• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
4  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5  *
6  * This code is free software; you can redistribute it and/or modify it
7  * under the terms of the GNU General Public License version 2 only, as
8  * published by the Free Software Foundation.  Oracle designates this
9  * particular file as subject to the "Classpath" exception as provided
10  * by Oracle in the LICENSE file that accompanied this code.
11  *
12  * This code is distributed in the hope that it will be useful, but WITHOUT
13  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
14  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15  * version 2 for more details (a copy is included in the LICENSE file that
16  * accompanied this code).
17  *
18  * You should have received a copy of the GNU General Public License version
19  * 2 along with this work; if not, write to the Free Software Foundation,
20  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
21  *
22  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
23  * or visit www.oracle.com if you need additional information or have any
24  * questions.
25  */
26 
27 package java.security;
28 
29 import java.io.Serializable;
30 import java.util.Enumeration;
31 import java.util.Properties;
32 
33 /**
34  * <p>This class represents a scope for identities. It is an Identity
35  * itself, and therefore has a name and can have a scope. It can also
36  * optionally have a public key and associated certificates.
37  *
38  * <p>An IdentityScope can contain Identity objects of all kinds, including
39  * Signers. All types of Identity objects can be retrieved, added, and
40  * removed using the same methods. Note that it is possible, and in fact
41  * expected, that different types of identity scopes will
42  * apply different policies for their various operations on the
43  * various types of Identities.
44  *
45  * <p>There is a one-to-one mapping between keys and identities, and
46  * there can only be one copy of one key per scope. For example, suppose
47  * <b>Acme Software, Inc</b> is a software publisher known to a user.
48  * Suppose it is an Identity, that is, it has a public key, and a set of
49  * associated certificates. It is named in the scope using the name
50  * "Acme Software". No other named Identity in the scope has the same
51  * public  key. Of course, none has the same name as well.
52  *
53  * @see Identity
54  * @see Signer
55  * @see Principal
56  * @see Key
57  *
58  * @author Benjamin Renaud
59  *
60  * @deprecated This class is no longer used. Its functionality has been
61  * replaced by {@code java.security.KeyStore}, the
62  * {@code java.security.cert} package, and
63  * {@code java.security.Principal}.
64  */
65 @Deprecated
66 public abstract
67 class IdentityScope extends Identity {
68 
69     private static final long serialVersionUID = -2337346281189773310L;
70 
71     /* The system's scope */
72     private static IdentityScope scope;
73 
74     // initialize the system scope
initializeSystemScope()75     private static void initializeSystemScope() {
76 
77         String classname = AccessController.doPrivileged(
78                                 new PrivilegedAction<String>() {
79             public String run() {
80                 return Security.getProperty("system.scope");
81             }
82         });
83 
84         if (classname == null) {
85             return;
86 
87         } else {
88 
89             try {
90                 // Android-changed: Actually set the system scope after initializing it
91                 // Class.forName(classname);
92                 scope = (IdentityScope) Class.forName(classname).newInstance();
93             } catch (Exception e) {
94                 //Security.error("unable to establish a system scope from " +
95                 //             classname);
96                 e.printStackTrace();
97             }
98         }
99     }
100 
101     /**
102      * This constructor is used for serialization only and should not
103      * be used by subclasses.
104      */
IdentityScope()105     protected IdentityScope() {
106         this("restoring...");
107     }
108 
109     /**
110      * Constructs a new identity scope with the specified name.
111      *
112      * @param name the scope name.
113      */
IdentityScope(String name)114     public IdentityScope(String name) {
115         super(name);
116     }
117 
118     /**
119      * Constructs a new identity scope with the specified name and scope.
120      *
121      * @param name the scope name.
122      * @param scope the scope for the new identity scope.
123      *
124      * @exception KeyManagementException if there is already an identity
125      * with the same name in the scope.
126      */
IdentityScope(String name, IdentityScope scope)127     public IdentityScope(String name, IdentityScope scope)
128     throws KeyManagementException {
129         super(name, scope);
130     }
131 
132     /**
133      * Returns the system's identity scope.
134      *
135      * @return the system's identity scope, or {@code null} if none has been
136      *         set.
137      *
138      * @see #setSystemScope
139      */
getSystemScope()140     public static IdentityScope getSystemScope() {
141         if (scope == null) {
142             initializeSystemScope();
143         }
144         return scope;
145     }
146 
147 
148     /**
149      * Sets the system's identity scope.
150      *
151      * <p>First, if there is a security manager, its
152      * {@code checkSecurityAccess}
153      * method is called with {@code "setSystemScope"}
154      * as its argument to see if it's ok to set the identity scope.
155      *
156      * @param scope the scope to set.
157      *
158      * @exception  SecurityException  if a security manager exists and its
159      * {@code checkSecurityAccess} method doesn't allow
160      * setting the identity scope.
161      *
162      * @see #getSystemScope
163      * @see SecurityManager#checkSecurityAccess
164      */
setSystemScope(IdentityScope scope)165     protected static void setSystemScope(IdentityScope scope) {
166         check("setSystemScope");
167         IdentityScope.scope = scope;
168     }
169 
170     /**
171      * Returns the number of identities within this identity scope.
172      *
173      * @return the number of identities within this identity scope.
174      */
size()175     public abstract int size();
176 
177     /**
178      * Returns the identity in this scope with the specified name (if any).
179      *
180      * @param name the name of the identity to be retrieved.
181      *
182      * @return the identity named {@code name}, or null if there are
183      * no identities named {@code name} in this scope.
184      */
getIdentity(String name)185     public abstract Identity getIdentity(String name);
186 
187     /**
188      * Retrieves the identity whose name is the same as that of the
189      * specified principal. (Note: Identity implements Principal.)
190      *
191      * @param principal the principal corresponding to the identity
192      * to be retrieved.
193      *
194      * @return the identity whose name is the same as that of the
195      * principal, or null if there are no identities of the same name
196      * in this scope.
197      */
getIdentity(Principal principal)198     public Identity getIdentity(Principal principal) {
199         return getIdentity(principal.getName());
200     }
201 
202     /**
203      * Retrieves the identity with the specified public key.
204      *
205      * @param key the public key for the identity to be returned.
206      *
207      * @return the identity with the given key, or null if there are
208      * no identities in this scope with that key.
209      */
getIdentity(PublicKey key)210     public abstract Identity getIdentity(PublicKey key);
211 
212     /**
213      * Adds an identity to this identity scope.
214      *
215      * @param identity the identity to be added.
216      *
217      * @exception KeyManagementException if the identity is not
218      * valid, a name conflict occurs, another identity has the same
219      * public key as the identity being added, or another exception
220      * occurs. */
addIdentity(Identity identity)221     public abstract void addIdentity(Identity identity)
222     throws KeyManagementException;
223 
224     /**
225      * Removes an identity from this identity scope.
226      *
227      * @param identity the identity to be removed.
228      *
229      * @exception KeyManagementException if the identity is missing,
230      * or another exception occurs.
231      */
removeIdentity(Identity identity)232     public abstract void removeIdentity(Identity identity)
233     throws KeyManagementException;
234 
235     /**
236      * Returns an enumeration of all identities in this identity scope.
237      *
238      * @return an enumeration of all identities in this identity scope.
239      */
identities()240     public abstract Enumeration<Identity> identities();
241 
242     /**
243      * Returns a string representation of this identity scope, including
244      * its name, its scope name, and the number of identities in this
245      * identity scope.
246      *
247      * @return a string representation of this identity scope.
248      */
toString()249     public String toString() {
250         return super.toString() + "[" + size() + "]";
251     }
252 
check(String directive)253     private static void check(String directive) {
254         SecurityManager security = System.getSecurityManager();
255         if (security != null) {
256             security.checkSecurityAccess(directive);
257         }
258     }
259 
260 }
261