1 /*
2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 import java.security.Security;
25 import java.util.ArrayList;
26 import java.util.Arrays;
27 import java.util.List;
28 import java.util.StringTokenizer;
29
30 /**
31 * A collection of utility methods and constants for testing the package
32 * access and package definition security checks.
33 */
34 final class RestrictedPackages {
35
36 /*
37 * The expected list of restricted packages.
38 *
39 * This array should be updated whenever new packages are added to the
40 * package.access property in the java.security file
41 * NOTE: it should be in the same order as the java.security file
42 */
43 static final String[] EXPECTED = {
44 "sun.",
45 "com.sun.xml.internal.",
46 "com.sun.imageio.",
47 "com.sun.istack.internal.",
48 "com.sun.jmx.",
49 "com.sun.media.sound.",
50 "com.sun.naming.internal.",
51 "com.sun.proxy.",
52 "com.sun.corba.se.",
53 "com.sun.org.apache.bcel.internal.",
54 "com.sun.org.apache.regexp.internal.",
55 "com.sun.org.apache.xerces.internal.",
56 "com.sun.org.apache.xpath.internal.",
57 "com.sun.org.apache.xalan.internal.extensions.",
58 "com.sun.org.apache.xalan.internal.lib.",
59 "com.sun.org.apache.xalan.internal.res.",
60 "com.sun.org.apache.xalan.internal.templates.",
61 "com.sun.org.apache.xalan.internal.utils.",
62 "com.sun.org.apache.xalan.internal.xslt.",
63 "com.sun.org.apache.xalan.internal.xsltc.cmdline.",
64 "com.sun.org.apache.xalan.internal.xsltc.compiler.",
65 "com.sun.org.apache.xalan.internal.xsltc.trax.",
66 "com.sun.org.apache.xalan.internal.xsltc.util.",
67 "com.sun.org.apache.xml.internal.res.",
68 "com.sun.org.apache.xml.internal.security.",
69 "com.sun.org.apache.xml.internal.serializer.dom3.",
70 "com.sun.org.apache.xml.internal.serializer.utils.",
71 "com.sun.org.apache.xml.internal.utils.",
72 "com.sun.org.glassfish.",
73 "com.sun.tools.script.",
74 "com.oracle.xmlns.internal.",
75 "com.oracle.webservices.internal.",
76 "org.jcp.xml.dsig.internal.",
77 "jdk.internal.",
78 "jdk.nashorn.internal.",
79 "jdk.nashorn.tools.",
80 "jdk.tools.jimage.",
81 "com.sun.activation.registries.",
82 "com.sun.java.accessibility.util.internal."
83 };
84
85 /*
86 * A non-exhaustive list of restricted packages.
87 *
88 * Contrary to what is in the EXPECTED list, this list does not need
89 * to be exhaustive.
90 */
91 static final String[] EXPECTED_NONEXHAUSTIVE = {
92 "sun.",
93 "com.sun.xml.internal.",
94 "com.sun.imageio.",
95 "com.sun.istack.internal.",
96 "com.sun.jmx.",
97 "com.sun.proxy.",
98 "com.sun.org.apache.bcel.internal.",
99 "com.sun.org.apache.regexp.internal.",
100 "com.sun.org.apache.xerces.internal.",
101 "com.sun.org.apache.xpath.internal.",
102 "com.sun.org.apache.xalan.internal.extensions.",
103 "com.sun.org.apache.xalan.internal.lib.",
104 "com.sun.org.apache.xalan.internal.res.",
105 "com.sun.org.apache.xalan.internal.templates.",
106 "com.sun.org.apache.xalan.internal.utils.",
107 "com.sun.org.apache.xalan.internal.xslt.",
108 "com.sun.org.apache.xalan.internal.xsltc.cmdline.",
109 "com.sun.org.apache.xalan.internal.xsltc.compiler.",
110 "com.sun.org.apache.xalan.internal.xsltc.trax.",
111 "com.sun.org.apache.xalan.internal.xsltc.util.",
112 "com.sun.org.apache.xml.internal.res.",
113 "com.sun.org.apache.xml.internal.serializer.utils.",
114 "com.sun.org.apache.xml.internal.utils.",
115 "com.sun.org.apache.xml.internal.security.",
116 "com.sun.org.glassfish.",
117 "org.jcp.xml.dsig.internal."
118 };
119
120 private static final String OS_NAME = System.getProperty("os.name");
121
122 /**
123 * Returns a list of expected restricted packages, including any
124 * OS specific packages. The returned list is mutable.
125 */
126 static List<String> expected() {
127 List<String> pkgs = new ArrayList<>(Arrays.asList(EXPECTED));
128 if (OS_NAME.contains("OS X")) {
129 pkgs.add("apple."); // add apple package for OS X
130 }
131 if (OS_NAME.contains("Win")) {
132 pkgs.add("com.sun.java.accessibility.internal."); // add Win only package
133 }
134 return pkgs;
135 }
136
137 /**
138 * Returns a list of actual restricted packages. The returned list
139 * is mutable.
140 */
141 static List<String> actual() {
142 String prop = Security.getProperty("package.access");
143 List<String> packages = new ArrayList<>();
144 if (prop != null && !prop.equals("")) {
145 StringTokenizer tok = new StringTokenizer(prop, ",");
146 while (tok.hasMoreElements()) {
147 String s = tok.nextToken().trim();
148 packages.add(s);
149 }
150 }
151 return packages;
152 }
153
154 private RestrictedPackages() { }
155 }