Path: blob/master/src/java.base/share/classes/sun/security/util/AbstractAlgorithmConstraints.java
41159 views
/*1* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.util;2627import java.security.AccessController;28import java.security.AlgorithmConstraints;29import java.security.PrivilegedAction;30import java.security.Security;31import java.util.ArrayList;32import java.util.Arrays;33import java.util.Collections;34import java.util.List;35import java.util.Set;3637/**38* The class contains common functionality for algorithm constraints classes.39*/40public abstract class AbstractAlgorithmConstraints41implements AlgorithmConstraints {4243protected final AlgorithmDecomposer decomposer;4445protected AbstractAlgorithmConstraints(AlgorithmDecomposer decomposer) {46this.decomposer = decomposer;47}4849// Get algorithm constraints from the specified security property.50static List<String> getAlgorithms(String propertyName) {51@SuppressWarnings("removal")52String property = AccessController.doPrivileged(53new PrivilegedAction<String>() {54@Override55public String run() {56return Security.getProperty(propertyName);57}58});5960String[] algorithmsInProperty = null;61if (property != null && !property.isEmpty()) {62// remove double quote marks from beginning/end of the property63if (property.length() >= 2 && property.charAt(0) == '"' &&64property.charAt(property.length() - 1) == '"') {65property = property.substring(1, property.length() - 1);66}67algorithmsInProperty = property.split(",");68for (int i = 0; i < algorithmsInProperty.length; i++) {69algorithmsInProperty[i] = algorithmsInProperty[i].trim();70}71}7273// map the disabled algorithms74if (algorithmsInProperty == null) {75return Collections.emptyList();76}77return new ArrayList<>(Arrays.asList(algorithmsInProperty));78}7980static boolean checkAlgorithm(List<String> algorithms, String algorithm,81AlgorithmDecomposer decomposer) {82if (algorithm == null || algorithm.isEmpty()) {83throw new IllegalArgumentException("No algorithm name specified");84}8586Set<String> elements = null;87for (String item : algorithms) {88if (item == null || item.isEmpty()) {89continue;90}9192// check the full name93if (item.equalsIgnoreCase(algorithm)) {94return false;95}9697// decompose the algorithm into sub-elements98if (elements == null) {99elements = decomposer.decompose(algorithm);100}101102// check the items of the algorithm103for (String element : elements) {104if (item.equalsIgnoreCase(element)) {105return false;106}107}108}109110return true;111}112113}114115116