1 /*
2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.security;
27
28 import java.io.IOException;
29 import java.io.ByteArrayInputStream;
30 import java.util.ArrayList;
31 import java.util.Hashtable;
32 import java.lang.reflect.*;
33 import java.security.cert.*;
34
35 /**
36 * The UnresolvedPermission class is used to hold Permissions that
37 * were "unresolved" when the Policy was initialized.
38 * An unresolved permission is one whose actual Permission class
39 * does not yet exist at the time the Policy is initialized (see below).
40 *
41 * <p>The policy for a Java runtime (specifying
42 * which permissions are available for code from various principals)
43 * is represented by a Policy object.
44 * Whenever a Policy is initialized or refreshed, Permission objects of
45 * appropriate classes are created for all permissions
46 * allowed by the Policy.
47 *
48 * <p>Many permission class types
49 * referenced by the policy configuration are ones that exist
50 * locally (i.e., ones that can be found on CLASSPATH).
51 * Objects for such permissions can be instantiated during
52 * Policy initialization. For example, it is always possible
53 * to instantiate a java.io.FilePermission, since the
54 * FilePermission class is found on the CLASSPATH.
55 *
56 * <p>Other permission classes may not yet exist during Policy
57 * initialization. For example, a referenced permission class may
58 * be in a JAR file that will later be loaded.
59 * For each such class, an UnresolvedPermission is instantiated.
60 * Thus, an UnresolvedPermission is essentially a "placeholder"
61 * containing information about the permission.
62 *
63 * <p>Later, when code calls AccessController.checkPermission
64 * on a permission of a type that was previously unresolved,
65 * but whose class has since been loaded, previously-unresolved
66 * permissions of that type are "resolved". That is,
67 * for each such UnresolvedPermission, a new object of
68 * the appropriate class type is instantiated, based on the
69 * information in the UnresolvedPermission.
70 *
71 * <p> To instantiate the new class, UnresolvedPermission assumes
72 * the class provides a zero, one, and/or two-argument constructor.
73 * The zero-argument constructor would be used to instantiate
74 * a permission without a name and without actions.
75 * A one-arg constructor is assumed to take a {@code String}
76 * name as input, and a two-arg constructor is assumed to take a
77 * {@code String} name and {@code String} actions
78 * as input. UnresolvedPermission may invoke a
79 * constructor with a {@code null} name and/or actions.
80 * If an appropriate permission constructor is not available,
81 * the UnresolvedPermission is ignored and the relevant permission
82 * will not be granted to executing code.
83 *
84 * <p> The newly created permission object replaces the
85 * UnresolvedPermission, which is removed.
86 *
87 * <p> Note that the {@code getName} method for an
88 * {@code UnresolvedPermission} returns the
89 * {@code type} (class name) for the underlying permission
90 * that has not been resolved.
91 *
92 * @see java.security.Permission
93 * @see java.security.Permissions
94 * @see java.security.PermissionCollection
95 * @see java.security.Policy
96 *
97 *
98 * @author Roland Schemers
99 */
100
101 public final class UnresolvedPermission extends Permission
102 implements java.io.Serializable
103 {
104
105 private static final long serialVersionUID = -4821973115467008846L;
106
107 private static final sun.security.util.Debug debug =
108 sun.security.util.Debug.getInstance
109 ("policy,access", "UnresolvedPermission");
110
111 /**
112 * The class name of the Permission class that will be
113 * created when this unresolved permission is resolved.
114 *
115 * @serial
116 */
117 private String type;
118
119 /**
120 * The permission name.
121 *
122 * @serial
123 */
124 private String name;
125
126 /**
127 * The actions of the permission.
128 *
129 * @serial
130 */
131 private String actions;
132
133 private transient java.security.cert.Certificate certs[];
134
135 /**
136 * Creates a new UnresolvedPermission containing the permission
137 * information needed later to actually create a Permission of the
138 * specified class, when the permission is resolved.
139 *
140 * @param type the class name of the Permission class that will be
141 * created when this unresolved permission is resolved.
142 * @param name the name of the permission.
143 * @param actions the actions of the permission.
144 * @param certs the certificates the permission's class was signed with.
145 * This is a list of certificate chains, where each chain is composed of a
146 * signer certificate and optionally its supporting certificate chain.
147 * Each chain is ordered bottom-to-top (i.e., with the signer certificate
148 * first and the (root) certificate authority last). The signer
149 * certificates are copied from the array. Subsequent changes to
150 * the array will not affect this UnsolvedPermission.
151 */
152 public UnresolvedPermission(String type,
153 String name,
154 String actions,
155 java.security.cert.Certificate certs[])
156 {
157 super(type);
158
159 if (type == null)
160 throw new NullPointerException("type can't be null");
161
162 this.type = type;
163 this.name = name;
164 this.actions = actions;
165 if (certs != null) {
166 // Extract the signer certs from the list of certificates.
167 for (int i=0; i<certs.length; i++) {
168 if (!(certs[i] instanceof X509Certificate)) {
169 // there is no concept of signer certs, so we store the
170 // entire cert array
171 this.certs = certs.clone();
172 break;
173 }
174 }
175
176 if (this.certs == null) {
177 // Go through the list of certs and see if all the certs are
178 // signer certs.
179 int i = 0;
180 int count = 0;
181 while (i < certs.length) {
182 count++;
183 while (((i+1) < certs.length) &&
184 ((X509Certificate)certs[i]).getIssuerDN().equals(
185 ((X509Certificate)certs[i+1]).getSubjectDN())) {
186 i++;
187 }
188 i++;
189 }
190 if (count == certs.length) {
191 // All the certs are signer certs, so we store the entire
192 // array
193 this.certs = certs.clone();
194 }
195
196 if (this.certs == null) {
197 // extract the signer certs
198 ArrayList<java.security.cert.Certificate> signerCerts =
199 new ArrayList<>();
200 i = 0;
201 while (i < certs.length) {
202 signerCerts.add(certs[i]);
203 while (((i+1) < certs.length) &&
204 ((X509Certificate)certs[i]).getIssuerDN().equals(
205 ((X509Certificate)certs[i+1]).getSubjectDN())) {
206 i++;
207 }
208 i++;
209 }
210 this.certs =
211 new java.security.cert.Certificate[signerCerts.size()];
212 signerCerts.toArray(this.certs);
213 }
214 }
215 }
216 }
217
218
219 private static final Class[] PARAMS0 = { };
220 private static final Class[] PARAMS1 = { String.class };
221 private static final Class[] PARAMS2 = { String.class, String.class };
222
223 /**
224 * try and resolve this permission using the class loader of the permission
225 * that was passed in.
226 */
227 Permission resolve(Permission p, java.security.cert.Certificate certs[]) {
228 if (this.certs != null) {
229 // if p wasn't signed, we don't have a match
230 if (certs == null) {
231 return null;
232 }
233
234 // all certs in this.certs must be present in certs
235 boolean match;
236 for (int i = 0; i < this.certs.length; i++) {
237 match = false;
238 for (int j = 0; j < certs.length; j++) {
239 if (this.certs[i].equals(certs[j])) {
240 match = true;
241 break;
242 }
243 }
244 if (!match) return null;
245 }
246 }
247 try {
248 Class<?> pc = p.getClass();
249
250 if (name == null && actions == null) {
251 try {
252 Constructor<?> c = pc.getConstructor(PARAMS0);
253 return (Permission)c.newInstance(new Object[] {});
254 } catch (NoSuchMethodException ne) {
255 try {
256 Constructor<?> c = pc.getConstructor(PARAMS1);
257 return (Permission) c.newInstance(
258 new Object[] { name});
259 } catch (NoSuchMethodException ne1) {
260 Constructor<?> c = pc.getConstructor(PARAMS2);
261 return (Permission) c.newInstance(
262 new Object[] { name, actions });
263 }
264 }
265 } else {
266 if (name != null && actions == null) {
267 try {
268 Constructor<?> c = pc.getConstructor(PARAMS1);
269 return (Permission) c.newInstance(
270 new Object[] { name});
271 } catch (NoSuchMethodException ne) {
272 Constructor<?> c = pc.getConstructor(PARAMS2);
273 return (Permission) c.newInstance(
274 new Object[] { name, actions });
275 }
276 } else {
277 Constructor<?> c = pc.getConstructor(PARAMS2);
278 return (Permission) c.newInstance(
279 new Object[] { name, actions });
280 }
281 }
282 } catch (NoSuchMethodException nsme) {
283 if (debug != null ) {
284 debug.println("NoSuchMethodException:\n could not find " +
285 "proper constructor for " + type);
286 nsme.printStackTrace();
287 }
288 return null;
289 } catch (Exception e) {
290 if (debug != null ) {
291 debug.println("unable to instantiate " + name);
292 e.printStackTrace();
293 }
294 return null;
295 }
296 }
297
298 /**
299 * This method always returns false for unresolved permissions.
300 * That is, an UnresolvedPermission is never considered to
301 * imply another permission.
302 *
303 * @param p the permission to check against.
304 *
305 * @return false.
306 */
307 public boolean implies(Permission p) {
308 return false;
309 }
310
311 /**
312 * Checks two UnresolvedPermission objects for equality.
313 * Checks that <i>obj</i> is an UnresolvedPermission, and has
314 * the same type (class) name, permission name, actions, and
315 * certificates as this object.
316 *
317 * <p> To determine certificate equality, this method only compares
318 * actual signer certificates. Supporting certificate chains
319 * are not taken into consideration by this method.
320 *
321 * @param obj the object we are testing for equality with this object.
322 *
323 * @return true if obj is an UnresolvedPermission, and has the same
324 * type (class) name, permission name, actions, and
325 * certificates as this object.
326 */
327 public boolean equals(Object obj) {
328 if (obj == this)
329 return true;
330
331 if (! (obj instanceof UnresolvedPermission))
332 return false;
333 UnresolvedPermission that = (UnresolvedPermission) obj;
334
335 // check type
336 if (!this.type.equals(that.type)) {
337 return false;
338 }
339
340 // check name
341 if (this.name == null) {
342 if (that.name != null) {
343 return false;
344 }
345 } else if (!this.name.equals(that.name)) {
346 return false;
347 }
348
349 // check actions
350 if (this.actions == null) {
351 if (that.actions != null) {
352 return false;
353 }
354 } else {
355 if (!this.actions.equals(that.actions)) {
356 return false;
357 }
358 }
359
360 // check certs
361 if ((this.certs == null && that.certs != null) ||
362 (this.certs != null && that.certs == null) ||
363 (this.certs != null && that.certs != null &&
364 this.certs.length != that.certs.length)) {
365 return false;
366 }
367
368 int i,j;
369 boolean match;
370
371 for (i = 0; this.certs != null && i < this.certs.length; i++) {
372 match = false;
373 for (j = 0; j < that.certs.length; j++) {
374 if (this.certs[i].equals(that.certs[j])) {
375 match = true;
376 break;
377 }
378 }
379 if (!match) return false;
380 }
381
382 for (i = 0; that.certs != null && i < that.certs.length; i++) {
383 match = false;
384 for (j = 0; j < this.certs.length; j++) {
385 if (that.certs[i].equals(this.certs[j])) {
386 match = true;
387 break;
388 }
389 }
390 if (!match) return false;
391 }
392 return true;
393 }
394
395 /**
396 * Returns the hash code value for this object.
397 *
398 * @return a hash code value for this object.
399 */
400
401 public int hashCode() {
402 int hash = type.hashCode();
403 if (name != null)
404 hash ^= name.hashCode();
405 if (actions != null)
406 hash ^= actions.hashCode();
407 return hash;
408 }
409
410 /**
411 * Returns the canonical string representation of the actions,
412 * which currently is the empty string "", since there are no actions for
413 * an UnresolvedPermission. That is, the actions for the
414 * permission that will be created when this UnresolvedPermission
415 * is resolved may be non-null, but an UnresolvedPermission
416 * itself is never considered to have any actions.
417 *
418 * @return the empty string "".
419 */
420 public String getActions()
421 {
422 return "";
423 }
424
425 /**
426 * Get the type (class name) of the underlying permission that
427 * has not been resolved.
428 *
429 * @return the type (class name) of the underlying permission that
430 * has not been resolved
431 *
432 * @since 1.5
433 */
434 public String getUnresolvedType() {
435 return type;
436 }
437
438 /**
439 * Get the target name of the underlying permission that
440 * has not been resolved.
441 *
442 * @return the target name of the underlying permission that
443 * has not been resolved, or {@code null},
444 * if there is no targe name
445 *
446 * @since 1.5
447 */
448 public String getUnresolvedName() {
449 return name;
450 }
451
452 /**
453 * Get the actions for the underlying permission that
454 * has not been resolved.
455 *
456 * @return the actions for the underlying permission that
457 * has not been resolved, or {@code null}
458 * if there are no actions
459 *
460 * @since 1.5
461 */
462 public String getUnresolvedActions() {
463 return actions;
464 }
465
466 /**
467 * Get the signer certificates (without any supporting chain)
468 * for the underlying permission that has not been resolved.
469 *
470 * @return the signer certificates for the underlying permission that
471 * has not been resolved, or null, if there are no signer certificates.
472 * Returns a new array each time this method is called.
473 *
474 * @since 1.5
475 */
476 public java.security.cert.Certificate[] getUnresolvedCerts() {
477 return (certs == null) ? null : certs.clone();
478 }
479
480 /**
481 * Returns a string describing this UnresolvedPermission. The convention
482 * is to specify the class name, the permission name, and the actions, in
483 * the following format: '(unresolved "ClassName" "name" "actions")'.
484 *
485 * @return information about this UnresolvedPermission.
486 */
487 public String toString() {
488 return "(unresolved " + type + " " + name + " " + actions + ")";
489 }
490
491 /**
492 * Returns a new PermissionCollection object for storing
493 * UnresolvedPermission objects.
494 * <p>
495 * @return a new PermissionCollection object suitable for
496 * storing UnresolvedPermissions.
497 */
498
499 public PermissionCollection newPermissionCollection() {
500 return new UnresolvedPermissionCollection();
501 }
502
503 /**
504 * Writes this object out to a stream (i.e., serializes it).
505 *
506 * @serialData An initial {@code String} denoting the
507 * {@code type} is followed by a {@code String} denoting the
508 * {@code name} is followed by a {@code String} denoting the
509 * {@code actions} is followed by an {@code int} indicating the
510 * number of certificates to follow
511 * (a value of "zero" denotes that there are no certificates associated
512 * with this object).
513 * Each certificate is written out starting with a {@code String}
514 * denoting the certificate type, followed by an
515 * {@code int} specifying the length of the certificate encoding,
516 * followed by the certificate encoding itself which is written out as an
517 * array of bytes.
518 */
519 private void writeObject(java.io.ObjectOutputStream oos)
520 throws IOException
521 {
522 oos.defaultWriteObject();
523
524 if (certs==null || certs.length==0) {
525 oos.writeInt(0);
526 } else {
527 // write out the total number of certs
528 oos.writeInt(certs.length);
529 // write out each cert, including its type
530 for (int i=0; i < certs.length; i++) {
531 java.security.cert.Certificate cert = certs[i];
532 try {
533 oos.writeUTF(cert.getType());
534 byte[] encoded = cert.getEncoded();
535 oos.writeInt(encoded.length);
536 oos.write(encoded);
537 } catch (CertificateEncodingException cee) {
538 throw new IOException(cee.getMessage());
539 }
540 }
541 }
542 }
543
544 /**
545 * Restores this object from a stream (i.e., deserializes it).
546 */
547 private void readObject(java.io.ObjectInputStream ois)
548 throws IOException, ClassNotFoundException
549 {
550 CertificateFactory cf;
551 Hashtable<String, CertificateFactory> cfs = null;
552
553 ois.defaultReadObject();
554
555 if (type == null)
556 throw new NullPointerException("type can't be null");
557
558 // process any new-style certs in the stream (if present)
559 int size = ois.readInt();
560 if (size > 0) {
561 // we know of 3 different cert types: X.509, PGP, SDSI, which
562 // could all be present in the stream at the same time
563 cfs = new Hashtable<String, CertificateFactory>(3);
564 this.certs = new java.security.cert.Certificate[size];
565 }
566
567 for (int i=0; i<size; i++) {
568 // read the certificate type, and instantiate a certificate
569 // factory of that type (reuse existing factory if possible)
570 String certType = ois.readUTF();
571 if (cfs.containsKey(certType)) {
572 // reuse certificate factory
573 cf = cfs.get(certType);
574 } else {
575 // create new certificate factory
576 try {
577 cf = CertificateFactory.getInstance(certType);
578 } catch (CertificateException ce) {
579 throw new ClassNotFoundException
580 ("Certificate factory for "+certType+" not found");
581 }
582 // store the certificate factory so we can reuse it later
583 cfs.put(certType, cf);
584 }
585 // parse the certificate
586 byte[] encoded=null;
587 try {
588 encoded = new byte[ois.readInt()];
589 } catch (OutOfMemoryError oome) {
590 throw new IOException("Certificate too big");
591 }
592 ois.readFully(encoded);
593 ByteArrayInputStream bais = new ByteArrayInputStream(encoded);
594 try {
595 this.certs[i] = cf.generateCertificate(bais);
596 } catch (CertificateException ce) {
597 throw new IOException(ce.getMessage());
598 }
599 bais.close();
600 }
601 }
602 }