File Doc Category Size Date Package
ACEntry.java API Doc phoneME MR2 API (J2ME) 18852 Wed May 02 18:00:38 BST 2007 com.sun.satsa.acl

ACEntry

java.lang.Object

public class ACEntry extends Object

This class represents Access Control Entry.

Fields Summary
public static final int
CONTEXT_CONSTRUCTED_0
ASN context specific constructed explicit flag used in types (0xA0).
public static final int
CONTEXT_CONSTRUCTED_1
ASN context specific constructed explicit flag used in types (0xA1).
public static final int
CONTEXT_CONSTRUCTED_2
ASN context specific constructed explicit flag used in types (0xA2).
public static final int
CONTEXT_CONSTRUCTED_3
ASN context specific constructed explicit flag used in types (0xA3).
public static final int
CONTEXT_CONSTRUCTED_4
ASN context specific constructed explicit flag used in types (0xA3).
public static final int
CONTEXT_PRIMITIVE_0
ASN context specific primitive explicit flag used in types (0x80).
public static final int
CONTEXT_PRIMITIVE_1
ASN context specific primitive explicit flag used in types (0x81).
public static final int
CONTEXT_PRIMITIVE_2
ASN context specific primitive explicit flag used in types (0x82).
public static final int
CONTEXT_PRIMITIVE_3
ASN context specific primitive explicit flag used in types (0x83).
public static final int
CONTEXT_PRIMITIVE_4
ASN context specific primitive explicit flag used in types (0x84).
private Vector
ACF
Vector containing parsed the Access Control File
private byte[]
roots
The list of CA names that correspond to rootId element of ACE.
private int[]
APDUPermissions
APDU permissions (command - mask pairs).
private JCRMIPermission[]
JCRMIPermissions
JCRMI permissions.
Constructors Summary
ACEntry(Vector v, Vector pin_info)
Creates new ACEntry object
param
v Vector containing parsed the Access Control File
param
pin_info Vector for pin information
throws
TLVException when some error in the TLV structures treatment
ACF = v; readACE(pin_info);
Methods Summary
void getPermissions(boolean isAPDU, java.util.Vector permissions)
Places permissions from this ACE to the vector.
param
isAPDU if true, place APDU permissions, otherwise - JCRMI permissions
param
permissions the vector for results
if (isAPDU) { if (APDUPermissions != null) { permissions.addElement(APDUPermissions); } } else { if (JCRMIPermissions != null) { for (int k = 0; k < JCRMIPermissions.length; k++) { permissions.addElement(JCRMIPermissions[k]); } } }
boolean hasPermissions()
Verifies if the ACE contains permissions.
return
true if the ACE contains permissions.
return (APDUPermissions != null || JCRMIPermissions != null);
private void readACE(java.util.Vector pin_info)
Reads one ACE. It is assumed that the ACE is in the following format: SEQUENCE { ACE contents CONTEXT_CONSTRUCTED_0 { the Principals (opt) < read contents > } CONTEXT_CONSTRUCTED_1 { the Permissions (opt) < read permissions contents > } CONTEXT_CONSTRUCTED_2 { the userAuthentications (opt) < read user authetications contents > } }
param
pin_info Vector for pin information.
throws
TLVException - exception in case any problems with TLV structure.
Vector t_roots = new Vector(); Vector t_apdu = new Vector(); Vector t_jcrmi = new Vector(); TLV root, t; root = (TLV)ACF.firstElement(); while (root != null) { if (root.type != TLV.SEQUENCE_TYPE) { // ACE shall be a sequence throw new TLVException("The SEQUENCE_TYPE expected"); } t = root.child; // level of the ACE root while (t != null) { switch (t.type) { case CONTEXT_CONSTRUCTED_0: { // principals readPrincipals(t.child, t_roots); break; } case CONTEXT_CONSTRUCTED_1: { // permissions readPermissions(t.child, t_apdu, t_jcrmi); break; } case CONTEXT_CONSTRUCTED_2: { // userAuthentications readUserAuthentications(t.child, pin_info); break; } } t = t.next; } root = root.next; } if (! t_roots.isEmpty()) { roots = new byte[t_roots.size()][]; for (int i = 0; i < t_roots.size(); i++) { roots[i] = (byte[]) t_roots.elementAt(i); } } if (! t_apdu.isEmpty()) { APDUPermissions = new int[t_apdu.size()]; for (int i = 0; i < t_apdu.size(); i++) { byte[] data = (byte[]) t_apdu.elementAt(i); APDUPermissions[i] = Utils.getInt(data, 0); } } if (! t_jcrmi.isEmpty()) { JCRMIPermissions = new JCRMIPermission[t_jcrmi.size()]; t_jcrmi.copyInto(JCRMIPermissions); }
private void readAPDUPermissions(TLV t, java.util.Vector apdu)
Reads the APDU Permissions information from the ACF vector.
OCTET_STRING (SIZE(4)) APDUHeader OCTET_STRING (SIZE(4)) APDUMask }
param
t current position in the ACF vector.
param
apdu Vector for the apdu permission information.
throws
TLVException if I/O error occurs.
TLV root = t; byte[] data; while (root != null) { data = root.getValue(); apdu.addElement(data); root = root.next; }
private java.lang.Integer[] readApduPINs(TLV t)
Reads PINs information from ACF vector.
CONTEXT_CONSTRUCTED_0 { OCTET STRING (SIZE(4)) verifyPinAPDU (opt) } CONTEXT_CONSTRUCTED_1 { OCTET STRING (SIZE(4)) changePinAPDU (opt) } CONTEXT_CONSTRUCTED_2 { OCTET STRING (SIZE(4)) disablePinAPDU (opt) } CONTEXT_CONSTRUCTED_3 { OCTET STRING (SIZE(4)) enablePinAPDU (opt) } CONTEXT_CONSTRUCTED_4 { OCTET STRING (SIZE(4)) unblockPinAPDU (opt) }
param
t current position in the ACF vector.
return
Integer[] commands.
throws
TLVException if I/O error occurs.
TLV root = t; byte[] b; int command; Integer[] commands = new Integer[ACLPermissions.CMD_COUNT]; int comIndex = 0; while (root != null) { switch (root.type) { case CONTEXT_PRIMITIVE_0: { /* verifyPinAPDU */ comIndex = ACLPermissions.CMD_VERIFY; break; } case CONTEXT_PRIMITIVE_1: { /* changePinAPDU */ comIndex = ACLPermissions.CMD_CHANGE; break; } case CONTEXT_PRIMITIVE_2: { /* disablePinAPDU */ comIndex = ACLPermissions.CMD_DISABLE; break; } case CONTEXT_PRIMITIVE_3: { /* enablePinAPDU */ comIndex = ACLPermissions.CMD_ENABLE; break; } case CONTEXT_PRIMITIVE_4: { /* unblockPinAPDU */ comIndex = ACLPermissions.CMD_UNBLOCK; break; } } b = root.getValue(); command = 0; for (int i = 0; i < 4; i++) { command = (command << 8) | b[i]; } commands[comIndex] = new Integer(command); root = root.next; } return commands;
private void readJCRMIPermissions(TLV t, java.util.Vector jcrmi)
Reads the JCRMI Permissions information from the ACF vector.
SEQUENCE OF { ClassList UTF8_STRING Class } UTF8_STRING hashModifier (opt) SEQUENCE OF { MethodIDList (opt) OCTET_STRING (SIZE(4)) MethodID }
param
t current position in the ACF vector.
param
jcrmi Vector for the jcrmi permission information.
throws
TLVException if I/O error occurs.
Vector classes = new Vector(); Vector methods = new Vector(); String hashModifier = null; TLV root = t; /* reading of classes */ if (root.type != TLV.SEQUENCE_TYPE) { // classes shall be a sequence of UTF8String throw new TLVException("The SEQUENCE_TYPE expected"); } TLV c = root.child; while (c != null) { classes.addElement(c.getUTF8()); c = c.next; } root = root.next; if (root != null) { /* reading of hashModifier */ if (root.type == TLV.UTF8STR_TYPE) { // hashModifier is optional and has UTF8String type hashModifier = root.getUTF8(); root = root.next; } if (root != null) { /* reading of methods */ if (root.type != TLV.SEQUENCE_TYPE) { // methods shall be sequence of OCTET_STRING throw new TLVException("The SEQUENCE_TYPE expected"); } TLV m = root.child; while (m != null) { methods.addElement(m.getValue()); m = m.next; } } } jcrmi.addElement(new JCRMIPermission(hashModifier, classes, methods));
private java.lang.String[] readJcrmiPINs(TLV t)
Reads PINs information from ACF vector.
CONTEXT_CONSTRUCTED_0 { UTF8_STRING verifyPinMethodID (opt) } CONTEXT_CONSTRUCTED_0 { UTF8_STRING changePinMethodID (opt) } CONTEXT_CONSTRUCTED_0 { UTF8_STRING disablePinMethodID (opt) } CONTEXT_CONSTRUCTED_0 { UTF8_STRING enablePinMethodID (opt) } CONTEXT_CONSTRUCTED_0 { UTF8_STRING unblockPinMethodID (opt) }
param
t current position in the ACF vector.
return
String[] commands.
throws
TLVException if I/O error occurs.
TLV root = t; String[] commands = new String[ACLPermissions.CMD_COUNT]; int comIndex = 0; while (root != null) { switch (root.type) { case CONTEXT_PRIMITIVE_0: { /* verifyPinMethodID */ comIndex = ACLPermissions.CMD_VERIFY; break; } case CONTEXT_PRIMITIVE_1: { /* changePinMethodID */ comIndex = ACLPermissions.CMD_CHANGE; break; } case CONTEXT_PRIMITIVE_2: { /* disablePinMethodID */ comIndex = ACLPermissions.CMD_DISABLE; break; } case CONTEXT_PRIMITIVE_3: { /* enablePinMethodID */ comIndex = ACLPermissions.CMD_ENABLE; break; } case CONTEXT_PRIMITIVE_4: { /* unblockPinMethodID */ comIndex = ACLPermissions.CMD_UNBLOCK; break; } } commands[comIndex] = root.getUTF8(); root = root.next; } return commands;
private void readPermissions(TLV t, java.util.Vector apdu, java.util.Vector jcrmi)
Reads the Permissions information from the ACF vector.
CONTEXT_CONSTRUCTED_0 { APDUMaskPermission choice < readAPDUPermissions > } CONTEXT_CONSTRUCTED_1 { JCRMIPermission choice < readJCRMIPermissions > }
param
t current position in the ACF vector.
param
apdu Vector for the apdu permission information.
param
jcrmi Vector for the jcrmi permission information.
throws
TLVException if I/O error occurs.
TLV root = t; while (root != null) { if (root.type == CONTEXT_CONSTRUCTED_0) { readAPDUPermissions(root.child, apdu); } if (root.type == CONTEXT_CONSTRUCTED_1) { readJCRMIPermissions(root.child, jcrmi); } root = root.next; }
private void readPrincipals(TLV t, java.util.Vector v)
Reads the Principals information from the ACF vector.
It is assumed that the ACE is in the following format: CONTEXT_CONSTRUCTED_0 { the Principals SEQUENCE OF { Principal contents CONTEXT_CONSTRUCTED_0 rootID OCTET_STRING CONTEXT_CONSTRUCTED_1 endEntityID OCTET_STRING CONTEXT_CONSTRUCTED_2 domain OBJECT_IDENTIFIER } }
param
t current position in the ACF vector.
param
v Vector for the principals information.
throws
TLVException if I/O error occurs.
TLV root = t; while (root != null) { v.addElement(root.child.getValue()); // UNIVERSAL type level root = root.next; }
private void readUserAuthentications(TLV t, java.util.Vector pin_info)
Reads UserAuthentications information from ACF vector.
It is assumed that the ACE is in the following format: CONTEXT_CONSTRUCTED_2 { the UserAuthentications OCTET_STRING AuthID CONTEXT_CONSTRUCTED_0 { APDUPinEntry choice < readApduPINs > } CONTEXT_CONSTRUCTED_1 { JCRMIPinEntry choice < readJcrmiPINs > } }
param
t current position in the ACF vector.
param
pin_info Vector for the PINs information.
throws
TLVException if I/O error occurs.
TLV root = t; while (root != null) { TLV u = root.child; // authID if (u.type != TLV.OCTETSTR_TYPE) { // shall be Octet string type throw new TLVException("The OCTETSTR_TYPE expected"); } int id = u.getId(); /* Strictly speaking, the spec. defines */ /* this field as OCTET STRING, but from */ /* other side in methods where this field */ /* is used, it is defined as int. Now */ /* it is supposed that it is integer */ u = u.next; // UserAuthenticationMethod CHOICE if (u.type == CONTEXT_CONSTRUCTED_0) { // apduPINEntry pin_info.addElement(new PINData(id, readApduPINs(u.child))); } if (u.type == CONTEXT_CONSTRUCTED_1) { // jcrmiPINEntry pin_info.addElement(new PINData(id, readJcrmiPINs(u.child))); } root = root.next; }
boolean verifyPrincipal(java.lang.String root)
Verifies if this ACE describes permissions for this CA.
param
root name of CA that authorized the suite.
return
true if this ACE describes permissions for this CA.
if (roots == null) { return true; } for (int i = 0; i < roots.length; i++) { if (root.equals(new String(roots[i]))) { return true; } } return false;