File Doc Category Size Date Package
ACSlot.java API Doc phoneME MR2 API (J2ME) 6715 Wed May 02 18:00:38 BST 2007 com.sun.satsa.acl

ACSlot

java.lang.Object

public class ACSlot extends Object

This class represents access control file that describes permissions for one card slot.

Fields Summary
private static com.sun.midp.security.SecurityToken
classSecurityToken
This class has a different security domain than the MIDlet suite
private Vector
ACLists
The list of ACL objects.
private Vector
PINAttrs
The list of PIN data objects.
Constructors Summary
public ACSlot()
Constructs an instance of an access control file object.
Methods Summary
ACLPermissions getACLPermissions(boolean isAPDU, byte[] selectAPDU, java.lang.String root)
Returns object that should be used for access control verification.
param
isAPDU true for APDU connection, false for JCRMI.
param
selectAPDU SELECT APDU command data.
param
root name of CA that authorized the suite.
return
object that can be used to check permissions.
Vector permissions = new Vector(); Vector pins = new Vector(); boolean found = false; boolean allow = false; for (int i = 0; i < ACLists.size(); i++) { ACList acd = (ACList) ACLists.elementAt(i); if (! acd.match(selectAPDU)) { continue; } found = true; acd.getPINs(isAPDU, pins); Vector acl = acd.getACEntries(); for (int j = 0; j < acl.size(); j++) { ACEntry ace = (ACEntry) acl.elementAt(j); if (! ace.verifyPrincipal(root)) { continue; } if (! ace.hasPermissions()) { allow = true; continue; } ace.getPermissions(isAPDU, permissions); } } ACLPermissions perm; if (isAPDU) { perm = new APDUPermissions(this); } else { perm = new JCRMIPermissions(this); } if (pins.size() != 0) { PINData[] data = new PINData[pins.size()]; pins.copyInto(data); perm.setPINData(data); } if (! found || allow) { perm.setType(ACLPermissions.ALLOW); } else if (permissions.size() == 0) { throw new SecurityException("Access denied."); } else { perm.setPermissions(permissions); perm.setType(ACLPermissions.CHECK); } return perm;
PINAttributes getPINAttributes(int id)
Return PIN attributes.
param
id PIN identifier.
return
PIN attributes.
for (int j = 0; j < PINAttrs.size(); j++) { PINAttributes p = (PINAttributes) PINAttrs.elementAt(j); if (p.id == id) { return p; } } return null;
private void init(ACLFileReader r)
Initializes ACF object.
param
r reader for permissions file.
throws
IOException if I/O error occurs.
while (true) { ACList acl; try { String s = r.readWord(); if (s == null) { break; } if (s.equals("acf")) { ACLists.addElement(new ACList(r)); } else if (s.equals("pin_data")) { PINAttrs.addElement(new PINAttributes(r)); } else { throw new Exception(); } } catch (Exception e) { throw new IOException("Line " + r.lineNumber); } }
public static com.sun.satsa.acl.ACSlot load(int slotNum)
Load access control information.
param
slotNum card slot number.
return
object that contains access control information or null if this information doesn't exist or contains errors.
RandomAccessStream storage; InputStream permIS; try { storage = new RandomAccessStream(classSecurityToken); storage.connect(File.getStorageRoot(Constants.INTERNAL_STORAGE_ID) + "acl_" + slotNum, Connector.READ); permIS = storage.openInputStream(); } catch (IOException e) { return null; } try { ACSlot f = new ACSlot(); f.init(new ACLFileReader(new InputStreamReader(permIS))); return f; } catch (Exception e) { System.out.println("Error reading ACList " + e); } finally { try { storage.disconnect(); } catch (Exception e) { // nothing we can do. } } return null;