Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/src/java.base/share/classes/javax/crypto/CryptoPermission.java
41152 views
1
/*

2
 * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25


26
package javax.crypto;

27


28
import java.security.*;

29
import java.security.spec.AlgorithmParameterSpec;

30
import java.io.Serializable;

31
import java.util.Enumeration;

32
import java.util.Vector;

33


34
import javax.crypto.spec.*;

35


36
/**

37
 * The CryptoPermission class extends the

38
 * java.security.Permission class. A

39
 * CryptoPermission object is used to represent

40
 * the ability of an application/applet to use certain

41
 * algorithms with certain key sizes and other

42
 * restrictions in certain environments.

43
 *

44
 * @see java.security.Permission

45
 *

46
 * @author Jan Luehe

47
 * @author Sharon Liu

48
 * @since 1.4

49
 */

50
class CryptoPermission extends java.security.Permission {

51


52
    @java.io.Serial

53
    private static final long serialVersionUID = 8987399626114087514L;

54


55
    private String alg;

56
    private int maxKeySize = Integer.MAX_VALUE; // no restriction on maxKeySize

57
    private String exemptionMechanism = null;

58
    @SuppressWarnings("serial") // Not statically typed as Serializable

59
    private AlgorithmParameterSpec algParamSpec = null;

60
    private boolean checkParam = false; // no restriction on param

61


62
    static final String ALG_NAME_WILDCARD = "*";

63


64
    /**

65
     * Constructor that takes an algorithm name.

66
     *

67
     * This constructor implies that the given algorithm can be

68
     * used without any restrictions.

69
     *

70
     * @param alg the algorithm name.

71
     */

72
    CryptoPermission(String alg) {

73
        super(null);

74
        this.alg = alg;

75
    }

76


77
    /**

78
     * Constructor that takes an algorithm name and a maximum

79
     * key size.

80
     *

81
     * This constructor implies that the given algorithm can be

82
     * used with a key size up to <code>maxKeySize</code>.

83
     *

84
     * @param alg the algorithm name.

85
     *

86
     * @param maxKeySize the maximum allowable key size,

87
     * specified in number of bits.

88
     */

89
    CryptoPermission(String alg, int maxKeySize) {

90
        super(null);

91
        this.alg = alg;

92
        this.maxKeySize = maxKeySize;

93
    }

94


95
    /**

96
     * Constructor that takes an algorithm name, a maximum

97
     * key size, and an AlgorithmParameterSpec object.

98
     *

99
     * This constructor implies that the given algorithm can be

100
     * used with a key size up to <code>maxKeySize</code>, and

101
     * algorithm

102
     * parameters up to the limits set in <code>algParamSpec</code>.

103
     *

104
     * @param alg the algorithm name.

105
     *

106
     * @param maxKeySize the maximum allowable key size,

107
     * specified in number of bits.

108
     *

109
     * @param algParamSpec the limits for allowable algorithm

110
     * parameters.

111
     */

112
    CryptoPermission(String alg,

113
                     int maxKeySize,

114
                     AlgorithmParameterSpec algParamSpec) {

115
        super(null);

116
        this.alg = alg;

117
        this.maxKeySize = maxKeySize;

118
        this.checkParam = true;

119
        this.algParamSpec = algParamSpec;

120
    }

121


122
    /**

123
     * Constructor that takes an algorithm name and the name of

124
     * an exemption mechanism.

125
     *

126
     * This constructor implies that the given algorithm can be

127
     * used without any key size or algorithm parameter restrictions

128
     * provided that the specified exemption mechanism is enforced.

129
     *

130
     * @param alg the algorithm name.

131
     *

132
     * @param exemptionMechanism the name of the exemption mechanism.

133
     */

134
    CryptoPermission(String alg,

135
                     String exemptionMechanism) {

136
        super(null);

137
        this.alg = alg;

138
        this.exemptionMechanism = exemptionMechanism;

139
    }

140


141
    /**

142
     * Constructor that takes an algorithm name, a maximum key

143
     * size, and the name of an exemption mechanism.

144
     *

145
     * This constructor implies that the given algorithm can be

146
     * used with a key size up to <code>maxKeySize</code>

147
     * provided that the

148
     * specified exemption mechanism is enforced.

149
     *

150
     * @param alg the algorithm name.

151
     * @param maxKeySize the maximum allowable key size,

152
     * specified in number of bits.

153
     * @param exemptionMechanism the name of the exemption

154
     * mechanism.

155
     */

156
    CryptoPermission(String alg,

157
                     int maxKeySize,

158
                     String exemptionMechanism) {

159
        super(null);

160
        this.alg = alg;

161
        this.exemptionMechanism = exemptionMechanism;

162
        this.maxKeySize = maxKeySize;

163
    }

164


165
    /**

166
     * Constructor that takes an algorithm name, a maximum key

167
     * size, the name of an exemption mechanism, and an

168
     * AlgorithmParameterSpec object.

169
     *

170
     * This constructor implies that the given algorithm can be

171
     * used with a key size up to <code>maxKeySize</code>

172
     * and algorithm

173
     * parameters up to the limits set in <code>algParamSpec</code>

174
     * provided that

175
     * the specified exemption mechanism is enforced.

176
     *

177
     * @param alg the algorithm name.

178
     * @param maxKeySize the maximum allowable key size,

179
     * specified in number of bits.

180
     * @param algParamSpec the limit for allowable algorithm

181
     *  parameter spec.

182
     * @param exemptionMechanism the name of the exemption

183
     * mechanism.

184
     */

185
    CryptoPermission(String alg,

186
                     int maxKeySize,

187
                     AlgorithmParameterSpec algParamSpec,

188
                     String exemptionMechanism) {

189
        super(null);

190
        this.alg = alg;

191
        this.exemptionMechanism = exemptionMechanism;

192
        this.maxKeySize = maxKeySize;

193
        this.checkParam = true;

194
        this.algParamSpec = algParamSpec;

195
    }

196


197
    /**

198
     * Checks if the specified permission is "implied" by

199
     * this object.

200
     * <p>

201
     * More specifically, this method returns true if:

202
     * <ul>

203
     * <li> <i>p</i> is an instance of CryptoPermission, and</li>

204
     * <li> <i>p</i>'s algorithm name equals or (in the case of wildcards)

205
     *       is implied by this permission's algorithm name, and</li>

206
     * <li> <i>p</i>'s maximum allowable key size is less or

207
     *       equal to this permission's maximum allowable key size, and</li>

208
     * <li> <i>p</i>'s algorithm parameter spec equals or is

209
     *        implied by this permission's algorithm parameter spec, and</li>

210
     * <li> <i>p</i>'s exemptionMechanism equals or

211
     *        is implied by this permission's

212
     *        exemptionMechanism (a <code>null</code> exemption mechanism

213
     *        implies any other exemption mechanism).</li>

214
     * </ul>

215
     *

216
     * @param p the permission to check against.

217
     *

218
     * @return true if the specified permission is equal to or

219
     * implied by this permission, false otherwise.

220
     */

221
    public boolean implies(Permission p) {

222
        if (!(p instanceof CryptoPermission))

223
            return false;

224


225
        CryptoPermission cp = (CryptoPermission)p;

226


227
        if ((!alg.equalsIgnoreCase(cp.alg)) &&

228
            (!alg.equalsIgnoreCase(ALG_NAME_WILDCARD))) {

229
            return false;

230
        }

231


232
        // alg is the same as cp's alg or

233
        // alg is a wildcard.

234
        if (cp.maxKeySize <= this.maxKeySize) {

235
            // check algParamSpec.

236
            if (!impliesParameterSpec(cp.checkParam, cp.algParamSpec)) {

237
                return false;

238
            }

239


240
            // check exemptionMechanism.

241
            if (impliesExemptionMechanism(cp.exemptionMechanism)) {

242
                return true;

243
            }

244
        }

245


246
        return false;

247
    }

248


249
    /**

250
     * Checks two CryptoPermission objects for equality. Checks that

251
     * <code>obj</code> is a CryptoPermission, and has the same

252
     * algorithm name,

253
     * exemption mechanism name, maximum allowable key size and

254
     * algorithm parameter spec

255
     * as this object.

256
     * <P>

257
     * @param obj the object to test for equality with this object.

258
     * @return true if <code>obj</code> is equal to this object.

259
     */

260
    public boolean equals(Object obj) {

261
        if (obj == this)

262
            return true;

263


264
        if (!(obj instanceof CryptoPermission))

265
            return false;

266


267
        CryptoPermission that = (CryptoPermission) obj;

268


269
        if (!(alg.equalsIgnoreCase(that.alg)) ||

270
            (maxKeySize != that.maxKeySize)) {

271
            return false;

272
        }

273
        if (this.checkParam != that.checkParam) {

274
            return false;

275
        }

276
        return (equalObjects(this.exemptionMechanism,

277
                             that.exemptionMechanism) &&

278
                equalObjects(this.algParamSpec,

279
                             that.algParamSpec));

280
    }

281


282
    /**

283
     * Returns the hash code value for this object.

284
     *

285
     * @return a hash code value for this object.

286
     */

287


288
    public int hashCode() {

289
        int retval = alg.hashCode();

290
        retval ^= maxKeySize;

291
        if (exemptionMechanism != null) {

292
            retval ^= exemptionMechanism.hashCode();

293
        }

294
        if (checkParam) retval ^= 100;

295
        if (algParamSpec != null) {

296
            retval ^= algParamSpec.hashCode();

297
        }

298
        return retval;

299
    }

300


301
    /**

302
     * There is no action defined for a CryptoPermission

303
     * onject.

304
     */

305
    public String getActions()

306
    {

307
        return null;

308
    }

309


310
    /**

311
     * Returns a new PermissionCollection object for storing

312
     * CryptoPermission objects.

313
     *

314
     * @return a new PermissionCollection object suitable for storing

315
     * CryptoPermissions.

316
     */

317


318
    public PermissionCollection newPermissionCollection() {

319
        return new CryptoPermissionCollection();

320
    }

321


322
    /**

323
     * Returns the algorithm name associated with

324
     * this CryptoPermission object.

325
     */

326
    final String getAlgorithm() {

327
        return alg;

328
    }

329


330
    /**

331
     * Returns the exemption mechanism name

332
     * associated with this CryptoPermission

333
     * object.

334
     */

335
    final String getExemptionMechanism() {

336
        return exemptionMechanism;

337
    }

338


339
    /**

340
     * Returns the maximum allowable key size associated

341
     * with this CryptoPermission object.

342
     */

343
    final int getMaxKeySize() {

344
        return maxKeySize;

345
    }

346


347
    /**

348
     * Returns true if there is a limitation on the

349
     * AlgorithmParameterSpec associated with this

350
     * CryptoPermission object and false if otherwise.

351
     */

352
    final boolean getCheckParam() {

353
        return checkParam;

354
    }

355


356
    /**

357
     * Returns the AlgorithmParameterSpec

358
     * associated with this CryptoPermission

359
     * object.

360
     */

361
    final AlgorithmParameterSpec getAlgorithmParameterSpec() {

362
        return algParamSpec;

363
    }

364


365
    /**

366
     * Returns a string describing this CryptoPermission.  The convention is to

367
     * specify the class name, the algorithm name, the maximum allowable

368
     * key size, and the name of the exemption mechanism, in the following

369
     * format: '("ClassName" "algorithm" "keysize" "exemption_mechanism")'.

370
     *

371
     * @return information about this CryptoPermission.

372
     */

373
    public String toString() {

374
        StringBuilder buf = new StringBuilder(100);

375
        buf.append("(CryptoPermission " + alg + " " + maxKeySize);

376
        if (algParamSpec != null) {

377
            if (algParamSpec instanceof RC2ParameterSpec) {

378
                buf.append(" , effective " +

379
                    ((RC2ParameterSpec)algParamSpec).getEffectiveKeyBits());

380
            } else if (algParamSpec instanceof RC5ParameterSpec) {

381
                buf.append(" , rounds " +

382
                    ((RC5ParameterSpec)algParamSpec).getRounds());

383
            }

384
        }

385
        if (exemptionMechanism != null) { // OPTIONAL

386
            buf.append(" " + exemptionMechanism);

387
        }

388
        buf.append(")");

389
        return buf.toString();

390
    }

391


392
    private boolean impliesExemptionMechanism(String exemptionMechanism) {

393
        if (this.exemptionMechanism == null) {

394
            return true;

395
        }

396


397
        if (exemptionMechanism == null) {

398
            return false;

399
        }

400


401
        if (this.exemptionMechanism.equals(exemptionMechanism)) {

402
            return true;

403
        }

404


405
        return false;

406
    }

407


408
    private boolean impliesParameterSpec(boolean checkParam,

409
                                         AlgorithmParameterSpec algParamSpec) {

410
        if ((this.checkParam) && checkParam) {

411
            if (algParamSpec == null) {

412
                return true;

413
            } else if (this.algParamSpec == null) {

414
                return false;

415
            }

416


417
            if (this.algParamSpec.getClass() != algParamSpec.getClass()) {

418
                return false;

419
            }

420


421
            if (algParamSpec instanceof RC2ParameterSpec) {

422
                if (((RC2ParameterSpec)algParamSpec).getEffectiveKeyBits() <=

423
                    ((RC2ParameterSpec)

424
                     (this.algParamSpec)).getEffectiveKeyBits()) {

425
                    return true;

426
                }

427
            }

428


429
            if (algParamSpec instanceof RC5ParameterSpec) {

430
                if (((RC5ParameterSpec)algParamSpec).getRounds() <=

431
                    ((RC5ParameterSpec)this.algParamSpec).getRounds()) {

432
                    return true;

433
                }

434
            }

435


436
            if (algParamSpec instanceof PBEParameterSpec) {

437
                if (((PBEParameterSpec)algParamSpec).getIterationCount() <=

438
                    ((PBEParameterSpec)this.algParamSpec).getIterationCount()) {

439
                    return true;

440
                }

441
            }

442


443
            // For classes we don't know, the following

444
            // may be the best try.

445
            if (this.algParamSpec.equals(algParamSpec)) {

446
                return true;

447
            }

448
            return false;

449
        } else if (this.checkParam) {

450
            return false;

451
        } else {

452
            return true;

453
        }

454
    }

455


456
    private boolean equalObjects(Object obj1, Object obj2) {

457
        if (obj1 == null) {

458
            return (obj2 == null ? true : false);

459
        }

460


461
        return obj1.equals(obj2);

462
    }

463
}

464


465
/**

466
 * A CryptoPermissionCollection stores a set of CryptoPermission

467
 * permissions.

468
 *

469
 * @see java.security.Permission

470
 * @see java.security.Permissions

471
 * @see java.security.PermissionCollection

472
 *

473
 * @author Sharon Liu

474
 */

475
final class CryptoPermissionCollection extends PermissionCollection

476
    implements Serializable

477
{

478
    private static final long serialVersionUID = -511215555898802763L;

479


480
    private Vector<Permission> permissions;

481


482
    /**

483
     * Creates an empty CryptoPermissionCollection

484
     * object.

485
     */

486
    CryptoPermissionCollection() {

487
        permissions = new Vector<Permission>(3);

488
    }

489


490
    /**

491
     * Adds a permission to the CryptoPermissionCollection.

492
     *

493
     * @param permission the Permission object to add.

494
     *

495
     * @exception SecurityException - if this CryptoPermissionCollection

496
     * object has been marked <i>readOnly</i>.

497
     */

498
    public void add(Permission permission) {

499
        if (isReadOnly())

500
            throw new SecurityException("attempt to add a Permission " +

501
                                        "to a readonly PermissionCollection");

502


503
        if (!(permission instanceof CryptoPermission))

504
            return;

505


506
        permissions.addElement(permission);

507
    }

508


509
    /**

510
     * Check and see if this CryptoPermission object implies

511
     * the given Permission object.

512
     *

513
     * @param permission the Permission object to compare

514
     *

515
     * @return true if the given permission  is implied by this

516
     * CryptoPermissionCollection, false if not.

517
     */

518
    public boolean implies(Permission permission) {

519
        if (!(permission instanceof CryptoPermission))

520
            return false;

521


522
        CryptoPermission cp = (CryptoPermission)permission;

523


524
        Enumeration<Permission> e = permissions.elements();

525


526
        while (e.hasMoreElements()) {

527
            CryptoPermission x = (CryptoPermission) e.nextElement();

528
            if (x.implies(cp)) {

529
                return true;

530
            }

531
        }

532
        return false;

533
    }

534


535
    /**

536
     * Returns an enumeration of all the CryptoPermission objects

537
     * in the container.

538
     *

539
     * @return an enumeration of all the CryptoPermission objects.

540
     */

541


542
    public Enumeration<Permission> elements() {

543
        return permissions.elements();

544
    }

545
}

546


547