source: trunk/src/gcc/libjava/java/security/CodeSource.java@ 819

Last change on this file since 819 was 2, checked in by bird, 23 years ago

Initial revision
  • Property cvs2svn:cvs-rev set to 1.1
  • Property svn:eol-style set to native
  • Property svn:executable set to *
File size: 10.0 KB
Line 
1/* CodeSource.java -- Code location and certifcates
2 Copyright (C) 1998 Free Software Foundation, Inc.
3
4This file is part of GNU Classpath.
5
6GNU Classpath is free software; you can redistribute it and/or modify
7it under the terms of the GNU General Public License as published by
8the Free Software Foundation; either version 2, or (at your option)
9any later version.
10
11GNU Classpath is distributed in the hope that it will be useful, but
12WITHOUT ANY WARRANTY; without even the implied warranty of
13MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14General Public License for more details.
15
16You should have received a copy of the GNU General Public License
17along with GNU Classpath; see the file COPYING. If not, write to the
18Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
1902111-1307 USA.
20
21Linking this library statically or dynamically with other modules is
22making a combined work based on this library. Thus, the terms and
23conditions of the GNU General Public License cover the whole
24combination.
25
26As a special exception, the copyright holders of this library give you
27permission to link this library with independent modules to produce an
28executable, regardless of the license terms of these independent
29modules, and to copy and distribute the resulting executable under
30terms of your choice, provided that you also meet, for each linked
31independent module, the terms and conditions of the license of that
32module. An independent module is a module which is not derived from
33or based on this library. If you modify this library, you may extend
34this exception to your version of the library, but you are not
35obligated to do so. If you do not wish to do so, delete this
36exception statement from your version. */
37
38package java.security;
39
40import java.io.Serializable;
41import java.net.URL;
42import java.net.SocketPermission;
43
44/**
45 * This class represents a location from which code is loaded (as
46 * represented by a URL) and the list of certificates that are used to
47 * check the signatures of signed code loaded from this source.
48 *
49 * @version 0.0
50 *
51 * @author Aaron M. Renn ([email protected])
52 */
53public class CodeSource implements Serializable
54{
55 private static final String linesep = System.getProperty("line.separator");
56
57 /**
58 * This is the URL that represents the code base from which code will
59 * be loaded.
60 */
61 private URL location;
62
63 /**
64 * This is the list of certificates for this code base
65 */
66 // What is the serialized form of this?
67 private java.security.cert.Certificate[] certs;
68
69 /**
70 * This method initializes a new instance of <code>CodeSource</code> that
71 * loads code from the specified URL location and which uses the
72 * specified certificates for verifying signatures.
73 *
74 * @param location The location from which code will be loaded
75 * @param certs The list of certificates used for verifying signatures on code from this source
76 */
77 public CodeSource(URL location, java.security.cert.Certificate[] certs)
78 {
79 this.location = location;
80 this.certs = certs;
81 }
82
83 /**
84 * This method returns the URL specifying the location from which code
85 * will be loaded under this <code>CodeSource</code>.
86 *
87 * @return The code location for this <code>CodeSource</code>.
88 */
89 public final URL getLocation()
90 {
91 return location;
92 }
93
94 /**
95 * This method returns the list of digital certificates that can be used
96 * to verify the signatures of code loaded under this <code>CodeSource</code>.
97 *
98 * @return The certifcate list for this <code>CodeSource</code>.
99 */
100 public final java.security.cert.Certificate[] getCertificates()
101 {
102 return certs;
103 }
104
105 /**
106 * This method tests to see if a specified <code>CodeSource</code> is
107 * implied by this object. Effectively, to meet this test, the specified
108 * object must have all the certifcates this object has (but may have
109 * more) and must have a location that is a subset of this object's. In order
110 * for this object to imply the specified object, the following must be
111 * true:
112 * <p>
113 * <ol>
114 * <li>The specified <code>CodeSource</code> must not be <code>null</code>.
115 * <li>If the specified <code>CodeSource</code> has a certificate list,
116 * all of that object's certificates must be present in the certificate
117 * list of this object.
118 * <li>If this object does not have a <code>null</code> location, then
119 * the following addtional tests must be passed.
120 * <ol>
121 * <li>The specified <code>CodeSource</code> must not have a <code>null</code> location.
122 * <li>The specified <code>CodeSource</code>'s location must be equal to
123 * this object's location, or<br>
124 * <ul>
125 * <li>The specifiec <code>CodeSource</code>'s location protocol, port,
126 * and ref (aka, anchor) must equal this objects, and
127 * <li>The specified <code>CodeSource</code>'s location host must imply this
128 * object's location host, as determined by contructing
129 * <code>SocketPermission</code> objects from each with no action list and
130 * using that classes's <code>implies</code> method. And,
131 * <li>If this object's location file ends with a '/', then the specified
132 * object's location file must start with this object's location file.
133 * Otherwise, the specified object's location file must start with this
134 * object's location file with the '/' character appended to it.
135 * </ul>
136 * </ol>
137 * </ol>
138 *
139 * @param cs The <code>CodeSource</code> to test against this object
140 *
141 * @return <code>true</code> if this specified <code>CodeSource</code> is specified by this object, <code>false</code> otherwise.
142 */
143 public boolean implies(CodeSource cs)
144 {
145 if (cs == null)
146 return false;
147
148 // First check the certificate list
149 java.security.cert.Certificate[] their_certs = cs.getCertificates();
150 java.security.cert.Certificate[] our_certs = getCertificates();
151
152 if (our_certs != null)
153 {
154 if (their_certs == null)
155 return false;
156
157 for (int i = 0; i < our_certs.length; i++)
158 {
159 int j;
160 for (j = 0; j < their_certs.length; j++)
161 if (our_certs[i].equals(their_certs[j]))
162 break;
163
164 if (j == their_certs.length)
165 return false;
166 }
167 }
168
169 // Next check the location
170 URL their_loc = getLocation();
171 URL our_loc = getLocation();
172
173 if (our_loc == null)
174 return true;
175 else if (their_loc == null)
176 return false;
177
178 if (!our_loc.getProtocol().equals(their_loc.getProtocol()))
179 return false;
180
181 if (our_loc.getPort() != -1)
182 if (our_loc.getPort() != their_loc.getPort())
183 return false;
184
185 if (our_loc.getRef() != null)
186 if (!our_loc.getRef().equals(their_loc.getRef()))
187 return false;
188
189 // See javadoc comments for what we are doing here.
190 if (our_loc.getHost() != null)
191 {
192 String their_host = their_loc.getHost();
193 if (their_host == null)
194 return false;
195
196 SocketPermission our_sockperm =
197 new SocketPermission(our_loc.getHost(), "accept");
198 SocketPermission their_sockperm =
199 new SocketPermission(their_host, "accept");
200
201 if (!our_sockperm.implies(their_sockperm))
202 return false;
203 }
204
205 String our_file = our_loc.getFile();
206 if (our_file != null)
207 {
208 if (!our_file.endsWith("/"))
209 our_file = our_file + "/";
210
211 String their_file = their_loc.getFile();
212 if (their_file == null)
213 return false;
214
215 if (!their_file.startsWith(our_file))
216 return false;
217 }
218
219 return true;
220 }
221
222 /**
223 * This method tests the specified <code>Object</code> for equality with
224 * this object. This will be true if and only if:
225 * <p>
226 * <ul>
227 * <li>The specified object is not <code>null</code>.
228 * <li>The specified object is an instance of <code>CodeSource</code>.
229 * <li>The specified object's location is the same as this object's.
230 * <li>The specified object's certificate list contains the exact same
231 * entries as the object's. Note that the order of the certificate lists
232 * is not significant.
233 * </ul>
234 *
235 * @param obj The <code>Object</code> to test against.
236 *
237 * @return <code>true</code> if the specified object is equal to this one, <code>false</code> otherwise.
238 */
239 public boolean equals(Object obj)
240 {
241 if (obj == null)
242 return false;
243
244 if (!(obj instanceof CodeSource))
245 return false;
246
247 CodeSource cs = (CodeSource) obj;
248
249 // First check the certificate list
250 java.security.cert.Certificate[] their_certs = cs.getCertificates();
251 java.security.cert.Certificate[] our_certs = getCertificates();
252
253 if ((our_certs == null) && (their_certs != null))
254 return false;
255 else if ((our_certs != null) && (their_certs == null))
256 return false;
257
258 if (our_certs != null)
259 {
260 if (our_certs.length != their_certs.length)
261 return false;
262
263 for (int i = 0; i < our_certs.length; i++)
264 {
265 int j;
266 for (j = 0; j < their_certs.length; j++)
267 if (our_certs[i].equals(their_certs[j]))
268 break;
269
270 if (j == their_certs.length)
271 return false;
272 }
273 }
274
275 // Now the location
276 URL their_loc = cs.getLocation();
277 URL our_loc = getLocation();
278
279 if ((our_loc == null) && (their_loc != null))
280 return false;
281
282 if (!our_loc.equals(their_loc))
283 return false;
284
285 return true;
286 }
287
288 /**
289 * This method returns a hash value for this object.
290 *
291 * @return A hash value for this object.
292 */
293 public int hashCode()
294 {
295 URL location = getLocation();
296 if (location == null)
297 return System.identityHashCode(this);
298
299 return location.hashCode();
300 }
301
302 /**
303 * This method returns a <code>String</code> that represents this object.
304 * This <code>String</code> will contain the object's hash code, location,
305 * and certificate list.
306 *
307 * @return A <code>String</code> for this object
308 */
309 public String toString()
310 {
311 StringBuffer sb = new StringBuffer("");
312
313 sb.append(super.toString() + " (" + linesep);
314 sb.append("Location: " + getLocation() + linesep);
315
316 java.security.cert.Certificate[] certs = getCertificates();
317 if (certs == null)
318 sb.append("<none>" + linesep);
319 else
320 for (int i = 0; i < certs.length; i++)
321 sb.append(certs[i] + linesep);
322
323 sb.append(")" + linesep);
324
325 return sb.toString();
326 }
327}
Note: See TracBrowser for help on using the repository browser.