001/* SecureClassLoader.java --- A Secure Class Loader
002   Copyright (C) 1999, 2004, 2006  Free Software Foundation, Inc.
003
004This file is part of GNU Classpath.
005
006GNU Classpath is free software; you can redistribute it and/or modify
007it under the terms of the GNU General Public License as published by
008the Free Software Foundation; either version 2, or (at your option)
009any later version.
010
011GNU Classpath is distributed in the hope that it will be useful, but
012WITHOUT ANY WARRANTY; without even the implied warranty of
013MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
014General Public License for more details.
015
016You should have received a copy of the GNU General Public License
017along with GNU Classpath; see the file COPYING.  If not, write to the
018Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
01902110-1301 USA.
020
021Linking this library statically or dynamically with other modules is
022making a combined work based on this library.  Thus, the terms and
023conditions of the GNU General Public License cover the whole
024combination.
025
026As a special exception, the copyright holders of this library give you
027permission to link this library with independent modules to produce an
028executable, regardless of the license terms of these independent
029modules, and to copy and distribute the resulting executable under
030terms of your choice, provided that you also meet, for each linked
031independent module, the terms and conditions of the license of that
032module.  An independent module is a module which is not derived from
033or based on this library.  If you modify this library, you may extend
034this exception to your version of the library, but you are not
035obligated to do so.  If you do not wish to do so, delete this
036exception statement from your version. */
037
038package java.security;
039
040import java.nio.ByteBuffer;
041import java.util.HashMap;
042
043/**
044 * A Secure Class Loader for loading classes with additional 
045 * support for specifying code source and permissions when
046 * they are retrieved by the system policy handler.
047 *
048 * @since 1.2
049 *
050 * @author Mark Benvenuto
051 */
052public class SecureClassLoader extends ClassLoader
053{
054  private final HashMap<CodeSource,ProtectionDomain> protectionDomainCache
055    = new HashMap<CodeSource, ProtectionDomain>();
056
057  protected SecureClassLoader(ClassLoader parent)
058  {
059    super(parent);
060  }
061
062  protected SecureClassLoader()
063  {
064  }
065
066  /** 
067   * Creates a class using an array of bytes and a 
068   * CodeSource.
069   *
070   * @param name the name to give the class.  null if unknown.
071   * @param b the data representing the classfile, in classfile format.
072   * @param off the offset into the data where the classfile starts.
073   * @param len the length of the classfile data in the array.
074   * @param cs the CodeSource for the class or null when unknown.
075   *
076   * @return the class that was defined and optional CodeSource.
077   *
078   * @exception ClassFormatError if the byte array is not in proper classfile format.
079   */
080  protected final Class<?> defineClass(String name, byte[] b, int off, int len,
081                                    CodeSource cs)
082  {
083    return super.defineClass(name, b, off, len, getProtectionDomain(cs));
084  }
085
086  /** 
087   * Creates a class using an ByteBuffer and a 
088   * CodeSource.
089   *
090   * @param name the name to give the class.  null if unknown.
091   * @param b the data representing the classfile, in classfile format.
092   * @param cs the CodeSource for the class or null when unknown.
093   *
094   * @return the class that was defined and optional CodeSource.
095   *
096   * @exception ClassFormatError if the byte array is not in proper classfile format.
097   *
098   * @since 1.5
099   */
100  protected final Class<?> defineClass(String name, ByteBuffer b, CodeSource cs)
101  {
102    return super.defineClass(name, b, getProtectionDomain(cs));
103  }
104
105  /* Lookup or create a protection domain for the CodeSource,
106   * if CodeSource is null it will return null. */
107  private ProtectionDomain getProtectionDomain(CodeSource cs)
108  {
109    ProtectionDomain protectionDomain = null;
110    if (cs != null)
111      {
112        synchronized (protectionDomainCache)
113          {
114            protectionDomain = protectionDomainCache.get(cs);
115          }
116
117        if (protectionDomain == null)
118          {
119            protectionDomain 
120              = new ProtectionDomain(cs, getPermissions(cs), this, null);
121            synchronized (protectionDomainCache)
122              {
123                ProtectionDomain domain = protectionDomainCache.get(cs);
124                if (domain == null)
125                  protectionDomainCache.put(cs, protectionDomain);
126                else
127                  protectionDomain = domain;
128              }
129          }
130      }
131    return protectionDomain;
132  }
133
134  /**
135   * Returns a PermissionCollection for the specified CodeSource.
136   * The default implementation invokes 
137   * java.security.Policy.getPermissions.
138   *
139   * This method is called by defineClass that takes a CodeSource
140   * argument to build a proper ProtectionDomain for the class
141   * being defined.
142   */
143  protected PermissionCollection getPermissions(CodeSource cs)
144  {
145    Policy policy = Policy.getCurrentPolicy();
146    return policy.getPermissions(cs);
147  }
148}