jdk-sandbox: src/java.xml/share/classes/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java@d4f959806fe9 (annotated)

20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	1	/*
47312 d4f959806fe9 8187593: Cleanup: removing SecuritySupport files joehw parents: 47216 diff changeset	2	* Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	3	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	4	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	5	* This code is free software; you can redistribute it and/or modify it
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	6	* under the terms of the GNU General Public License version 2 only, as
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	7	* published by the Free Software Foundation. Oracle designates this
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	8	* particular file as subject to the "Classpath" exception as provided
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	9	* by Oracle in the LICENSE file that accompanied this code.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	10	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	11	* This code is distributed in the hope that it will be useful, but WITHOUT
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	12	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	13	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	14	* version 2 for more details (a copy is included in the LICENSE file that
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	15	* accompanied this code).
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	16	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	17	* You should have received a copy of the GNU General Public License version
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	18	* 2 along with this work; if not, write to the Free Software Foundation,
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	19	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	20	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	21	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	22	* or visit www.oracle.com if you need additional information or have any
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	23	* questions.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	24	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	25
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	26	package com.sun.org.apache.xerces.internal.utils;
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	27
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	28	import com.sun.org.apache.xerces.internal.impl.Constants;
20973 cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	29	import com.sun.org.apache.xerces.internal.util.SecurityManager;
35729 49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	30	import java.util.concurrent.CopyOnWriteArrayList;
47312 d4f959806fe9 8187593: Cleanup: removing SecuritySupport files joehw parents: 47216 diff changeset	31	import jdk.xml.internal.SecuritySupport;
35729 49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	32	import org.xml.sax.SAXException;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	33
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	34	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	35	* This class manages standard and implementation-specific limitations.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	36	*
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	37	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	38	public final class XMLSecurityManager {
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	39
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	40	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	41	* States of the settings of a property, in the order: default value, value
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	42	* set by FEATURE_SECURE_PROCESSING, jaxp.properties file, jaxp system
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	43	* properties, and jaxp api properties
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	44	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	45	public static enum State {
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	46	//this order reflects the overriding order
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	47
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	48	DEFAULT("default"), FSP("FEATURE_SECURE_PROCESSING"),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	49	JAXPDOTPROPERTIES("jaxp.properties"), SYSTEMPROPERTY("system property"),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	50	APIPROPERTY("property");
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	51
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	52	final String literal;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	53	State(String literal) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	54	this.literal = literal;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	55	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	56
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	57	String literal() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	58	return literal;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	59	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	60	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	61
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	62	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	63	* Limits managed by the security manager
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	64	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	65	public static enum Limit {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	66
33352 35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	67	ENTITY_EXPANSION_LIMIT("EntityExpansionLimit",
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	68	Constants.JDK_ENTITY_EXPANSION_LIMIT, Constants.SP_ENTITY_EXPANSION_LIMIT, 0, 64000),
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	69	MAX_OCCUR_NODE_LIMIT("MaxOccurLimit",
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	70	Constants.JDK_MAX_OCCUR_LIMIT, Constants.SP_MAX_OCCUR_LIMIT, 0, 5000),
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	71	ELEMENT_ATTRIBUTE_LIMIT("ElementAttributeLimit",
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	72	Constants.JDK_ELEMENT_ATTRIBUTE_LIMIT, Constants.SP_ELEMENT_ATTRIBUTE_LIMIT, 0, 10000),
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	73	TOTAL_ENTITY_SIZE_LIMIT("TotalEntitySizeLimit",
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	74	Constants.JDK_TOTAL_ENTITY_SIZE_LIMIT, Constants.SP_TOTAL_ENTITY_SIZE_LIMIT, 0, 50000000),
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	75	GENERAL_ENTITY_SIZE_LIMIT("MaxEntitySizeLimit",
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	76	Constants.JDK_GENERAL_ENTITY_SIZE_LIMIT, Constants.SP_GENERAL_ENTITY_SIZE_LIMIT, 0, 0),
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	77	PARAMETER_ENTITY_SIZE_LIMIT("MaxEntitySizeLimit",
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	78	Constants.JDK_PARAMETER_ENTITY_SIZE_LIMIT, Constants.SP_PARAMETER_ENTITY_SIZE_LIMIT, 0, 1000000),
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	79	MAX_ELEMENT_DEPTH_LIMIT("MaxElementDepthLimit",
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	80	Constants.JDK_MAX_ELEMENT_DEPTH, Constants.SP_MAX_ELEMENT_DEPTH, 0, 0),
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	81	MAX_NAME_LIMIT("MaxXMLNameLimit",
39799 2847de5336f2 8149962: Better delineation of XML processing joehw parents: 35729 diff changeset	82	Constants.JDK_XML_NAME_LIMIT, Constants.SP_XML_NAME_LIMIT, 1000, 1000),
2847de5336f2 8149962: Better delineation of XML processing joehw parents: 35729 diff changeset	83	ENTITY_REPLACEMENT_LIMIT("EntityReplacementLimit",
2847de5336f2 8149962: Better delineation of XML processing joehw parents: 35729 diff changeset	84	Constants.JDK_ENTITY_REPLACEMENT_LIMIT, Constants.SP_ENTITY_REPLACEMENT_LIMIT, 0, 3000000);
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	85
33352 35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	86	final String key;
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	87	final String apiProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	88	final String systemProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	89	final int defaultValue;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	90	final int secureValue;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	91
33352 35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	92	Limit(String key, String apiProperty, String systemProperty, int value, int secureValue) {
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	93	this.key = key;
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	94	this.apiProperty = apiProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	95	this.systemProperty = systemProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	96	this.defaultValue = value;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	97	this.secureValue = secureValue;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	98	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	99
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	100	public boolean equalsAPIPropertyName(String propertyName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	101	return (propertyName == null) ? false : apiProperty.equals(propertyName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	102	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	103
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	104	public boolean equalsSystemPropertyName(String propertyName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	105	return (propertyName == null) ? false : systemProperty.equals(propertyName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	106	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	107
33352 35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	108	public String key() {
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	109	return key;
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	110	}
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	111
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	112	public String apiProperty() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	113	return apiProperty;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	114	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	115
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	116	String systemProperty() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	117	return systemProperty;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	118	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	119
33352 35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	120	public int defaultValue() {
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	121	return defaultValue;
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	122	}
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	123
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	124	int secureValue() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	125	return secureValue;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	126	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	127	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	128
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	129	/**
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	130	* Map old property names with the new ones
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	131	*/
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	132	public static enum NameMap {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	133
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	134	ENTITY_EXPANSION_LIMIT(Constants.SP_ENTITY_EXPANSION_LIMIT, Constants.ENTITY_EXPANSION_LIMIT),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	135	MAX_OCCUR_NODE_LIMIT(Constants.SP_MAX_OCCUR_LIMIT, Constants.MAX_OCCUR_LIMIT),
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	136	ELEMENT_ATTRIBUTE_LIMIT(Constants.SP_ELEMENT_ATTRIBUTE_LIMIT, Constants.ELEMENT_ATTRIBUTE_LIMIT);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	137	final String newName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	138	final String oldName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	139
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	140	NameMap(String newName, String oldName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	141	this.newName = newName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	142	this.oldName = oldName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	143	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	144
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	145	String getOldName(String newName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	146	if (newName.equals(this.newName)) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	147	return oldName;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	148	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	149	return null;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	150	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	151	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	152	private static final int NO_LIMIT = 0;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	153	/**
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	154	* Values of the properties
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	155	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	156	private final int[] values;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	157	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	158	* States of the settings for each property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	159	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	160	private State[] states;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	161	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	162	* Flag indicating if secure processing is set
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	163	*/
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	164	boolean secureProcessing;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	165
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	166	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	167	* States that determine if properties are set explicitly
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	168	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	169	private boolean[] isSet;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	170
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	171
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	172	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	173	* Index of the special entityCountInfo property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	174	*/
33352 35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	175	private final int indexEntityCountInfo = 10000;
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	176	private String printEntityCountInfo = "";
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	177
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	178	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	179	* Default constructor. Establishes default values for known security
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	180	* vulnerabilities.
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	181	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	182	public XMLSecurityManager() {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	183	this(false);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	184	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	185
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	186	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	187	* Instantiate Security Manager in accordance with the status of
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	188	* secure processing
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	189	* @param secureProcessing
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	190	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	191	public XMLSecurityManager(boolean secureProcessing) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	192	values = new int[Limit.values().length];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	193	states = new State[Limit.values().length];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	194	isSet = new boolean[Limit.values().length];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	195	this.secureProcessing = secureProcessing;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	196	for (Limit limit : Limit.values()) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	197	if (secureProcessing) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	198	values[limit.ordinal()] = limit.secureValue;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	199	states[limit.ordinal()] = State.FSP;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	200	} else {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	201	values[limit.ordinal()] = limit.defaultValue();
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	202	states[limit.ordinal()] = State.DEFAULT;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	203	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	204	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	205	//read system properties or jaxp.properties
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	206	readSystemProperties();
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	207	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	208
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	209	/**
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	210	* Setting FEATURE_SECURE_PROCESSING explicitly
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	211	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	212	public void setSecureProcessing(boolean secure) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	213	secureProcessing = secure;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	214	for (Limit limit : Limit.values()) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	215	if (secure) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	216	setLimit(limit.ordinal(), State.FSP, limit.secureValue());
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	217	} else {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	218	setLimit(limit.ordinal(), State.FSP, limit.defaultValue());
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	219	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	220	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	221	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	222
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	223	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	224	* Return the state of secure processing
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	225	* @return the state of secure processing
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	226	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	227	public boolean isSecureProcessing() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	228	return secureProcessing;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	229	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	230
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	231
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	232	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	233	* Set limit by property name and state
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	234	* @param propertyName property name
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	235	* @param state the state of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	236	* @param value the value of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	237	* @return true if the property is managed by the security manager; false
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	238	* if otherwise.
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	239	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	240	public boolean setLimit(String propertyName, State state, Object value) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	241	int index = getIndex(propertyName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	242	if (index > -1) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	243	setLimit(index, state, value);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	244	return true;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	245	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	246	return false;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	247	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	248
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	249	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	250	* Set the value for a specific limit.
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	251	*
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	252	* @param limit the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	253	* @param state the state of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	254	* @param value the value of the property
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	255	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	256	public void setLimit(Limit limit, State state, int value) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	257	setLimit(limit.ordinal(), state, value);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	258	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	259
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	260	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	261	* Set the value of a property by its index
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	262	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	263	* @param index the index of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	264	* @param state the state of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	265	* @param value the value of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	266	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	267	public void setLimit(int index, State state, Object value) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	268	if (index == indexEntityCountInfo) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	269	printEntityCountInfo = (String)value;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	270	} else {
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	271	int temp;
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	272	if (Integer.class.isAssignableFrom(value.getClass())) {
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	273	temp = ((Integer)value).intValue();
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	274	} else {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	275	temp = Integer.parseInt((String) value);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	276	if (temp < 0) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	277	temp = 0;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	278	}
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	279	}
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	280	setLimit(index, state, temp);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	281	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	282	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	283
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	284	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	285	* Set the value of a property by its index
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	286	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	287	* @param index the index of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	288	* @param state the state of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	289	* @param value the value of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	290	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	291	public void setLimit(int index, State state, int value) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	292	if (index == indexEntityCountInfo) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	293	//if it's explicitly set, it's treated as yes no matter the value
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	294	printEntityCountInfo = Constants.JDK_YES;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	295	} else {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	296	//only update if it shall override
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	297	if (state.compareTo(states[index]) >= 0) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	298	values[index] = value;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	299	states[index] = state;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	300	isSet[index] = true;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	301	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	302	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	303	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	304
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	305	/**
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	306	* Return the value of the specified property
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	307	*
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	308	* @param propertyName the property name
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	309	* @return the value of the property as a string. If a property is managed
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	310	* by this manager, its value shall not be null.
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	311	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	312	public String getLimitAsString(String propertyName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	313	int index = getIndex(propertyName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	314	if (index > -1) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	315	return getLimitValueByIndex(index);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	316	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	317
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	318	return null;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	319	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	320	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	321	* Return the value of the specified property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	322	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	323	* @param limit the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	324	* @return the value of the property
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	325	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	326	public int getLimit(Limit limit) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	327	return values[limit.ordinal()];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	328	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	329
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	330	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	331	* Return the value of a property by its ordinal
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	332	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	333	* @param limit the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	334	* @return value of a property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	335	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	336	public String getLimitValueAsString(Limit limit) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	337	return Integer.toString(values[limit.ordinal()]);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	338	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	339
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	340	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	341	* Return the value of a property by its ordinal
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	342	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	343	* @param index the index of a property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	344	* @return limit of a property as a string
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	345	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	346	public String getLimitValueByIndex(int index) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	347	if (index == indexEntityCountInfo) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	348	return printEntityCountInfo;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	349	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	350
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	351	return Integer.toString(values[index]);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	352	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	353
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	354	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	355	* Return the state of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	356	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	357	* @param limit the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	358	* @return the state of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	359	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	360	public State getState(Limit limit) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	361	return states[limit.ordinal()];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	362	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	363
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	364	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	365	* Return the state of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	366	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	367	* @param limit the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	368	* @return the state of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	369	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	370	public String getStateLiteral(Limit limit) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	371	return states[limit.ordinal()].literal();
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	372	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	373
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	374	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	375	* Get the index by property name
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	376	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	377	* @param propertyName property name
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	378	* @return the index of the property if found; return -1 if not
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	379	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	380	public int getIndex(String propertyName) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	381	for (Limit limit : Limit.values()) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	382	if (limit.equalsAPIPropertyName(propertyName)) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	383	//internally, ordinal is used as index
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	384	return limit.ordinal();
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	385	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	386	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	387	//special property to return entity count info
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	388	if (propertyName.equals(Constants.JDK_ENTITY_COUNT_INFO)) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	389	return indexEntityCountInfo;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	390	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	391	return -1;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	392	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	393
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	394	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	395	* Check if there's no limit defined by the Security Manager
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	396	* @param limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	397	* @return
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	398	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	399	public boolean isNoLimit(int limit) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	400	return limit==NO_LIMIT;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	401	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	402	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	403	* Check if the size (length or count) of the specified limit property is
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	404	* over the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	405	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	406	* @param limit the type of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	407	* @param entityName the name of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	408	* @param size the size (count or length) of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	409	* @return true if the size is over the limit, false otherwise
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	410	*/
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	411	public boolean isOverLimit(Limit limit, String entityName, int size,
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	412	XMLLimitAnalyzer limitAnalyzer) {
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	413	return isOverLimit(limit.ordinal(), entityName, size, limitAnalyzer);
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	414	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	415
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	416	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	417	* Check if the value (length or count) of the specified limit property is
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	418	* over the limit
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	419	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	420	* @param index the index of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	421	* @param entityName the name of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	422	* @param size the size (count or length) of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	423	* @return true if the size is over the limit, false otherwise
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	424	*/
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	425	public boolean isOverLimit(int index, String entityName, int size,
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	426	XMLLimitAnalyzer limitAnalyzer) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	427	if (values[index] == NO_LIMIT) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	428	return false;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	429	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	430	if (size > values[index]) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	431	limitAnalyzer.addValue(index, entityName, size);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	432	return true;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	433	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	434	return false;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	435	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	436
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	437	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	438	* Check against cumulated value
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	439	*
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	440	* @param limit the type of the limit property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	441	* @param size the size (count or length) of the entity
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	442	* @return true if the size is over the limit, false otherwise
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	443	*/
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	444	public boolean isOverLimit(Limit limit, XMLLimitAnalyzer limitAnalyzer) {
1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	445	return isOverLimit(limit.ordinal(), limitAnalyzer);
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	446	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	447
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	448	public boolean isOverLimit(int index, XMLLimitAnalyzer limitAnalyzer) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	449	if (values[index] == NO_LIMIT) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	450	return false;
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	451	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	452
25591 8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	453	if (index == Limit.ELEMENT_ATTRIBUTE_LIMIT.ordinal() \|\|
8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	454	index == Limit.ENTITY_EXPANSION_LIMIT.ordinal() \|\|
8382d4909d6a 8031540: Introduce document horizon joehw parents: 22418 diff changeset	455	index == Limit.TOTAL_ENTITY_SIZE_LIMIT.ordinal() \|\|
39799 2847de5336f2 8149962: Better delineation of XML processing joehw parents: 35729 diff changeset	456	index == Limit.ENTITY_REPLACEMENT_LIMIT.ordinal() \|\|
33352 35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	457	index == Limit.MAX_ELEMENT_DEPTH_LIMIT.ordinal() \|\|
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	458	index == Limit.MAX_NAME_LIMIT.ordinal()
35c096b5709c 8086733: Improve namespace handling joehw parents: 30522 diff changeset	459	) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	460	return (limitAnalyzer.getTotalValue(index) > values[index]);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	461	} else {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	462	return (limitAnalyzer.getValue(index) > values[index]);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	463	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	464	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	465
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	466	public void debugPrint(XMLLimitAnalyzer limitAnalyzer) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	467	if (printEntityCountInfo.equals(Constants.JDK_YES)) {
22418 1ee8fd0184d1 8028111: XML readers share the same entity expansion counter joehw parents: 20973 diff changeset	468	limitAnalyzer.debugPrint(this);
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	469	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	470	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	471
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	472
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	473	/**
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	474	* Indicate if a property is set explicitly
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	475	* @param index
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	476	* @return
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	477	*/
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	478	public boolean isSet(int index) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	479	return isSet[index];
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	480	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	481
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	482	public boolean printEntityCountInfo() {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	483	return printEntityCountInfo.equals(Constants.JDK_YES);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	484	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	485
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	486	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	487	* Read from system properties, or those in jaxp.properties
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	488	*/
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	489	private void readSystemProperties() {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	490
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	491	for (Limit limit : Limit.values()) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	492	if (!getSystemProperty(limit, limit.systemProperty())) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	493	//if system property is not found, try the older form if any
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	494	for (NameMap nameMap : NameMap.values()) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	495	String oldName = nameMap.getOldName(limit.systemProperty());
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	496	if (oldName != null) {
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	497	getSystemProperty(limit, oldName);
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	498	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	499	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	500	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	501	}
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	502
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	503	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	504
35729 49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	505	// Array list to store printed warnings for each SAX parser used
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	506	private static final CopyOnWriteArrayList<String> printedWarnings = new CopyOnWriteArrayList<>();
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	507
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	508	/**
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	509	* Prints out warnings if a parser does not support the specified feature/property.
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	510	*
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	511	* @param parserClassName the name of the parser class
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	512	* @param propertyName the property name
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	513	* @param exception the exception thrown by the parser
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	514	*/
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	515	public static void printWarning(String parserClassName, String propertyName, SAXException exception) {
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	516	String key = parserClassName+":"+propertyName;
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	517	if (printedWarnings.addIfAbsent(key)) {
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	518	System.err.println( "Warning: "+parserClassName+": "+exception.getMessage());
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	519	}
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	520	}
49f1515c5f5c 8144593: Suppress not recognized property/feature warning messages from SAXParser aefimov parents: 33352 diff changeset	521
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	522	/**
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	523	* Read from system properties, or those in jaxp.properties
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	524	*
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	525	* @param property the type of the property
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	526	* @param sysPropertyName the name of system property
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	527	*/
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	528	private boolean getSystemProperty(Limit limit, String sysPropertyName) {
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	529	try {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	530	String value = SecuritySupport.getSystemProperty(sysPropertyName);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	531	if (value != null && !value.equals("")) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	532	values[limit.ordinal()] = Integer.parseInt(value);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	533	states[limit.ordinal()] = State.SYSTEMPROPERTY;
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	534	return true;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	535	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	536
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	537	value = SecuritySupport.readJAXPProperty(sysPropertyName);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	538	if (value != null && !value.equals("")) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	539	values[limit.ordinal()] = Integer.parseInt(value);
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	540	states[limit.ordinal()] = State.JAXPDOTPROPERTIES;
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	541	return true;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	542	}
a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	543	} catch (NumberFormatException e) {
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	544	//invalid setting
dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	545	throw new NumberFormatException("Invalid setting for system property: " + limit.systemProperty());
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	546	}
20968 dde41f8b7b96 8014530: Better digital signature processing joehw parents: 20964 diff changeset	547	return false;
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	548	}
20973 cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	549
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	550
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	551	/**
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	552	* Convert a value set through setProperty to XMLSecurityManager.
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	553	* If the value is an instance of XMLSecurityManager, use it to override the default;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	554	* If the value is an old SecurityManager, convert to the new XMLSecurityManager.
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	555	*
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	556	* @param value user specified security manager
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	557	* @param securityManager an instance of XMLSecurityManager
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	558	* @return an instance of the new security manager XMLSecurityManager
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	559	*/
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	560	static public XMLSecurityManager convert(Object value, XMLSecurityManager securityManager) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	561	if (value == null) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	562	if (securityManager == null) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	563	securityManager = new XMLSecurityManager(true);
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	564	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	565	return securityManager;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	566	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	567	if (XMLSecurityManager.class.isAssignableFrom(value.getClass())) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	568	return (XMLSecurityManager)value;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	569	} else {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	570	if (securityManager == null) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	571	securityManager = new XMLSecurityManager(true);
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	572	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	573	if (SecurityManager.class.isAssignableFrom(value.getClass())) {
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	574	SecurityManager origSM = (SecurityManager)value;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	575	securityManager.setLimit(Limit.MAX_OCCUR_NODE_LIMIT, State.APIPROPERTY, origSM.getMaxOccurNodeLimit());
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	576	securityManager.setLimit(Limit.ENTITY_EXPANSION_LIMIT, State.APIPROPERTY, origSM.getEntityExpansionLimit());
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	577	securityManager.setLimit(Limit.ELEMENT_ATTRIBUTE_LIMIT, State.APIPROPERTY, origSM.getElementAttrLimit());
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	578	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	579	return securityManager;
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	580	}
cc1cc8eb501b 8022682: Supporting XOM joehw parents: 20968 diff changeset	581	}
20964 a5cd729f176d 8017298: Better XML support joehw parents: diff changeset	582	}

author	joehw
	Wed, 04 Oct 2017 10:54:18 -0700
changeset 47312	d4f959806fe9
parent 47216	71c04702a3d5
permissions	-rw-r--r--