001    /* SecureClassLoader.java --- A Secure Class Loader
002       Copyright (C) 1999, 2004, 2006  Free Software Foundation, Inc.
003    
004    This file is part of GNU Classpath.
005    
006    GNU Classpath is free software; you can redistribute it and/or modify
007    it under the terms of the GNU General Public License as published by
008    the Free Software Foundation; either version 2, or (at your option)
009    any later version.
010    
011    GNU Classpath is distributed in the hope that it will be useful, but
012    WITHOUT ANY WARRANTY; without even the implied warranty of
013    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014    General Public License for more details.
015    
016    You should have received a copy of the GNU General Public License
017    along with GNU Classpath; see the file COPYING.  If not, write to the
018    Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
019    02110-1301 USA.
020    
021    Linking this library statically or dynamically with other modules is
022    making a combined work based on this library.  Thus, the terms and
023    conditions of the GNU General Public License cover the whole
024    combination.
025    
026    As a special exception, the copyright holders of this library give you
027    permission to link this library with independent modules to produce an
028    executable, regardless of the license terms of these independent
029    modules, and to copy and distribute the resulting executable under
030    terms of your choice, provided that you also meet, for each linked
031    independent module, the terms and conditions of the license of that
032    module.  An independent module is a module which is not derived from
033    or based on this library.  If you modify this library, you may extend
034    this exception to your version of the library, but you are not
035    obligated to do so.  If you do not wish to do so, delete this
036    exception statement from your version. */
037    
038    package java.security;
039    
040    import java.nio.ByteBuffer;
041    import java.util.HashMap;
042    
043    /**
044     * A Secure Class Loader for loading classes with additional 
045     * support for specifying code source and permissions when
046     * they are retrieved by the system policy handler.
047     *
048     * @since 1.2
049     *
050     * @author Mark Benvenuto
051     */
052    public class SecureClassLoader extends ClassLoader
053    {
054      private final HashMap<CodeSource,ProtectionDomain> protectionDomainCache
055        = new HashMap<CodeSource, ProtectionDomain>();
056    
057      protected SecureClassLoader(ClassLoader parent)
058      {
059        super(parent);
060      }
061    
062      protected SecureClassLoader()
063      {
064      }
065    
066      /** 
067       * Creates a class using an array of bytes and a 
068       * CodeSource.
069       *
070       * @param name the name to give the class.  null if unknown.
071       * @param b the data representing the classfile, in classfile format.
072       * @param off the offset into the data where the classfile starts.
073       * @param len the length of the classfile data in the array.
074       * @param cs the CodeSource for the class or null when unknown.
075       *
076       * @return the class that was defined and optional CodeSource.
077       *
078       * @exception ClassFormatError if the byte array is not in proper classfile format.
079       */
080      protected final Class<?> defineClass(String name, byte[] b, int off, int len,
081                                        CodeSource cs)
082      {
083        return super.defineClass(name, b, off, len, getProtectionDomain(cs));
084      }
085    
086      /** 
087       * Creates a class using an ByteBuffer and a 
088       * CodeSource.
089       *
090       * @param name the name to give the class.  null if unknown.
091       * @param b the data representing the classfile, in classfile format.
092       * @param cs the CodeSource for the class or null when unknown.
093       *
094       * @return the class that was defined and optional CodeSource.
095       *
096       * @exception ClassFormatError if the byte array is not in proper classfile format.
097       *
098       * @since 1.5
099       */
100      protected final Class<?> defineClass(String name, ByteBuffer b, CodeSource cs)
101      {
102        return super.defineClass(name, b, getProtectionDomain(cs));
103      }
104    
105      /* Lookup or create a protection domain for the CodeSource,
106       * if CodeSource is null it will return null. */
107      private ProtectionDomain getProtectionDomain(CodeSource cs)
108      {
109        ProtectionDomain protectionDomain = null;
110        if (cs != null)
111          {
112            synchronized (protectionDomainCache)
113              {
114                protectionDomain = protectionDomainCache.get(cs);
115              }
116    
117            if (protectionDomain == null)
118              {
119                protectionDomain 
120                  = new ProtectionDomain(cs, getPermissions(cs), this, null);
121                synchronized (protectionDomainCache)
122                  {
123                    ProtectionDomain domain = protectionDomainCache.get(cs);
124                    if (domain == null)
125                      protectionDomainCache.put(cs, protectionDomain);
126                    else
127                      protectionDomain = domain;
128                  }
129              }
130          }
131        return protectionDomain;
132      }
133    
134      /**
135       * Returns a PermissionCollection for the specified CodeSource.
136       * The default implementation invokes 
137       * java.security.Policy.getPermissions.
138       *
139       * This method is called by defineClass that takes a CodeSource
140       * argument to build a proper ProtectionDomain for the class
141       * being defined.
142       */
143      protected PermissionCollection getPermissions(CodeSource cs)
144      {
145        Policy policy = Policy.getCurrentPolicy();
146        return policy.getPermissions(cs);
147      }
148    }