org.eclipse.osgi_3.7.2.v20120110-1415

xception
  {
    if (object == null)
    {
      out.writeByte(0);
      return true;
    }
    int index = getFromObjectTable(object);
    if (index == -1) {
      return false;
    }
    out.writeByte(2);
    out.writeInt(index);
    return true;
  }
  
  /* Error */
  public void saveStateDeprecated(StateImpl state, DataOutputStream output)
    throws IOException
  {
    // Byte code:
    //   0: aload_0
    //   1: aload_1
    //   2: aload_2
    //   3: invokespecial 693	org/eclipse/osgi/internal/resolver/StateWriter:writeStateDeprecated	(Lorg/eclipse/osgi/internal/resolver/StateImpl;Ljava/io/DataOutputStream;)V
    //   6: goto +10 -> 16
    //   9: astore_3
    //   10: aload_2
    //   11: invokevirtual 621	java/io/DataOutputStream:close	()V
    //   14: aload_3
    //   15: athrow
    //   16: aload_2
    //   17: invokevirtual 621	java/io/DataOutputStream:close	()V
    //   20: return
    // Line number table:
    //   Java source line #675	-> byte code offset #0
    //   Java source line #676	-> byte code offset #9
    //   Java source line #677	-> byte code offset #10
    //   Java source line #678	-> byte code offset #14
    //   Java source line #677	-> byte code offset #16
    //   Java source line #679	-> byte code offset #20
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	21	0	this	StateWriter
    //   0	21	1	state	StateImpl
    //   0	21	2	output	DataOutputStream
    //   9	6	3	localObject	Object
    // Exception table:
    //   from	to	target	type
    //   0	9	9	finally
  }
  
  private void writeStringOrNull(String string, DataOutputStream out)
    throws IOException
  {
    if (string == null)
    {
      out.writeByte(0);
    }
    else
    {
      out.writeByte(1);
      out.writeUTF(string);
    }
  }
  
  private void writeQualifier(String string, DataOutputStream out)
    throws IOException
  {
    if ((string != null) && (string.length() == 0)) {
      string = null;
    }
    writeStringOrNull(string, out);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.resolver.StateWriter
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.resolver;

import org.eclipse.osgi.framework.internal.core.AbstractBundle;
import org.eclipse.osgi.framework.internal.core.BundleContextImpl;
import org.eclipse.osgi.framework.internal.core.Framework;
import org.eclipse.osgi.service.resolver.BundleDescription;
import org.eclipse.osgi.service.resolver.State;
import org.eclipse.osgi.service.resolver.StateDelta;
import org.osgi.framework.BundleContext;
import org.osgi.framework.BundleException;

public class SystemState
  extends StateImpl
{
  private final Framework framework;
  
  public SystemState(BundleContext context)
  {
    framework = (context == null ? null : ((BundleContextImpl)context).getFramework());
  }
  
  boolean basicAddBundle(BundleDescription description)
  {
    if ((framework != null) && (description.getUserObject() == null))
    {
      AbstractBundle bundle = framework.getBundle(description.getBundleId());
      description.setUserObject(bundle != null ? bundle.getBundleData() : null);
    }
    return super.basicAddBundle(description);
  }
  
  public StateDelta compare(State state)
    throws BundleException
  {
    throw new UnsupportedOperationException();
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.resolver.SystemState
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.resolver;

import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import org.eclipse.osgi.service.resolver.BundleDescription;
import org.eclipse.osgi.service.resolver.State;
import org.eclipse.osgi.service.resolver.StateDelta;
import org.osgi.framework.BundleException;

public class UserState
  extends StateImpl
{
  private final Set<String> updated = Collections.synchronizedSet(new HashSet());
  
  public boolean removeBundle(BundleDescription description)
  {
    if (description.getLocation() != null) {
      updated.remove(description.getLocation());
    }
    if (!super.removeBundle(description)) {
      return false;
    }
    return true;
  }
  
  public boolean updateBundle(BundleDescription newDescription)
  {
    if (!super.updateBundle(newDescription)) {
      return false;
    }
    updated.add(newDescription.getLocation());
    return true;
  }
  
  public StateDelta compare(State baseState)
    throws BundleException
  {
    BundleDescription[] current = getBundles();
    StateDeltaImpl delta = new StateDeltaImpl(this);
    for (int i = 0; i < current.length; i++)
    {
      BundleDescription existing = baseState.getBundleByLocation(current[i].getLocation());
      if (existing == null) {
        delta.recordBundleAdded((BundleDescriptionImpl)current[i]);
      } else if (updated.contains(current[i].getLocation())) {
        delta.recordBundleUpdated((BundleDescriptionImpl)current[i]);
      }
    }
    BundleDescription[] existing = baseState.getBundles();
    for (int i = 0; i < existing.length; i++)
    {
      BundleDescription local = getBundleByLocation(existing[i].getLocation());
      if (local == null) {
        delta.recordBundleRemoved((BundleDescriptionImpl)existing[i]);
      }
    }
    return delta;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.resolver.UserState
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.resolver;

import java.util.Collections;
import java.util.Map;
import org.osgi.framework.wiring.BundleCapability;
import org.osgi.framework.wiring.BundleRequirement;
import org.osgi.framework.wiring.BundleRevision;

class VersionConstraintImpl$BundleRequirementImpl
  implements BundleRequirement
{
  private final String namespace;
  final VersionConstraintImpl this$0;
  
  public VersionConstraintImpl$BundleRequirementImpl(VersionConstraintImpl paramVersionConstraintImpl, String namespace)
  {
    this.namespace = namespace;
  }
  
  public String getNamespace()
  {
    return namespace;
  }
  
  public Map<String, String> getDirectives()
  {
    return Collections.unmodifiableMap(this$0.getInternalDirectives());
  }
  
  public Map<String, Object> getAttributes()
  {
    return Collections.unmodifiableMap(this$0.getInteralAttributes());
  }
  
  public BundleRevision getRevision()
  {
    return this$0.getBundle();
  }
  
  public boolean matches(BundleCapability capability)
  {
    return this$0.isSatisfiedBy(((BaseDescriptionImpl.BaseCapability)capability).getBaseDescription());
  }
  
  public int hashCode()
  {
    return System.identityHashCode(this$0);
  }
  
  private VersionConstraintImpl getVersionConstraint()
  {
    return this$0;
  }
  
  public boolean equals(Object obj)
  {
    if (this == obj) {
      return true;
    }
    if (!(obj instanceof BundleRequirementImpl)) {
      return false;
    }
    return ((BundleRequirementImpl)obj).getVersionConstraint() == this$0;
  }
  
  public String toString()
  {
    return getNamespace() + BaseDescriptionImpl.toString(getAttributes(), false);
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.resolver.VersionConstraintImpl.BundleRequirementImpl
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.resolver;

import java.util.Collections;
import java.util.Iterator;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.eclipse.osgi.framework.internal.core.Constants;
import org.eclipse.osgi.service.resolver.BaseDescription;
import org.eclipse.osgi.service.resolver.BundleDescription;
import org.eclipse.osgi.service.resolver.VersionConstraint;
import org.eclipse.osgi.service.resolver.VersionRange;
import org.osgi.framework.Version;
import org.osgi.framework.wiring.BundleCapability;
import org.osgi.framework.wiring.BundleRequirement;
import org.osgi.framework.wiring.BundleRevision;

abstract class VersionConstraintImpl
  implements VersionConstraint
{
  protected final Object monitor = new Object();
  private String name;
  private VersionRange versionRange;
  private BundleDescription bundle;
  private BaseDescription supplier;
  
  public String getName()
  {
    synchronized (monitor)
    {
      if ("system.bundle".equals(name))
      {
        StateImpl state = (StateImpl)getBundle().getContainingState();
        return state == null ? Constants.getInternalSymbolicName() : state.getSystemBundle();
      }
      return name;
    }
  }
  
  public VersionRange getVersionRange()
  {
    synchronized (monitor)
    {
      if (versionRange == null) {
        return VersionRange.emptyRange;
      }
      return versionRange;
    }
  }
  
  /* Error */
  public BundleDescription getBundle()
  {
    // Byte code:
    //   0: aload_0
    //   1: getfield 190	org/eclipse/osgi/internal/resolver/VersionConstraintImpl:monitor	Ljava/lang/Object;
    //   4: dup
    //   5: astore_1
    //   6: monitorenter
    //   7: aload_0
    //   8: getfield 193	org/eclipse/osgi/internal/resolver/VersionConstraintImpl:bundle	Lorg/eclipse/osgi/service/resolver/BundleDescription;
    //   11: aload_1
    //   12: monitorexit
    //   13: areturn
    //   14: aload_1
    //   15: monitorexit
    //   16: athrow
    // Line number table:
    //   Java source line #51	-> byte code offset #0
    //   Java source line #52	-> byte code offset #7
    //   Java source line #51	-> byte code offset #14
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	17	0	this	VersionConstraintImpl
    //   5	10	1	Ljava/lang/Object;	Object
    // Exception table:
    //   from	to	target	type
    //   7	13	14	finally
    //   14	16	14	finally
  }
  
  public boolean isResolved()
  {
    synchronized (monitor)
    {
      return supplier != null;
    }
  }
  
  /* Error */
  public BaseDescription getSupplier()
  {
    // Byte code:
    //   0: aload_0
    //   1: getfield 190	org/eclipse/osgi/internal/resolver/VersionConstraintImpl:monitor	Ljava/lang/Object;
    //   4: dup
    //   5: astore_1
    //   6: monitorenter
    //   7: aload_0
    //   8: getfield 192	org/eclipse/osgi/internal/resolver/VersionConstraintImpl:supplier	Lorg/eclipse/osgi/service/resolver/BaseDescription;
    //   11: aload_1
    //   12: monitorexit
    //   13: areturn
    //   14: aload_1
    //   15: monitorexit
    //   16: athrow
    // Line number table:
    //   Java source line #63	-> byte code offset #0
    //   Java source line #64	-> byte code offset #7
    //   Java source line #63	-> byte code offset #14
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	17	0	this	VersionConstraintImpl
    //   5	10	1	Ljava/lang/Object;	Object
    // Exception table:
    //   from	to	target	type
    //   7	13	14	finally
    //   14	16	14	finally
  }
  
  /* Error */
  public boolean isSatisfiedBy(BaseDescription candidate)
  {
    // Byte code:
    //   0: aload_0
    //   1: getfield 190	org/eclipse/osgi/internal/resolver/VersionConstraintImpl:monitor	Ljava/lang/Object;
    //   4: dup
    //   5: astore_2
    //   6: monitorenter
    //   7: aload_2
    //   8: monitorexit
    //   9: iconst_0
    //   10: ireturn
    //   11: aload_2
    //   12: monitorexit
    //   13: athrow
    // Line number table:
    //   Java source line #69	-> byte code offset #0
    //   Java source line #70	-> byte code offset #7
    //   Java source line #69	-> byte code offset #11
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	14	0	this	VersionConstraintImpl
    //   0	14	1	candidate	BaseDescription
    //   5	7	2	Ljava/lang/Object;	Object
    // Exception table:
    //   from	to	target	type
    //   7	9	11	finally
    //   11	13	11	finally
  }
  
  protected void setName(String name)
  {
    synchronized (monitor)
    {
      this.name = name;
    }
  }
  
  protected void setVersionRange(VersionRange versionRange)
  {
    synchronized (monitor)
    {
      this.versionRange = versionRange;
    }
  }
  
  protected void setBundle(BundleDescription bundle)
  {
    synchronized (monitor)
    {
      this.bundle = bundle;
    }
  }
  
  protected void setSupplier(BaseDescription supplier)
  {
    synchronized (monitor)
    {
      this.supplier = supplier;
    }
  }
  
  protected abstract String getInternalNameSpace();
  
  protected abstract Map<String, String> getInternalDirectives();
  
  protected abstract Map<String, Object> getInteralAttributes();
  
  public BundleRequirement getRequirement()
  {
    String namespace = getInternalNameSpace();
    if (namespace == null) {
      return null;
    }
    return new BundleRequirementImpl(namespace);
  }
  
  class BundleRequirementImpl
    implements BundleRequirement
  {
    private final String namespace;
    
    public BundleRequirementImpl(String namespace)
    {
      this.namespace = namespace;
    }
    
    public String getNamespace()
    {
      return namespace;
    }
    
    public Map<String, String> getDirectives()
    {
      return Collections.unmodifiableMap(getInternalDirectives());
    }
    
    public Map<String, Object> getAttributes()
    {
      return Collections.unmodifiableMap(getInteralAttributes());
    }
    
    public BundleRevision getRevision()
    {
      return getBundle();
    }
    
    public boolean matches(BundleCapability capability)
    {
      return isSatisfiedBy(((BaseDescriptionImpl.BaseCapability)capability).getBaseDescription());
    }
    
    public int hashCode()
    {
      return System.identityHashCode(VersionConstraintImpl.this);
    }
    
    private VersionConstraintImpl getVersionConstraint()
    {
      return VersionConstraintImpl.this;
    }
    
    public boolean equals(Object obj)
    {
      if (this == obj) {
        return true;
      }
      if (!(obj instanceof BundleRequirementImpl)) {
        return false;
      }
      return ((BundleRequirementImpl)obj).getVersionConstraint() == VersionConstraintImpl.this;
    }
    
    public String toString()
    {
      return getNamespace() + BaseDescriptionImpl.toString(getAttributes(), false);
    }
  }
  
  static StringBuffer addFilterAttributes(StringBuffer filter, Map<String, ?> attributes)
  {
    for (Iterator localIterator = attributes.entrySet().iterator(); localIterator.hasNext();)
    {
      Map.Entry<String, ?> entry = (Map.Entry)localIterator.next();
      addFilterAttribute(filter, (String)entry.getKey(), entry.getValue());
    }
    return filter;
  }
  
  static StringBuffer addFilterAttribute(StringBuffer filter, String attr, Object value)
  {
    return addFilterAttribute(filter, attr, value, true);
  }
  
  private static final Version MAX_VERSION = new Version(Integer.MAX_VALUE, Integer.MAX_VALUE, Integer.MAX_VALUE);
  
  static StringBuffer addFilterAttribute(StringBuffer filter, String attr, Object value, boolean escapeWildCard)
  {
    if ((value instanceof VersionRange))
    {
      VersionRange range = (VersionRange)value;
      if (range.getIncludeMinimum()) {
        filter.append('(').append(attr).append(">=").append(escapeValue(range.getMinimum(), escapeWildCard)).append(')');
      } else {
        filter.append("(!(").append(attr).append("<=").append(escapeValue(range.getMinimum(), escapeWildCard)).append("))");
      }
      if ((!MAX_VERSION.equals(range.getMaximum())) || (!range.getIncludeMaximum())) {
        if (range.getIncludeMaximum()) {
          filter.append('(').append(attr).append("<=").append(escapeValue(range.getMaximum(), escapeWildCard)).append(')');
        } else {
          filter.append("(!(").append(attr).append(">=").append(escapeValue(range.getMaximum(), escapeWildCard)).append("))");
        }
      }
    }
    else
    {
      filter.append('(').append(attr).append('=').append(escapeValue(value, escapeWildCard)).append(')');
    }
    return filter;
  }
  
  private static String escapeValue(Object o, boolean escapeWildCard)
  {
    String value = o.toString();
    boolean escaped = false;
    int inlen = value.length();
    int outlen = inlen << 1;
    
    char[] output = new char[outlen];
    value.getChars(0, inlen, output, inlen);
    
    int cursor = 0;
    for (int i = inlen; i < outlen; i++)
    {
      char c = output[i];
      switch (c)
      {
      case '*': 
        if (!escapeWildCard) {
          break;
        }
      case '(': 
      case ')': 
      case '\\': 
        output[cursor] = '\\';
        cursor++;
        escaped = true;
      }
      output[cursor] = c;
      cursor++;
    }
    return escaped ? new String(output, 0, cursor) : value;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.resolver.VersionConstraintImpl
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.service.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.util.Properties;
import org.eclipse.core.runtime.adaptor.LocationManager;
import org.eclipse.osgi.baseadaptor.BaseData;
import org.eclipse.osgi.framework.internal.core.AbstractBundle;
import org.eclipse.osgi.framework.internal.core.FrameworkProperties;
import org.eclipse.osgi.internal.baseadaptor.DevClassPathHelper;
import org.eclipse.osgi.internal.provisional.service.security.AuthorizationEngine;
import org.eclipse.osgi.internal.provisional.service.security.AuthorizationEvent;
import org.eclipse.osgi.internal.signedcontent.SignedBundleHook;
import org.eclipse.osgi.internal.signedcontent.SignedStorageHook;
import org.eclipse.osgi.service.resolver.BundleDescription;
import org.eclipse.osgi.service.resolver.DisabledInfo;
import org.eclipse.osgi.service.resolver.State;
import org.eclipse.osgi.signedcontent.SignedContent;
import org.eclipse.osgi.signedcontent.SignerInfo;
import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Version;

public class DefaultAuthorizationEngine
  extends AuthorizationEngine
{
  private static final String VERSION_PROP = "Version";
  private static final String VERSION_NUM = "1.0";
  private static final Version VERSION_MAX = new Version(2, 0, 0);
  private final State systemState;
  private final BundleContext bundleContext;
  public static final int ENFORCE_NONE = 0;
  public static final int ENFORCE_SIGNED = 1;
  public static final int ENFORCE_TRUSTED = 2;
  public static final int ENFORCE_VALIDITY = 4;
  private static final String STR_ENFORCE_NONE = "any";
  private static final String STR_ENFORCE_SIGNED = "signed";
  private static final String STR_ENFORCE_TRUSTED = "trusted";
  private static final String STR_ENFORCE_VALIDITY = "validity";
  private static final String POLICY_NAME = "org.eclipse.equinox.security";
  private static final String POLICY_PROP = "osgi.signedcontent.authorization.engine.policy";
  private static final String FILE_LOAD_POLICY = ".loadpolicy";
  private static int enforceFlags = 0;
  private static final File policyFile;
  
  static
  {
    File osgiFile = LocationManager.getOSGiConfigurationDir();
    policyFile = new File(osgiFile.getPath() + File.separatorChar + ".loadpolicy");
    
    Properties properties = null;
    if (policyFile.exists()) {
      try
      {
        properties = new Properties();
        properties.load(new FileInputStream(policyFile));
      }
      catch (IOException e)
      {
        SignedBundleHook.log("Error loading policy file", 4, e);
      }
    }
    if (properties != null)
    {
      Version version = new Version(0, 0, 0);
      String versionProp = properties.getProperty("Version");
      if (versionProp != null) {
        try
        {
          version = new Version(versionProp);
        }
        catch (IllegalArgumentException localIllegalArgumentException) {}
      }
      if (VERSION_MAX.compareTo(version) > 0)
      {
        String policy = properties.getProperty("osgi.signedcontent.authorization.engine.policy");
        if (policy != null) {
          try
          {
            enforceFlags = Integer.parseInt(policy);
          }
          catch (NumberFormatException localNumberFormatException) {}
        }
      }
    }
    else
    {
      String policy = FrameworkProperties.getProperty("osgi.signedcontent.authorization.engine.policy");
      if ((policy == null) || ("any".equals(policy))) {
        enforceFlags = 0;
      } else if ("trusted".equals(policy)) {
        enforceFlags = 3;
      } else if ("signed".equals(policy)) {
        enforceFlags = 1;
      } else if ("validity".equals(policy)) {
        enforceFlags = 7;
      }
    }
  }
  
  public DefaultAuthorizationEngine(BundleContext context, State systemState)
  {
    super(context);
    bundleContext = context;
    this.systemState = systemState;
  }
  
  protected AuthorizationEvent doAuthorize(SignedContent content, Object context)
  {
    boolean enabled = isEnabled(content, context);
    AuthorizationEvent event = null;
    if ((context instanceof Bundle))
    {
      BundleDescription desc = systemState.getBundle(((Bundle)context).getBundleId());
      if (!enabled)
      {
        DisabledInfo info = new DisabledInfo("org.eclipse.equinox.security", null, desc);
        systemState.addDisabledInfo(info);
        event = new AuthorizationEvent(1, content, context, 0);
      }
      else
      {
        DisabledInfo info = systemState.getDisabledInfo(desc, "org.eclipse.equinox.security");
        if (info != null) {
          systemState.removeDisabledInfo(info);
        }
        event = new AuthorizationEvent(0, content, context, 0);
      }
    }
    return event;
  }
  
  private boolean isEnabled(SignedContent content, Object context)
  {
    if (((context instanceof Bundle)) && (DevClassPathHelper.inDevelopmentMode()))
    {
      String[] devClassPath = DevClassPathHelper.getDevClassPath(((Bundle)context).getSymbolicName());
      if ((devClassPath != null) && (devClassPath.length > 0)) {
        return true;
      }
    }
    if (((enforceFlags & 0x1) != 0) && ((content == null) || (!content.isSigned()))) {
      return false;
    }
    SignerInfo[] signerInfos = content == null ? new SignerInfo[0] : content.getSignerInfos();
    for (int i = 0; i < signerInfos.length; i++)
    {
      if (((enforceFlags & 0x2) != 0) && (!signerInfos[i].isTrusted())) {
        return false;
      }
      if ((enforceFlags & 0x4) != 0) {
        try
        {
          content.checkValidity(signerInfos[i]);
        }
        catch (CertificateException localCertificateException)
        {
          return false;
        }
      }
    }
    return true;
  }
  
  public int getStatus()
  {
    if (systemState.getDisabledBundles().length != 0) {
      return 1;
    }
    return 0;
  }
  
  public void processInstalledBundles()
  {
    Bundle[] bundles = bundleContext.getBundles();
    for (int i = 0; i < bundles.length; i++)
    {
      BaseData baseData = (BaseData)((AbstractBundle)bundles[i]).getBundleData();
      SignedStorageHook hook = (SignedStorageHook)baseData.getStorageHook(SignedStorageHook.KEY);
      SignedContent signedContent = hook != null ? hook.getSignedContent() : null;
      authorize(signedContent, bundles[i]);
    }
  }
  
  public void setLoadPolicy(int policy)
  {
    if ((policy | 0x1 | 0x2 | 0x4) != 7) {
      throw new IllegalArgumentException("Invalid policy: " + policy);
    }
    enforceFlags = policy;
    Properties properties = new Properties();
    properties.setProperty("osgi.signedcontent.authorization.engine.policy", Integer.toString(policy));
    properties.setProperty("Version", "1.0");
    try
    {
      properties.store(new FileOutputStream(policyFile), null);
    }
    catch (IOException e)
    {
      SignedBundleHook.log("Error saving load policy file", 4, e);
    }
  }
  
  public int getLoadPolicy()
  {
    return enforceFlags;
  }
}

/* Location:
 * Qualified Name:     org.eclipse.osgi.internal.service.security.DefaultAuthorizationEngine
 * Java Class Version: 1.4 (48.0)
 * JD-Core Version:    0.7.1
 */
package org.eclipse.osgi.internal.service.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import org.eclipse.osgi.internal.signedcontent.SignedBundleHook;
import org.eclipse.osgi.internal.signedcontent.SignedContentMessages;
import org.eclipse.osgi.service.security.TrustEngine;

public class KeyStoreTrustEngine
  extends TrustEngine
{
  private KeyStore keyStore;
  private final String type;
  private final String path;
  private final char[] password;
  private final String name;
  
  public KeyStoreTrustEngine(String path, String type, char[] password, String name)
  {
    this.path = path;
    this.type = type;
    this.password = password;
    this.name = name;
  }
  
  private String getType()
  {
    return type;
  }
  
  private String getPath()
  {
    return path;
  }
  
  private char[] getPassword()
  {
    return password;
  }
  
  /* Error */
  private synchronized KeyStore getKeyStore()
    throws IOException, GeneralSecurityException
  {
    // Byte code:
    //   0: aload_0
    //   1: getfield 244	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:keyStore	Ljava/security/KeyStore;
    //   4: ifnonnull +50 -> 54
    //   7: aload_0
    //   8: aload_0
    //   9: invokespecial 288	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:getType	()Ljava/lang/String;
    //   12: invokestatic 268	java/security/KeyStore:getInstance	(Ljava/lang/String;)Ljava/security/KeyStore;
    //   15: putfield 244	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:keyStore	Ljava/security/KeyStore;
    //   18: aload_0
    //   19: invokespecial 284	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:getInputStream	()Ljava/io/InputStream;
    //   22: astore_1
    //   23: aload_0
    //   24: aload_0
    //   25: getfield 244	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:keyStore	Ljava/security/KeyStore;
    //   28: aload_1
    //   29: invokespecial 291	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:loadStore	(Ljava/security/KeyStore;Ljava/io/InputStream;)V
    //   32: goto +14 -> 46
    //   35: astore_2
    //   36: aload_1
    //   37: invokevirtual 258	java/io/InputStream:close	()V
    //   40: goto +4 -> 44
    //   43: pop
    //   44: aload_2
    //   45: athrow
    //   46: aload_1
    //   47: invokevirtual 258	java/io/InputStream:close	()V
    //   50: goto +4 -> 54
    //   53: pop
    //   54: aload_0
    //   55: getfield 244	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:keyStore	Ljava/security/KeyStore;
    //   58: ifnonnull +21 -> 79
    //   61: new 127	java/security/KeyStoreException
    //   64: dup
    //   65: getstatic 248	org/eclipse/osgi/internal/signedcontent/SignedContentMessages:Default_Trust_Keystore_Load_Failed	Ljava/lang/String;
    //   68: aload_0
    //   69: invokespecial 287	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:getPath	()Ljava/lang/String;
    //   72: invokestatic 296	org/eclipse/osgi/util/NLS:bind	(Ljava/lang/String;Ljava/lang/Object;)Ljava/lang/String;
    //   75: invokespecial 272	java/security/KeyStoreException:<init>	(Ljava/lang/String;)V
    //   78: athrow
    //   79: aload_0
    //   80: getfield 244	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:keyStore	Ljava/security/KeyStore;
    //   83: areturn
    // Line number table:
    //   Java source line #85	-> byte code offset #0
    //   Java source line #86	-> byte code offset #7
    //   Java source line #87	-> byte code offset #18
    //   Java source line #89	-> byte code offset #23
    //   Java source line #90	-> byte code offset #35
    //   Java source line #92	-> byte code offset #36
    //   Java source line #93	-> byte code offset #43
    //   Java source line #96	-> byte code offset #44
    //   Java source line #92	-> byte code offset #46
    //   Java source line #93	-> byte code offset #53
    //   Java source line #99	-> byte code offset #54
    //   Java source line #100	-> byte code offset #61
    //   Java source line #102	-> byte code offset #79
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	84	0	this	KeyStoreTrustEngine
    //   22	25	1	in	InputStream
    //   35	10	2	localObject	Object
    //   43	1	3	localIOException1	IOException
    //   53	1	4	localIOException2	IOException
    // Exception table:
    //   from	to	target	type
    //   23	35	35	finally
    //   36	40	43	java/io/IOException
    //   46	50	53	java/io/IOException
  }
  
  public Certificate findTrustAnchor(Certificate[] certChain)
    throws IOException
  {
    if ((certChain == null) || (certChain.length == 0)) {
      throw new IllegalArgumentException("Certificate chain is required");
    }
    try
    {
      Certificate rootCert = null;
      KeyStore store = getKeyStore();
      for (int i = 0; i < certChain.length; i++)
      {
        if ((certChain[i] instanceof X509Certificate)) {
          if (i == certChain.length - 1)
          {
            X509Certificate cert = (X509Certificate)certChain[i];
            if (cert.getSubjectDN().equals(cert.getIssuerDN()))
            {
              cert.verify(cert.getPublicKey());
              rootCert = cert;
            }
            else
            {
              return findAlternativeRoot(cert, store);
            }
          }
          else
          {
            X509Certificate nextX509Cert = (X509Certificate)certChain[(i + 1)];
            certChain[i].verify(nextX509Cert.getPublicKey());
          }
        }
        synchronized (store)
        {
          String alias = rootCert == null ? null : store.getCertificateAlias(rootCert);
          if (alias != null) {
            return store.getCertificate(alias);
          }
          if (rootCert != certChain[i])
          {
            alias = store.getCertificateAlias(certChain[i]);
            if (alias != null) {
              return store.getCertificate(alias);
            }
          }
          if ((certChain.length > 1) && (i == certChain.length - 1) && ((certChain[(i - 1)] instanceof X509Certificate))) {
            return findAlternativeRoot((X509Certificate)certChain[(i - 1)], store);
          }
        }
      }
    }
    catch (KeyStoreException e)
    {
      throw ((IOException)new IOException(e.getMessage()).initCause(e));
    }
    catch (GeneralSecurityException e)
    {
      SignedBundleHook.log(e.getMessage(), 2, e);
      return null;
    }
    return null;
  }
  
  private Certificate findAlternativeRoot(X509Certificate cert, KeyStore store)
    throws InvalidKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, CertificateException
  {
    synchronized (store)
    {
      for (Enumeration<String> e = store.aliases(); e.hasMoreElements();)
      {
        Certificate nextCert = store.getCertificate((String)e.nextElement());
        if (((nextCert instanceof X509Certificate)) && (((X509Certificate)nextCert).getSubjectDN().equals(cert.getIssuerDN())))
        {
          cert.verify(nextCert.getPublicKey());
          return nextCert;
        }
      }
      return null;
    }
  }
  
  /* Error */
  protected String doAddTrustAnchor(Certificate cert, String alias)
    throws IOException, GeneralSecurityException
  {
    // Byte code:
    //   0: aload_0
    //   1: invokevirtual 282	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:isReadOnly	()Z
    //   4: ifeq +14 -> 18
    //   7: new 119	java/io/IOException
    //   10: dup
    //   11: getstatic 249	org/eclipse/osgi/internal/signedcontent/SignedContentMessages:Default_Trust_Read_Only	Ljava/lang/String;
    //   14: invokespecial 256	java/io/IOException:<init>	(Ljava/lang/String;)V
    //   17: athrow
    //   18: aload_1
    //   19: ifnonnull +13 -> 32
    //   22: new 122	java/lang/IllegalArgumentException
    //   25: dup
    //   26: ldc 3
    //   28: invokespecial 260	java/lang/IllegalArgumentException:<init>	(Ljava/lang/String;)V
    //   31: athrow
    //   32: aload_0
    //   33: invokespecial 290	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:getKeyStore	()Ljava/security/KeyStore;
    //   36: astore_3
    //   37: aload_3
    //   38: dup
    //   39: astore 4
    //   41: monitorenter
    //   42: aload_3
    //   43: aload_1
    //   44: invokevirtual 267	java/security/KeyStore:getCertificateAlias	(Ljava/security/cert/Certificate;)Ljava/lang/String;
    //   47: astore 5
    //   49: aload 5
    //   51: ifnull +14 -> 65
    //   54: new 133	java/security/cert/CertificateException
    //   57: dup
    //   58: getstatic 247	org/eclipse/osgi/internal/signedcontent/SignedContentMessages:Default_Trust_Existing_Cert	Ljava/lang/String;
    //   61: invokespecial 275	java/security/cert/CertificateException:<init>	(Ljava/lang/String;)V
    //   64: athrow
    //   65: aload_3
    //   66: aload_2
    //   67: invokevirtual 269	java/security/KeyStore:getCertificate	(Ljava/lang/String;)Ljava/security/cert/Certificate;
    //   70: astore 6
    //   72: aload 6
    //   74: ifnull +14 -> 88
    //   77: new 133	java/security/cert/CertificateException
    //   80: dup
    //   81: getstatic 246	org/eclipse/osgi/internal/signedcontent/SignedContentMessages:Default_Trust_Existing_Alias	Ljava/lang/String;
    //   84: invokespecial 275	java/security/cert/CertificateException:<init>	(Ljava/lang/String;)V
    //   87: athrow
    //   88: aload_3
    //   89: aload_2
    //   90: aload_1
    //   91: invokevirtual 270	java/security/KeyStore:setCertificateEntry	(Ljava/lang/String;Ljava/security/cert/Certificate;)V
    //   94: aload_0
    //   95: invokespecial 285	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:getOutputStream	()Ljava/io/OutputStream;
    //   98: astore 7
    //   100: aload_0
    //   101: aload_3
    //   102: aload 7
    //   104: invokespecial 292	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:saveStore	(Ljava/security/KeyStore;Ljava/io/OutputStream;)V
    //   107: goto +14 -> 121
    //   110: astore 8
    //   112: aload_0
    //   113: aload 7
    //   115: invokespecial 286	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:safeClose	(Ljava/io/OutputStream;)V
    //   118: aload 8
    //   120: athrow
    //   121: aload_0
    //   122: aload 7
    //   124: invokespecial 286	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:safeClose	(Ljava/io/OutputStream;)V
    //   127: aload 4
    //   129: monitorexit
    //   130: goto +27 -> 157
    //   133: aload 4
    //   135: monitorexit
    //   136: athrow
    //   137: astore_3
    //   138: new 133	java/security/cert/CertificateException
    //   141: dup
    //   142: aload_3
    //   143: invokevirtual 271	java/security/KeyStoreException:getMessage	()Ljava/lang/String;
    //   146: invokespecial 275	java/security/cert/CertificateException:<init>	(Ljava/lang/String;)V
    //   149: aload_3
    //   150: invokevirtual 276	java/security/cert/CertificateException:initCause	(Ljava/lang/Throwable;)Ljava/lang/Throwable;
    //   153: checkcast 133	java/security/cert/CertificateException
    //   156: athrow
    //   157: aload_2
    //   158: areturn
    // Line number table:
    //   Java source line #170	-> byte code offset #0
    //   Java source line #171	-> byte code offset #7
    //   Java source line #172	-> byte code offset #18
    //   Java source line #173	-> byte code offset #22
    //   Java source line #176	-> byte code offset #32
    //   Java source line #177	-> byte code offset #37
    //   Java source line #178	-> byte code offset #42
    //   Java source line #179	-> byte code offset #49
    //   Java source line #180	-> byte code offset #54
    //   Java source line #181	-> byte code offset #65
    //   Java source line #182	-> byte code offset #72
    //   Java source line #183	-> byte code offset #77
    //   Java source line #184	-> byte code offset #88
    //   Java source line #185	-> byte code offset #94
    //   Java source line #187	-> byte code offset #100
    //   Java source line #188	-> byte code offset #110
    //   Java source line #189	-> byte code offset #112
    //   Java source line #190	-> byte code offset #118
    //   Java source line #189	-> byte code offset #121
    //   Java source line #177	-> byte code offset #127
    //   Java source line #192	-> byte code offset #137
    //   Java source line #193	-> byte code offset #138
    //   Java source line #195	-> byte code offset #157
    // Local variable table:
    //   start	length	slot	name	signature
    //   0	159	0	this	KeyStoreTrustEngine
    //   0	159	1	cert	Certificate
    //   0	159	2	alias	String
    //   36	66	3	store	KeyStore
    //   137	13	3	ke	KeyStoreException
    //   39	95	4	Ljava/lang/Object;	Object
    //   47	3	5	oldAlias	String
    //   70	3	6	oldCert	Certificate
    //   98	25	7	out	OutputStream
    //   110	9	8	localObject1	Object
    // Exception table:
    //   from	to	target	type
    //   100	110	110	finally
    //   42	130	133	finally
    //   133	136	133	finally
    //   32	137	137	java/security/KeyStoreException
  }
  
  protected void doRemoveTrustAnchor(Certificate cert)
    throws IOException, GeneralSecurityException
  {
    if (isReadOnly()) {
      throw new IOException(SignedContentMessages.Default_Trust_Read_Only);
    }
    if (cert == null) {
      throw new IllegalArgumentException("Certificate must be specified");
    }
    try
    {
      KeyStore store = getKeyStore();
      synchronized (store)
      {
        String alias = store.getCertificateAlias(cert);
        if (alias == null) {
          throw new CertificateException(SignedContentMessages.Default_Trust_Cert_Not_Found);
        }
        removeTrustAnchor(alias);
      }
    }
    catch (KeyStoreException ke)
    {
      throw ((CertificateException)new CertificateException(ke.getMessage()).initCause(ke));
    }
  }
  
  /* Error */
  protected void doRemoveTrustAnchor(String alias)
    throws IOException, GeneralSecurityException
  {
    // Byte code:
    //   0: aload_1
    //   1: ifnonnull +13 -> 14
    //   4: new 122	java/lang/IllegalArgumentException
    //   7: dup
    //   8: ldc 1
    //   10: invokespecial 260	java/lang/IllegalArgumentException:<init>	(Ljava/lang/String;)V
    //   13: athrow
    //   14: aload_0
    //   15: invokespecial 290	org/eclipse/osgi/internal/service/security/KeyStoreTrustEngine:getKeyStore	()Ljava/security/KeyStore;
    //   18: astore_2
    //   19: aload_2
    //   20: dup
    //   21: astore_3
    //   22: monitorenter
    //   23: aload_2
    //   24: aload_1
    //   25: invokevirtual 269	java/security/KeyStore:getCertificate	(Ljava/lang/String;)Ljava/security/cert/Certificate;
    //   28: astore 4
    //   30: aload 4
    //   32: ifnonnull +14 -> 46
    //   35: new 133	java/security/cert/CertificateException
    //   38: dup
    //   39: getstatic 245	org/eclipse/osgi/internal/signedcontent/SignedContentMessages:Default_Trust_Cert_Not_Found	Ljava/lang/String;
    //   42: invokespecial 275	java/security/cert/CertificateException:<init>	(Ljava/lang/String;)V
    //   45: athrow
    //   46: aload_2
    //   47: a
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84

Further reading...

For more information on Java 1.5 Tiger, you may find Java 1.5 Tiger, A developer's Notebook by D. Flanagan and B. McLaughlin from O'Reilly of interest.

New!JAR listings


Copyright 2006-2019. Infinite Loop Ltd