jdk/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java
--- a/jdk/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java Thu Jun 05 18:46:37 2014 +0200
+++ b/jdk/src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/JavaUtils.java Wed Jun 11 16:25:59 2014 -0400
@@ -28,6 +28,7 @@
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
+import java.security.SecurityPermission;
/**
* A collection of different, general-purpose methods for JAVA-specific things
@@ -39,6 +40,10 @@
private static java.util.logging.Logger log =
java.util.logging.Logger.getLogger(JavaUtils.class.getName());
+ private static final SecurityPermission REGISTER_PERMISSION =
+ new SecurityPermission(
+ "com.sun.org.apache.xml.internal.security.register");
+
private JavaUtils() {
// we don't allow instantiation
}
@@ -147,6 +152,23 @@
}
/**
+ * Throws a {@code SecurityException} if a security manager is installed
+ * and the caller is not allowed to register an implementation of an
+ * algorithm, transform, or other security sensitive XML Signature function.
+ *
+ * @throws SecurityException if a security manager is installed and the
+ * caller has not been granted the
+ * {@literal "com.sun.org.apache.xml.internal.security.register"}
+ * {@code SecurityPermission}
+ */
+ public static void checkRegisterPermission() {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) {
+ sm.checkPermission(REGISTER_PERMISSION);
+ }
+ }
+
+ /**
* Converts an ASN.1 DSA value to a XML Signature DSA Value.
*
* The JCE DSA Signature algorithm creates ASN.1 encoded (r,s) value