1 /* 2 * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.util; 27 28 import java.security.AccessController; 29 import java.security.AlgorithmConstraints; 30 import java.security.PrivilegedAction; 31 import java.security.Security; 32 import java.util.Set; 33 34 /** 35 * The class contains common functionality for algorithm constraints classes. 36 */ 37 public abstract class AbstractAlgorithmConstraints 38 implements AlgorithmConstraints { 39 40 protected final AlgorithmDecomposer decomposer; 41 42 protected AbstractAlgorithmConstraints(AlgorithmDecomposer decomposer) { 43 this.decomposer = decomposer; 44 } 45 46 // Get algorithm constraints from the specified security property. 47 static String[] getAlgorithms(String propertyName) { 48 String property = AccessController.doPrivileged( 49 new PrivilegedAction<String>() { 50 @Override 51 public String run() { 52 return Security.getProperty(propertyName); 53 } 54 }); 55 56 String[] algorithmsInProperty = null; 57 if (property != null && !property.isEmpty()) { 58 // remove double quote marks from beginning/end of the property 59 if (property.length() >= 2 && property.charAt(0) == '"' && 60 property.charAt(property.length() - 1) == '"') { 61 property = property.substring(1, property.length() - 1); 62 } 63 algorithmsInProperty = property.split(","); 64 for (int i = 0; i < algorithmsInProperty.length; i++) { 65 algorithmsInProperty[i] = algorithmsInProperty[i].trim(); 66 } 67 } 68 69 // map the disabled algorithms 70 if (algorithmsInProperty == null) { 71 algorithmsInProperty = new String[0]; 72 } 73 return algorithmsInProperty; 74 } 75 76 static boolean checkAlgorithm(String[] algorithms, String algorithm, 77 AlgorithmDecomposer decomposer) { 78 if (algorithm == null || algorithm.length() == 0) { 79 throw new IllegalArgumentException("No algorithm name specified"); 80 } 81 82 Set<String> elements = null; 83 for (String item : algorithms) { 84 if (item == null || item.isEmpty()) { 85 continue; 86 } 87 88 // check the full name 89 if (item.equalsIgnoreCase(algorithm)) { 90 return false; 91 } 92 93 // decompose the algorithm into sub-elements 94 if (elements == null) { 95 elements = decomposer.decompose(algorithm); 96 } 97 98 // check the items of the algorithm 99 for (String element : elements) { 100 if (item.equalsIgnoreCase(element)) { 101 return false; 102 } 103 } 104 } 105 106 return true; 107 } 108 109 }