Old src/java.base/share/classes/sun/security/util/ConstraintsParameters.java

   1 /*
   2  * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.security.util;
  27 
  28 import sun.security.validator.Validator;
  29 
  30 import java.security.AlgorithmParameters;
  31 import java.security.Key;
  32 import java.security.Timestamp;
  33 import java.security.cert.X509Certificate;
  34 import java.util.Date;
  35 
  36 /**
  37  * This class contains parameters for checking against constraints that extend
  38  * past the publicly available parameters in java.security.AlgorithmConstraints.
  39 
  40  * This is currently on passed between  between PKIX, AlgorithmChecker,
  41  * and DisabledAlgorithmConstraints.
  42  */
  43 public class ConstraintsParameters {
  44     /*
  45      * The below 3 values are used the same as the permit() methods
  46      * published in java.security.AlgorithmConstraints.
  47      */
  48     // Algorithm string to be checked against constraints
  49     private final String algorithm;
  50     // AlgorithmParameters to the algorithm being checked
  51     private final AlgorithmParameters algParams;
  52     // Public Key being checked against constraints
  53     private final Key publicKey;
  54 
  55     /*
  56      * New values that are checked against constraints that the current public
  57      * API does not support.
  58      */
  59     // A certificate being passed to check against constraints.
  60     private final X509Certificate cert;
  61     // This is true if the trust anchor in the certificate chain matches a cert
  62     // in AnchorCertificates
  63     private final boolean trustedMatch;
  64     // PKIXParameter date
  65     private final Date pkixDate;
  66     // Timestamp of the signed JAR file
  67     private final Timestamp jarTimestamp;
  68     private final String variant;
  69 
  70     public ConstraintsParameters(X509Certificate c, boolean match,
  71             Date pkixdate, Timestamp jarTime, String variant) {
  72         cert = c;
  73         trustedMatch = match;
  74         pkixDate = pkixdate;
  75         jarTimestamp = jarTime;
  76         this.variant = (variant == null ? Validator.VAR_GENERIC : variant);
  77         algorithm = null;
  78         algParams = null;
  79         publicKey = null;
  80     }
  81 
  82     public ConstraintsParameters(String algorithm, AlgorithmParameters params,
  83             Key key, String variant) {
  84         this.algorithm = algorithm;
  85         algParams = params;
  86         this.publicKey = key;
  87         cert = null;
  88         trustedMatch = false;
  89         pkixDate = null;
  90         jarTimestamp = null;
  91         this.variant = (variant == null ? Validator.VAR_GENERIC : variant);
  92     }
  93 
  94 
  95     public ConstraintsParameters(X509Certificate c) {
  96         this(c, false, null, null,
  97                 Validator.VAR_GENERIC);
  98     }
  99 
 100     public ConstraintsParameters(Timestamp jarTime) {
 101         this(null, false, null, jarTime, Validator.VAR_GENERIC);
 102     }
 103 
 104     public String getAlgorithm() {
 105         return algorithm;
 106     }
 107 
 108     public AlgorithmParameters getAlgParams() {
 109         return algParams;
 110     }
 111 
 112     public Key getPublicKey() {
 113         return publicKey;
 114     }
 115     // Returns if the trust anchor has a match if anchor checking is enabled.
 116     public boolean isTrustedMatch() {
 117         return trustedMatch;
 118     }
 119 
 120     public X509Certificate getCertificate() {
 121         return cert;
 122     }
 123 
 124     public Date getPKIXParamDate() {
 125         return pkixDate;
 126     }
 127 
 128     public Timestamp getJARTimestamp() {
 129         return jarTimestamp;
 130     }
 131 
 132     public String getVariant() {
 133         return variant;
 134     }
 135 }