Path: blob/master/src/java.base/share/classes/sun/security/util/AbstractAlgorithmConstraints.java
67766 views
/*1* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.util;2627import java.security.AccessController;28import java.security.AlgorithmConstraints;29import java.security.PrivilegedAction;30import java.security.Security;31import java.util.ArrayList;32import java.util.Arrays;33import java.util.Collections;34import java.util.TreeSet;35import java.util.List;36import java.util.Set;3738/**39* The class contains common functionality for algorithm constraints classes.40*/41public abstract class AbstractAlgorithmConstraints42implements AlgorithmConstraints {4344protected final AlgorithmDecomposer decomposer;4546protected AbstractAlgorithmConstraints(AlgorithmDecomposer decomposer) {47this.decomposer = decomposer;48}4950// Get algorithm constraints from the specified security property.51static Set<String> getAlgorithms(String propertyName) {52@SuppressWarnings("removal")53String property = AccessController.doPrivileged(54new PrivilegedAction<String>() {55@Override56public String run() {57return Security.getProperty(propertyName);58}59});6061String[] algorithmsInProperty = null;62if (property != null && !property.isEmpty()) {63// remove double quote marks from beginning/end of the property64if (property.length() >= 2 && property.charAt(0) == '"' &&65property.charAt(property.length() - 1) == '"') {66property = property.substring(1, property.length() - 1);67}68algorithmsInProperty = property.split(",");69for (int i = 0; i < algorithmsInProperty.length; i++) {70algorithmsInProperty[i] = algorithmsInProperty[i].trim();71}72}7374// map the disabled algorithms75if (algorithmsInProperty == null) {76return Collections.emptySet();77}78Set<String> algorithmsInPropertySet = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);79algorithmsInPropertySet.addAll(Arrays.asList(algorithmsInProperty));80return algorithmsInPropertySet;81}8283static boolean checkAlgorithm(Set<String> algorithms, String algorithm,84AlgorithmDecomposer decomposer) {85if (algorithm == null || algorithm.isEmpty()) {86throw new IllegalArgumentException("No algorithm name specified");87}8889if (algorithms.contains(algorithm)) {90return false;91}9293// decompose the algorithm into sub-elements94Set<String> elements = decomposer.decompose(algorithm);9596// check the element of the elements97for (String element : elements) {98if (algorithms.contains(element)) {99return false;100}101}102103return true;104}105106}107108109