1 /* 2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.util; 27 28 import java.security.AccessController; 29 import java.security.PrivilegedAction; 30 import java.security.Security; 31 import java.util.Map; 32 import java.util.Set; 33 34 /** 35 * The class contains common functionality for algorithm constraints classes. 36 */ 37 public abstract class AbstractAlgorithmConstraints 38 implements AlgorithmConstraints { 39 40 protected final AlgorithmDecomposer decomposer; 41 42 protected AbstractAlgorithmConstraints(AlgorithmDecomposer decomposer) { 43 this.decomposer = decomposer; 44 } 45 46 // Get algorithm constraints from the specified security property. 47 private static void loadAlgorithmsMap(Map<String, String[]> algorithmsMap, 48 final String propertyName) { 49 String property = AccessController.doPrivileged( 50 new PrivilegedAction<String>() { 51 public String run() { 52 return Security.getProperty(propertyName); 53 } 54 }); 55 String[] algorithmsInProperty = null; 56 if (property != null && !property.isEmpty()) { 57 // remove double quote marks from beginning/end of the property 58 if (property.length() >= 2 && property.charAt(0) == '"' && 59 property.charAt(property.length() - 1) == '"') { 60 property = property.substring(1, property.length() - 1); 61 } 62 algorithmsInProperty = property.split(","); 63 for (int i = 0; i < algorithmsInProperty.length; i++) { 64 algorithmsInProperty[i] = algorithmsInProperty[i].trim(); 65 } 66 } 67 68 // map the disabled algorithms 69 if (algorithmsInProperty == null) { 70 algorithmsInProperty = new String[0]; 71 } 72 algorithmsMap.put(propertyName, algorithmsInProperty); 73 } 74 75 static String[] getAlgorithms(Map<String, String[]> algorithmsMap, 76 String propertyName) { 77 synchronized (algorithmsMap) { 78 if (!algorithmsMap.containsKey(propertyName)) { 79 loadAlgorithmsMap(algorithmsMap, propertyName); 80 } 81 82 return algorithmsMap.get(propertyName); 83 } 84 } 85 86 static boolean checkAlgorithm(String[] algorithms, String algorithm, 87 AlgorithmDecomposer decomposer) { 88 if (algorithm == null || algorithm.length() == 0) { 89 throw new IllegalArgumentException("No algorithm name specified"); 90 } 91 92 Set<String> elements = null; 93 for (String item : algorithms) { 94 if (item == null || item.isEmpty()) { 95 continue; 96 } 97 98 // check the full name 99 if (item.equalsIgnoreCase(algorithm)) { 100 return false; 101 } 102 103 // decompose the algorithm into sub-elements 104 if (elements == null) { 105 elements = decomposer.decompose(algorithm); 106 } 107 108 // check the items of the algorithm 109 for (String element : elements) { 110 if (item.equalsIgnoreCase(element)) { 111 return false; 112 } 113 } 114 } 115 116 return true; 117 } 118 119 }