsInProperty[i] = algorithmsInProperty[i].trim();
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	66	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	67	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	68
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	69	// map the disabled algorithms
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	70	if (algorithmsInProperty == null) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	71	algorithmsInProperty = new String[0];
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	72	}
37726 bbecfff95ec3 8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions ascarpino parents: 33295 diff changeset	73	return algorithmsInProperty;
31689 1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	74	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	75
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	76	static boolean checkAlgorithm(String[] algorithms, String algorithm,
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	77	AlgorithmDecomposer decomposer) {
53018 8bf9268df0e2 8215281: Use String.isEmpty() when applicable in java.base redestad parents: 47216 diff changeset	78	if (algorithm == null \|\| algorithm.isEmpty()) {
31689 1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	79	throw new IllegalArgumentException("No algorithm name specified");
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	80	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	81
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	82	Set<String> elements = null;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	83	for (String item : algorithms) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	84	if (item == null \|\| item.isEmpty()) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	85	continue;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	86	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	87
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	88	// check the full name
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	89	if (item.equalsIgnoreCase(algorithm)) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	90	return false;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	91	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	92
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	93	// decompose the algorithm into sub-elements
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	94	if (elements == null) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	95	elements = decomposer.decompose(algorithm);
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	96	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	97
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	98	// check the items of the algorithm
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	99	for (String element : elements) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	100	if (item.equalsIgnoreCase(element)) {
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	101	return false;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	102	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	103	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	104	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	105
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	106	return true;
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	107	}
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	108
1201792aa3a3 8043201: Deprecate RC4 in SunJSSE provider asmotrak parents: diff changeset	109	}

author	redestad
	Thu, 13 Dec 2018 15:31:05 +0100
changeset 53018	8bf9268df0e2
parent 47216	71c04702a3d5
permissions	-rw-r--r--