CoCalc -- DefineClass.java

GitHub Repository: PojavLauncherTeam/mobile
Path: blob/master/test/jdk/java/security/SecureClassLoader/DefineClass.java
⁴¹¹⁴⁹ views
1
/*
2
 * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.
8
 *
9
 * This code is distributed in the hope that it will be useful, but WITHOUT
10
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12
 * version 2 for more details (a copy is included in the LICENSE file that
13
 * accompanied this code).
14
 *
15
 * You should have received a copy of the GNU General Public License version
16
 * 2 along with this work; if not, write to the Free Software Foundation,
17
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18
 *
19
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20
 * or visit www.oracle.com if you need additional information or have any
21
 * questions.
22
 */
23

24
import java.io.ByteArrayInputStream;
25
import java.io.File;
26
import java.io.InputStream;
27
import java.io.IOException;
28
import java.io.OutputStream;
29
import java.net.URL;
30
import java.security.CodeSource;
31
import java.security.Key;
32
import java.security.KeyStoreException;
33
import java.security.KeyStoreSpi;
34
import java.security.NoSuchAlgorithmException;
35
import java.security.Permission;
36
import java.security.Policy;
37
import java.security.ProtectionDomain;
38
import java.security.Provider;
39
import java.security.SecureClassLoader;
40
import java.security.Security;
41
import java.security.UnrecoverableKeyException;
42
import java.security.URIParameter;
43
import java.security.cert.Certificate;
44
import java.security.cert.CertificateException;
45
import java.security.cert.CertificateFactory;
46
import java.util.ArrayList;
47
import java.util.Arrays;
48
import java.util.Base64;
49
import java.util.Collections;
50
import java.util.Date;
51
import java.util.Enumeration;
52
import java.util.List;
53
import java.util.PropertyPermission;
54

55
/*
56
 * @test
57
 * @bug 6826789 8131486 8130181
58
 * @summary Make sure equivalent ProtectionDomains are granted the same
59
 *          permissions when the CodeSource URLs are different but resolve
60
 *          to the same ip address after name service resolution.
61
 * @run main/othervm -Djava.security.manager=allow DefineClass
62
 */
63

64
public class DefineClass {
65

66
    // permissions that are expected to be granted by the policy file
67
    private final static Permission[] GRANTED_PERMS = new Permission[] {
68
        new PropertyPermission("user.home", "read"),
69
        new PropertyPermission("user.name", "read")
70
    };
71

72
    // Base64 encoded bytes of simple class: "package foo; public class Foo {}"
73
    private final static String FOO_CLASS =
74
        "yv66vgAAADMADQoAAwAKBwALBwAMAQAGPGluaXQ+AQADKClWAQAEQ29kZQEA" +
75
        "D0xpbmVOdW1iZXJUYWJsZQEAClNvdXJjZUZpbGUBAAhGb28uamF2YQwABAAF" +
76
        "AQAHZm9vL0ZvbwEAEGphdmEvbGFuZy9PYmplY3QAIQACAAMAAAAAAAEAAQAE" +
77
        "AAUAAQAGAAAAHQABAAEAAAAFKrcAAbEAAAABAAcAAAAGAAEAAAABAAEACAAA" +
78
        "AAIACQ==";
79

80
    // Base64 encoded bytes of simple class: "package bar; public class Bar {}"
81
    private final static String BAR_CLASS =
82
        "yv66vgAAADMADQoAAwAKBwALBwAMAQAGPGluaXQ+AQADKClWAQAEQ29kZQEA" +
83
        "D0xpbmVOdW1iZXJUYWJsZQEAClNvdXJjZUZpbGUBAAhCYXIuamF2YQwABAAF" +
84
        "AQAHYmFyL0JhcgEAEGphdmEvbGFuZy9PYmplY3QAIQACAAMAAAAAAAEAAQAE" +
85
        "AAUAAQAGAAAAHQABAAEAAAAFKrcAAbEAAAABAAcAAAAGAAEAAAABAAEACAAA" +
86
        "AAIACQ==";
87

88
    // Base64 encoded bytes of simple class: "package baz; public class Baz {}"
89
    private final static String BAZ_CLASS =
90
        "yv66vgAAADQADQoAAwAKBwALBwAMAQAGPGluaXQ+AQADKClWAQAEQ29kZQEA" +
91
        "D0xpbmVOdW1iZXJUYWJsZQEAClNvdXJjZUZpbGUBAAhCYXouamF2YQwABAAF" +
92
        "AQAHYmF6L0JhegEAEGphdmEvbGFuZy9PYmplY3QAIQACAAMAAAAAAAEAAQAE" +
93
        "AAUAAQAGAAAAHQABAAEAAAAFKrcAAbEAAAABAAcAAAAGAAEAAAABAAEACAAA" +
94
        "AAIACQ==";
95

96
    private final static String BAZ_CERT =
97
        "-----BEGIN CERTIFICATE-----\n" +
98
        "MIIEFzCCA8OgAwIBAgIESpPf8TANBglghkgBZQMEAwIFADAOMQwwCgYDVQQDEwNG\n" +
99
        "b28wHhcNMTUwNzE1MTY1ODM5WhcNMTUxMDEzMTY1ODM5WjAOMQwwCgYDVQQDEwNG\n" +
100
        "b28wggNCMIICNQYHKoZIzjgEATCCAigCggEBAI95Ndm5qum/q+2Ies9JUbbzLsWe\n" +
101
        "O683GOjqxJYfPv02BudDUanEGDM5uAnnwq4cU5unR1uF0BGtuLR5h3VJhGlcrA6P\n" +
102
        "FLM2CCiiL/onEQo9YqmTRTQJoP5pbEZY+EvdIIGcNwmgEFexla3NACM9ulSEtikf\n" +
103
        "nWSO+INEhneXnOwEtDSmrC516Zhd4j2wKS/BEYyf+p2BgeczjbeStzDXueNJWS9o\n" +
104
        "CZhyFTkV6j1ri0ZTxjNFj4A7MqTC4PJykCVuTj+KOwg4ocRQ5OGMGimjfd9eoUPe\n" +
105
        "S2b/BJA+1c8WI+FY1IfGCOl/IRzYHcojy244B2X4IuNCvkhMBXY5OWAc1mcCHQC6\n" +
106
        "9pamhXj3397n+mfJd8eF7zKyM7rlgMC81WldAoIBABamXFggSFBwTnUCo5dXBA00\n" +
107
        "2jo0eMFU1OSlwC0kLuBPluYeS9CQSr2sjzfuseCfMYLSPJBDy2QviABBYO35ygmz\n" +
108
        "IHannDKmJ/JHPpGHm6LE50S9IIFUTLVbgCw2jR+oPtSJ6U4PoGiOMkKKXHjEeMaN\n" +
109
        "BSe3HJo6uwsL4SxEaJY559POdNsQGmWqK4f2TGgm2z7HL0tVmYNLtO2wL3yQ6aSW\n" +
110
        "06VdU1vr/EXU9hn2Pz3tu4c5JcLyJOB3MSltqIfsHkdI+H77X963VIQxayIy3uVT\n" +
111
        "3a8CESsNHwLaMJcyJP4nrtqLnUspItm6i+Oe2eEDpjxSgQvGiLfi7UMW4e8X294D\n" +
112
        "ggEFAAKCAQBsGeU8/STExzQsJ8kFM9xarA/2VAFMzyUpd3IQ2UGHQC5rEnGh/RiU\n" +
113
        "T20y7a2hCpQ1f/qgLnY8hku9GRVY3z8WamBzWLzCAEAx67EsS58mf4o8R3sUbkH5\n" +
114
        "/mRaZoNVSPUy+tXoLmTzIetU4W+JT8Rq4OcXXU9uo9TreeBehhVexS3vpVgQeUIn\n" +
115
        "MmMma8WHpovIJQQlp4cyjalX7Beda/tqX/HPLkAS4TRqQAz7hFr3FqFrVMKFSGo4\n" +
116
        "fTS06GGdQ4tw9c6NQLuQ9WF9BxYSwSk9yENQvKDZaBNarqPMnsh1Gi/QcKMRBVhM\n" +
117
        "RT/9vb4QUi/pOowhhKCDBLgjY60QgX3HoyEwHzAdBgNVHQ4EFgQUa787CE+3ZNAb\n" +
118
        "g1ql9yJVVrRCdx0wDQYJYIZIAWUDBAMCBQADPwAwPAIcCUkZIRrBlKdTzhKYBEOm\n" +
119
        "E1i45MMum1RuHc28agIcfHQkkjBA4FfH5UMRgKpIyRR8V/dVboxDj4hKOA==\n" +
120
        "-----END CERTIFICATE-----";
121

122
    public static void main(String[] args) throws Exception {
123

124
        Security.addProvider(new TestProvider());
125

126
        MySecureClassLoader scl = new MySecureClassLoader();
127

128
        File policyFile = new File(System.getProperty("test.src", "."),
129
                                   "DefineClass.policy");
130
        Policy p = Policy.getInstance("JavaPolicy",
131
                                      new URIParameter(policyFile.toURI()));
132
        Policy.setPolicy(p);
133

134
        System.setSecurityManager(new SecurityManager());
135
        ArrayList<Permission> perms1 = getPermissions(scl, p,
136
                                                      "http://localhost/",
137
                                                      "foo.Foo", FOO_CLASS,
138
                                                      null);
139
        checkPerms(perms1, GRANTED_PERMS);
140
        ArrayList<Permission> perms2 = getPermissions(scl, p,
141
                                                      "http://127.0.0.1/",
142
                                                      "bar.Bar", BAR_CLASS,
143
                                                      null);
144
        checkPerms(perms2, GRANTED_PERMS);
145
        assert(perms1.equals(perms2));
146

147
        // check that class signed by baz is granted an additional permission
148
        Certificate[] chain = new Certificate[] {getCert(BAZ_CERT)};
149
        ArrayList<Permission> perms3 = getPermissions(scl, p,
150
                                                      "http://localhost/",
151
                                                      "baz.Baz", BAZ_CLASS,
152
                                                      chain);
153
        List<Permission> perms = new ArrayList<>(Arrays.asList(GRANTED_PERMS));
154
        perms.add(new PropertyPermission("user.dir", "read"));
155
        checkPerms(perms3, perms.toArray(new Permission[0]));
156
    }
157

158
    // returns the permissions granted to the codebase URL
159
    private static ArrayList<Permission> getPermissions(MySecureClassLoader scl,
160
                                                        Policy p, String url,
161
                                                        String className,
162
                                                        String classBytes,
163
                                                        Certificate[] chain)
164
                                                        throws IOException {
165
        CodeSource cs = new CodeSource(new URL(url), chain);
166
        Base64.Decoder bd = Base64.getDecoder();
167
        byte[] bytes = bd.decode(classBytes);
168
        Class<?> c = scl.defineMyClass(className, bytes, cs);
169
        ProtectionDomain pd = c.getProtectionDomain();
170
        return Collections.list(p.getPermissions(pd).elements());
171
    }
172

173
    private static void checkPerms(List<Permission> perms,
174
                                   Permission... grantedPerms)
175
        throws Exception
176
    {
177
        if (!perms.containsAll(Arrays.asList(grantedPerms))) {
178
            throw new Exception("Granted permissions not correct");
179
        }
180
    }
181

182
    private static Certificate getCert(String base64Cert) throws Exception {
183
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
184
        InputStream is = new ByteArrayInputStream(base64Cert.getBytes("UTF-8"));
185
        return cf.generateCertificate(is);
186
    }
187

188
    // A SecureClassLoader that allows the test to define its own classes
189
    private static class MySecureClassLoader extends SecureClassLoader {
190
        Class<?> defineMyClass(String name, byte[] b, CodeSource cs) {
191
            return super.defineClass(name, b, 0, b.length, cs);
192
        }
193
    }
194

195
    private static class TestProvider extends Provider {
196
        TestProvider() {
197
            super("Test8131486", "0.0", "For testing only");
198
            putService(new Provider.Service(this, "KeyStore", "Test8131486",
199
                       "DefineClass$TestKeyStore", null, null));
200
        }
201
    }
202

203
    /**
204
     * A KeyStore containing a single certificate entry named "baz".
205
     */
206
    public static class TestKeyStore extends KeyStoreSpi {
207
        private final String baz = "baz";
208
        private final List<String> aliases = Collections.singletonList(baz);
209
        private final Certificate bazCert;
210

211
        public TestKeyStore() {
212
            try {
213
                this.bazCert = getCert(BAZ_CERT);
214
            } catch (Exception e) {
215
                throw new Error();
216
            }
217
        }
218

219
        @Override
220
        public Enumeration<String> engineAliases() {
221
            return Collections.enumeration(aliases);
222
        }
223

224
        @Override
225
        public boolean engineContainsAlias(String alias) {
226
            return alias.equals(baz);
227
        }
228

229
        @Override
230
        public void engineDeleteEntry(String alias) throws KeyStoreException {
231
            throw new KeyStoreException();
232
        }
233

234
        @Override
235
        public Certificate engineGetCertificate(String alias) {
236
            return alias.equals(baz) ? bazCert : null;
237
        }
238

239
        @Override
240
        public String engineGetCertificateAlias(Certificate cert) {
241
            return cert.equals(bazCert) ? baz : null;
242
        }
243

244
        @Override
245
        public Certificate[] engineGetCertificateChain(String alias) {
246
            return alias.equals(baz) ? new Certificate[] {bazCert} : null;
247
        }
248

249
        @Override
250
        public Date engineGetCreationDate(String alias) {
251
            return alias.equals(baz) ? new Date() : null;
252
        }
253

254
        @Override
255
        public Key engineGetKey(String alias, char[] password)
256
            throws NoSuchAlgorithmException, UnrecoverableKeyException {
257
            return null;
258
        }
259

260
        @Override
261
        public boolean engineIsCertificateEntry(String alias) {
262
            return alias.equals(baz);
263
        }
264

265
        @Override
266
        public boolean engineIsKeyEntry(String alias) {
267
            return false;
268
        }
269

270
        @Override
271
        public void engineLoad(InputStream stream, char[] password)
272
            throws IOException, NoSuchAlgorithmException, CertificateException {
273
        }
274

275
        @Override
276
        public void engineSetCertificateEntry(String alias, Certificate cert)
277
            throws KeyStoreException {
278
            throw new KeyStoreException();
279
        }
280

281
        @Override
282
        public void engineSetKeyEntry(String alias, byte[] key,
283
                                      Certificate[] chain)
284
            throws KeyStoreException {
285
            throw new KeyStoreException();
286
        }
287

288
        @Override
289
        public void engineSetKeyEntry(String alias, Key key, char[] password,
290
                                      Certificate[] chain)
291
            throws KeyStoreException {
292
            throw new KeyStoreException();
293
        }
294

295
        @Override
296
        public int engineSize() { return 1; }
297

298
        @Override
299
        public void engineStore(OutputStream stream, char[] password)
300
            throws IOException, NoSuchAlgorithmException, CertificateException {
301
        }
302
    }
303
}
304

305
Product

Resources

Company
