codesource.java

来自「This is a resource based on j2me embedde」· Java 代码 · 共 504 行 · 第 1/2 页

     * 
     * Note that if this CodeSource has a null location and a null
     * certificate chain, then it implies every other CodeSource.
     *
     * @param codesource CodeSource to compare against.
     *
     * @return true if the specified codesource is implied by this codesource,
     * false if not.  
     */
 
    public boolean implies(CodeSource codesource)
    {
	if (codesource == null)
	    return false;

	return matchCerts(codesource) && matchLocation(codesource);
    }

   
    /**
     * Returns true if all the certs in this
     * CodeSource are also in <i>that</i>.
     * 
     * @param that the CodeSource to check against.
     */
    private boolean matchCerts(CodeSource that)
    {
	// match any key
	if (this.certs == null) 
	    return true;

	// if certs are null, and this.certs is not null, return false
	if (that.certs == null)
	    return false;

	boolean match;
	for (int i=0; i < this.certs.length; i++) {
	    match = false;
	    for (int j=0; j < that.certs.length; j++) {
		if (this.certs[i].equals(that.certs[j])) {
		    match = true;
		    break;
		}
	    }
	    if (!match) return false;
	}
	return true;
    }

    /**
     * Returns true if two CodeSource's have the "same" location.
     * 
     * @param that CodeSource to compare against
     */
    private boolean matchLocation(CodeSource that)
	{
	    if (location == null) {
		return true;
	    }

	    if ((that == null) || (that.location == null))
		return false;

	    if (location.equals(that.location))
		return true;

	    if (!location.getProtocol().equals(that.location.getProtocol()))
		return false;

	    if ((location.getHost() != null)) {
		if ((location.getHost().equals("") || 
		    location.getHost().equals("localhost")) &&
		    (that.location.getHost().equals("") || 
		     that.location.getHost().equals("localhost"))) {
		    // ok
		} else if (!location.getHost().equals(
					     that.location.getHost())) {
		    if (this.sp == null) {
			this.sp = 
			    new SocketPermission(location.getHost(),"resolve");
		    }
		    if (that.sp == null) {
			if (that.location.getHost() == null ||
				that.location.getHost().equals(""))
			    return false;
			that.sp = 
		       new SocketPermission(that.location.getHost(),"resolve");
		    }

		    boolean ok = this.sp.implies(that.sp);
		    if (!ok)
			return false;
		}
	    }

	    if (location.getPort() != -1) {
		if (location.getPort() != that.location.getPort())
		    return false;
	    }

	    if (location.getFile().endsWith("/-")) {
		// Matches the directory and (recursively) all files
		// and subdirectories contained in that directory.
		// For example, "/a/b/-" implies anything that starts with
		// "/a/b/"
		String thisPath = location.getFile().substring(0,
                                                location.getFile().length()-1);
		if (!that.location.getFile().startsWith(thisPath))
		    return false;
	    } else if (location.getFile().endsWith("/*")) {
		// Matches the directory and all the files contained in that
		// directory.
		// For example, "/a/b/*" implies anything that starts with
		// "/a/b/" but has no further slashes
		int last = that.location.getFile().lastIndexOf('/');
		if (last == -1) 
		    return false;
		String thisPath = location.getFile().substring(0,
                                                location.getFile().length()-1);
		String thatPath = that.location.getFile().substring(0, last+1);
		if (!thatPath.equals(thisPath))
		    return false;
	    } else {
		// Exact matches only.
		// For example, "/a/b" and "/a/b/" both imply "/a/b/" 
		if ((!that.location.getFile().equals(location.getFile()))
		&& (!that.location.getFile().equals(location.getFile()+"/"))) {
		    return false;
		}
	    }

	    if (location.getRef() == null)
		return true;
	    else 
		return location.getRef().equals(that.location.getRef());
	}

    /**
     * Returns a string describing this CodeSource, telling its
     * URL and certificates.
     * 
     * @return information about this CodeSource.
     */
    public String toString() {
	StringBuffer sb = new StringBuffer();
	sb.append("(");
	sb.append(this.location);
	if (this.certs != null && this.certs.length > 0) {
	    for (int i=0; i < this.certs.length; i++) {
		sb.append( " "+this.certs[i]);
	    }
	} else {
	    sb.append(" <no certificates>");
	}
	sb.append(")");
	return sb.toString();
    }

    /**
     * Writes this object out to a stream (i.e., serializes it).
     *
     * @serialData An initial <code>URL</code> is followed by an
     * <code>int</code> indicating the number of certificates to follow 
     * (a value of "zero" denotes that there are no certificates associated
     * with this object).
     * Each certificate is written out starting with a <code>String</code>
     * denoting the certificate type, followed by an
     * <code>int</code> specifying the length of the certificate encoding,
     * followed by the certificate encoding itself which is written out as an
     * array of bytes.
     */
    private synchronized void writeObject(java.io.ObjectOutputStream oos)
        throws IOException
    {
	oos.defaultWriteObject();

	if (certs==null || certs.length==0) {
	    oos.writeInt(0);
	} else {
	    // write out the total number of certs
	    oos.writeInt(certs.length);
	    // write out each cert, including its type
	    for (int i=0; i < certs.length; i++) {
		java.security.cert.Certificate cert = certs[i];
		try {
		    oos.writeUTF(cert.getType());
		    byte[] encoded = cert.getEncoded();
		    oos.writeInt(encoded.length);
		    oos.write(encoded);
		} catch (CertificateEncodingException cee) {
		    throw new IOException(cee.getMessage());
		}
	    }
	}
    }

    /**
     * Restores this object from a stream (i.e., deserializes it).
     * In the case of an implementation which does not provide
     * CertificateFactory support, a ClassNotFoundException will 
     * be thrown.
     */
    private synchronized void readObject(java.io.ObjectInputStream ois)
	throws IOException, ClassNotFoundException
    {
	Object cf = null;	// No certificates in J2ME CDC
	Hashtable cfs=null;

	ois.defaultReadObject();

	// process any new-style certs in the stream (if present)
	int size = ois.readInt();
	if (size > 0) {
	    // we know of 3 different cert types: X.509, PGP, SDSI, which
	    // could all be present in the stream at the same time
	    cfs = new Hashtable(3);
	    this.certs = new java.security.cert.Certificate[size];
	}

	for (int i=0; i<size; i++) {
	    // read the certificate type, and instantiate a certificate
	    // factory of that type (reuse existing factory if possible)
	    String certType = ois.readUTF();
	    if (cfs.containsKey(certType)) {
		// reuse certificate factory
		cf = null;
	    } else {
		// NOTE: Removed certificates from J2ME CDC
                // Fix for 4916953.
                // Throw a ClassNotFoundException to show that
                // we have no CertificateFactory class.
                throw new ClassNotFoundException
                    ("Certificate factory for "+certType+" not found");
	    }
	    // parse the certificate
	    byte[] encoded=null;
	    try {
		encoded = new byte[ois.readInt()];
	    } catch (OutOfMemoryError oome) {
		throw new IOException("Certificate too big");
	    }
	    ois.readFully(encoded);
	    ByteArrayInputStream bais = new ByteArrayInputStream(encoded);
	    
	    // NOTE: Removed certificates from J2ME CDC

	    bais.close();
	}
    }
}