mailpermission.java

First of all, the Applet-phone is a SIP User-Agent with audio and text messaging capabilities. But

/*
 * MailPermission.java
 *
 * Created on September 16, 2003, 1:30 PM
 */

package gov.nist.security.permissions;

import gov.nist.security.bcs.wrapper.SecurityWrapper;

import java.util.*;
import javax.sip.*;
import javax.sip.header.*;
import javax.sip.message.*;
import javax.sip.address.*;

/**
 * Permission checking the address where a mail is sent
 * @author  DERUELLE Jean
 */
public class MailPermission extends java.security.Permission {
	/**mask of the actions*/
	protected int mask;
	protected int statusCode;
	protected javax.sip.TransactionState transactionState;

	protected java.util.EventObject sipEvent;
	protected javax.mail.Message mailMessage;

	static private int OUTGOING = 1;
	static private int RESPONSE_EVENT = 2;
	static private int REQUEST_EVENT = 4;
	static private int TIMEOUT_EVENT = 8;
	static private int CHECK_STATUS_CODE = 16;
	static private int CHECK_TO_HEADER = 32;
	static private int CHECK_FROM_HEADER = 64;
	static private int CHECK_TRANSACTION_STATE = 128;

	private SecurityWrapper securityWrapper=null;
 
	/** Creates a new instance of MailPermission 
	 * @param name - name of the permission     
	public MailPermission(String name) {        
	    this(name,"outgoing");
	}
	 */

	/** Creates a new instance of MailPermission 
	 * @param name - name of the permission     
	 * @param actions - the actions of the permission
	 */
	public MailPermission(String name, String actions) {
		super(name);
		parse(actions);
	}

	/** Creates a new instance of mail permission.
	 * @param name - name of the permission
	 * @param actions - action 
	 * @param SipEvent - current SipEvent 
	 */
	public MailPermission(
		String name,
		javax.mail.Message mailMessage,
		java.util.EventObject sipEvent,
		SecurityWrapper securityWrapper) {
		super(name);
		this.sipEvent = sipEvent;
		this.mailMessage = mailMessage;
		this.securityWrapper=securityWrapper;
		if (sipEvent != null){ 		
			if(sipEvent instanceof RequestEvent) {						
				Message message = ((RequestEvent) sipEvent).getRequest();
				//transactionState = ((RequestEvent) sipEvent).getServerTransaction().getState();
			}
			if (sipEvent instanceof ResponseEvent) {	
				Message message = ((ResponseEvent) sipEvent).getResponse();									
				statusCode = ((Response) message).getStatusCode();			
				transactionState = ((ResponseEvent) sipEvent).getClientTransaction().getState();
			}
		}
		/*errorReason="permission: statusCode "+statusCode);
		errorReason="permission: mask "+mask);
		errorReason="permission: event "+sipEvent.getClass().getName());
		errorReason="permission: mailMessage "+mailMessage);
		errorReason="permission: transactionState "+transactionState.getValue());*/
	}

	/**
	 * Look into the actions String to get the actions
	 * associated with that permission     
	 * @param actions - the actions of the permission
	 */
	private void parse(String actions) {
		//Look into the action string for
		//the words incoming or outgoing or both
		StringTokenizer st = new StringTokenizer(actions, ",");
		mask = 0;
		while (st.hasMoreTokens()) {
			String tok = st.nextToken();
			tok=tok.trim().toLowerCase();
			if (tok.equalsIgnoreCase("outgoing")) {
				mask |= OUTGOING;
			} else if (tok.equalsIgnoreCase("EventType==ResponseEvent")) {
				mask |= RESPONSE_EVENT;
			} else if (tok.equalsIgnoreCase("EventType==RequestEvent")) {
				mask |= REQUEST_EVENT;
			} else if (tok.equalsIgnoreCase("EventType==TimeoutEvent")) {
				mask |= TIMEOUT_EVENT;
			}else if (tok.startsWith("StatusCode".toLowerCase())) {
				mask |= CHECK_STATUS_CODE;
				String status=tok.substring("StatusCode==".trim().toLowerCase().length());				
				statusCode=Integer.parseInt(status.trim().toLowerCase());
			} 			
			else if (tok.startsWith("TransactionState".toLowerCase())) {
				mask |= CHECK_TRANSACTION_STATE;
				String state=tok.substring("TransactionState==".trim().toLowerCase().length());		
				String t1 = state.trim().toLowerCase();				
				if (t1.equalsIgnoreCase("COMPLETED".toLowerCase())) {
					transactionState = TransactionState.COMPLETED;
				} else if (t1.equalsIgnoreCase("TRYING".toLowerCase())) {
					transactionState = TransactionState.TRYING;
				} else if (t1.equalsIgnoreCase("PROCEEDING".toLowerCase())) {
					transactionState = TransactionState.PROCEEDING;
				} else if (t1.equalsIgnoreCase("TERMINATED".toLowerCase())) {
					transactionState = TransactionState.TERMINATED;
				}/* else
					throw new IllegalArgumentException(
						"Unknown Transaction State " + tok);*/
			} else if (
				tok.equalsIgnoreCase("Mail.From==Response.From")
					|| tok.equals("Mail.From==Request.From")) {
				mask |= CHECK_FROM_HEADER;
			} else if (
				tok.equalsIgnoreCase("Mail.To==Response.To")
					|| tok.equals("Mail.To==Request.To")) {
				mask |= CHECK_TO_HEADER;
			}/* else
				throw new IllegalArgumentException("Unknown action " + tok);*/
		}

	}

	/**
	 * Checks if the specified permission's actions are "implied by" this object's actions.
	 * @param permission - the permission to check against.
	 * @return if the specified permission is implied by this object, false if not. 
	 */
	public boolean implies(java.security.Permission permission) {		
		if (!(permission instanceof MailPermission))
			return false;
		MailPermission mailPermission = (MailPermission) permission;
		String name = getName();
		javax.sip.message.Message message;			

		if ((mask & REQUEST_EVENT) == REQUEST_EVENT) {
			if (mailPermission.sipEvent == null || !(mailPermission.sipEvent instanceof RequestEvent)) {
				mailPermission.securityWrapper.errorReason="The message is not a request";
				return false;
			} else {
				message = ((RequestEvent) mailPermission.sipEvent).getRequest();				
			}
		} else {
			if (mailPermission.sipEvent == null || !(mailPermission.sipEvent instanceof ResponseEvent)) {
				mailPermission.securityWrapper.errorReason="The message is not a response";
				return false;
			} else {
				message = ((ResponseEvent) mailPermission.sipEvent).getResponse();				
			}
		}		

		// Check the from header with the outgoing from header
		try {
			if ((mask & CHECK_FROM_HEADER)
				== CHECK_FROM_HEADER) {
				FromHeader from =
					(FromHeader) message.getHeader(FromHeader.NAME);
				String fromHost =
					((SipURI) from.getAddress().getURI()).getHost();
				String fromName =
					((SipURI) from.getAddress().getURI()).getUser();
				String address = fromName + "@" + fromHost;
				// Reject mail messages where the from header does not match
				// from header of the outgoing message.
				if (mailPermission.mailMessage.getFrom() == null){
					mailPermission.securityWrapper.errorReason="The from headers doesn't match";
					return false;
				}
				javax.mail.Address mailFrom = mailPermission.mailMessage.getFrom()[0];
				if (mailFrom == null 
					|| !address.equalsIgnoreCase(mailFrom.toString())){
					mailPermission.securityWrapper.errorReason="The from headers doesn't match";					
					return false;					
				}

			}
			// Check the from header with the outgoing from header
			if ((mask & CHECK_TO_HEADER) == CHECK_TO_HEADER) {
				ToHeader to = (ToHeader) message.getHeader(ToHeader.NAME);
				String toHost = ((SipURI) to.getAddress().getURI()).getHost();
				String toName = ((SipURI) to.getAddress().getURI()).getUser();
				String address = toName + "@" + toHost;
				// Reject mail messages where the from header does not match
				// from header of the outgoing message.
				if (mailPermission.mailMessage
					.getRecipients(javax.mail.Message.RecipientType.TO)
					== null){	
					mailPermission.securityWrapper.errorReason="The To headers doesn't match";				
					return false;
				}
				else if (
					mailPermission.mailMessage.getRecipients(
						javax.mail.Message.RecipientType.CC)
						!= null){
					mailPermission.securityWrapper.errorReason="Carbon copy not allowed";
					return false;
				}
				else if (
					mailPermission.mailMessage.getRecipients(
						javax.mail.Message.RecipientType.BCC)
						!= null){
					mailPermission.securityWrapper.errorReason="BCC not allowed";						
					return false;
				}
				javax.mail.Address toAddresses[] =
					mailPermission.mailMessage.getRecipients(
						javax.mail.Message.RecipientType.TO);
				// Restrict to only one recipient.
				if (toAddresses.length != 1){
					mailPermission.securityWrapper.errorReason="Only one recipient is authorized";				
					return false;
				}
				String mailTo = toAddresses[0].toString();
				if (!address.equalsIgnoreCase(mailTo)){
					mailPermission.securityWrapper.errorReason="The To headers doesn't match";				
					return false;
				}

			}

			// Check the status code if necessary.
			if ((mask & CHECK_STATUS_CODE)
				== CHECK_STATUS_CODE) {
				if (mailPermission.statusCode != this.statusCode){
					mailPermission.securityWrapper.errorReason="Status code "+mailPermission.statusCode+" not allowed";									
					return false;
				}
			}

			// Check the transaction state.
			if ((mask & CHECK_TRANSACTION_STATE)
				== CHECK_TRANSACTION_STATE) {
				if (this.transactionState.getValue()!=mailPermission.transactionState.getValue()){
					mailPermission.securityWrapper.errorReason="Trasnaction state"+mailPermission.transactionState.getValue()+" not allowed";				
					return false;
				}
			}

			//Check the domain
			int nameIndexAt = name.indexOf("@");
			int permissionIndexAt = mailPermission.getName().indexOf("@");
			if (permissionIndexAt != -1 && nameIndexAt != -1) {
				String permissionBeforeAt =
					mailPermission.getName().substring(0, permissionIndexAt);
				String permissionAfterAt =
					mailPermission.getName().substring(permissionIndexAt + 1);
				String nameBeforeAt = name.substring(0, nameIndexAt);
				String nameAfterAt = name.substring(nameIndexAt + 1);

				if (nameBeforeAt.equals("*")
					&& permissionAfterAt.equals(nameAfterAt)
					&& (mask & mailPermission.mask) == mailPermission.mask)
					return true;
			}
			//The name must be a wildcard *, which signifies
			//all the possible names, or the name must match our name
			if (!name.equals("*") && !name.equals(mailPermission.getName())){
				mailPermission.securityWrapper.errorReason="Address not authorized";			
				return false;
			}
			//Similarly, the requested actions must macth all match actions
			//that we've been constructed with
			/*if ((mask & mailPermission.mask) != mailPermission.mask){
				mailPermission.securityWrapper.errorReason="Actions doesn't match";			
				return false;
			}*/
			//Only if both the action and the name match do we return true
			return true;
		} catch (Exception ex) {
			ex.printStackTrace();
			return false;
		}
	}
	/**
	 * This method return the actions' String
	 * @return the actions of the permission
	 */
	public String getActions() {
		//This method must return the same String, no matter how
		//the action list was passed to the constructor.
		if (mask == 0)
			return "";
		else if (mask == OUTGOING)
			return "outgoing";
		else if(mask==RESPONSE_EVENT)
			return "EventType==ResponseEvent";
		else if(mask==REQUEST_EVENT)
			return "EventType==RequestEvent";
		else if(mask==TIMEOUT_EVENT)
			return "EventType==TimeoutEvent";
		return "";
			//throw new IllegalArgumentException("Unknown mask");
	}

	/**
	 * @see java.security.Permission#hashCode()
	 */
	public int hashCode() {
		//We must always provide the same hashcode for permissions
		//because the hashes must match if the permissions compare
		// as equals
		return getName().hashCode() ^ mask;
	}

	/**
	 * @see java.security.Permission#equals(Object obj)
	 */
	public boolean equals(Object o) {
		if (!(o instanceof MailPermission))
			return false;
		MailPermission mailPermission = (MailPermission) o;
		//For equality, we check the name and the action mask
		return (
			(mailPermission.getName().equals(getName()))
				&& (mailPermission.mask == mask));
	}	
}