src/java.base/share/classes/com/sun/crypto/provider/SealedObjectForKeyProtector.java - platform/libcore - Git at Google

 /*
  * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this
  * particular file as subject to the "Classpath" exception as provided
  * by Oracle in the LICENSE file that accompanied this code.
  *
  * This code is distributed in the hope that it will be useful, but WITHOUT
  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * version 2 for more details (a copy is included in the LICENSE file that
  * accompanied this code).
  *
  * You should have received a copy of the GNU General Public License version
  * 2 along with this work; if not, write to the Free Software Foundation,
  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  *
  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  * or visit www.oracle.com if you need additional information or have any
  * questions.
  */

 package com.sun.crypto.provider;

 import jdk.internal.misc.SharedSecrets;

 import java.io.*;
 import java.security.*;
 import javax.crypto.*;

 final class SealedObjectForKeyProtector extends SealedObject {

     static final long serialVersionUID = -3650226485480866989L;

     /**
      * The InputStreamFilter for a Key object inside this SealedObject. It can
      * be either provided as a {@link Security} property or a system property
      * (when provided as latter, it shadows the former). If the result of this
      * filter is {@link java.io.ObjectInputFilter.Status.UNDECIDED}, the system
      * level filter defined by jdk.serialFilter will be consulted. The value
      * of this property uses the same format of jdk.serialFilter.
      */
     private static final String KEY_SERIAL_FILTER = "jceks.key.serialFilter";

     SealedObjectForKeyProtector(Serializable object, Cipher c)
             throws IOException, IllegalBlockSizeException {
         super(object, c);
     }

     SealedObjectForKeyProtector(SealedObject so) {
         super(so);
     }

     AlgorithmParameters getParameters() {
         AlgorithmParameters params = null;
         if (super.encodedParams != null) {
             try {
                 params = AlgorithmParameters.getInstance("PBE",
                     SunJCE.getInstance());
                 params.init(super.encodedParams);
             } catch (NoSuchAlgorithmException nsae) {
                 throw new RuntimeException(
                     "SunJCE provider is not configured properly");
             } catch (IOException io) {
                 throw new RuntimeException("Parameter failure: "+
                     io.getMessage());
             }
         }
         return params;
     }

     final Key getKey(Cipher c, int maxLength)
             throws IOException, ClassNotFoundException, IllegalBlockSizeException,
             BadPaddingException {

         try (ObjectInputStream ois = SharedSecrets.getJavaxCryptoSealedObjectAccess()
                 .getExtObjectInputStream(this, c)) {
             AccessController.doPrivileged(
                     (PrivilegedAction<Void>) () -> {
                         ois.setObjectInputFilter(new DeserializationChecker(maxLength));
                         return null;
                     });
             try {
                 @SuppressWarnings("unchecked")
                 Key t = (Key) ois.readObject();
                 return t;
             } catch (InvalidClassException ice) {
                 String msg = ice.getMessage();
                 if (msg.contains("REJECTED")) {
                     throw new IOException("Rejected by the"
                             + " jceks.key.serialFilter or jdk.serialFilter"
                             + " property", ice);
                 } else {
                     throw ice;
                 }
             }
         }
     }

     /**
      * The filter for the content of a SealedObjectForKeyProtector.
      *
      * First, the jceks.key.serialFilter will be consulted. If the result
      * is UNDECIDED, the system level jdk.serialFilter will be consulted.
      */
     private static class DeserializationChecker implements ObjectInputFilter {

         private static final ObjectInputFilter OWN_FILTER;

         static {
             String prop = AccessController.doPrivileged(
                     (PrivilegedAction<String>) () -> {
                         String tmp = System.getProperty(KEY_SERIAL_FILTER);
                         if (tmp != null) {
                             return tmp;
                         } else {
                             return Security.getProperty(KEY_SERIAL_FILTER);
                         }
                     });
             OWN_FILTER = prop == null
                     ? null
                     : ObjectInputFilter.Config.createFilter(prop);
         }

         // Maximum possible length of anything inside
         private final int maxLength;

         private DeserializationChecker(int maxLength) {
             this.maxLength = maxLength;
         }

         @Override
         public ObjectInputFilter.Status checkInput(
                 ObjectInputFilter.FilterInfo info) {

             if (info.arrayLength() > maxLength) {
                 return Status.REJECTED;
             }

             if (info.serialClass() == Object.class) {
                 return Status.UNDECIDED;
             }

             if (OWN_FILTER != null) {
                 Status result = OWN_FILTER.checkInput(info);
                 if (result != Status.UNDECIDED) {
                     return result;
                 }
             }

             ObjectInputFilter defaultFilter =
                     ObjectInputFilter.Config.getSerialFilter();
             if (defaultFilter != null) {
                 return defaultFilter.checkInput(info);
             }

             return Status.UNDECIDED;
         }
     }
 }
	/*
	* Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation. Oracle designates this
	* particular file as subject to the "Classpath" exception as provided
	* by Oracle in the LICENSE file that accompanied this code.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	package com.sun.crypto.provider;

	import jdk.internal.misc.SharedSecrets;

	import java.io.*;
	import java.security.*;
	import javax.crypto.*;

	final class SealedObjectForKeyProtector extends SealedObject {

	static final long serialVersionUID = -3650226485480866989L;

	/**
	* The InputStreamFilter for a Key object inside this SealedObject. It can
	* be either provided as a {@link Security} property or a system property
	* (when provided as latter, it shadows the former). If the result of this
	* filter is {@link java.io.ObjectInputFilter.Status.UNDECIDED}, the system
	* level filter defined by jdk.serialFilter will be consulted. The value
	* of this property uses the same format of jdk.serialFilter.
	*/
	private static final String KEY_SERIAL_FILTER = "jceks.key.serialFilter";

	SealedObjectForKeyProtector(Serializable object, Cipher c)
	throws IOException, IllegalBlockSizeException {
	super(object, c);
	}

	SealedObjectForKeyProtector(SealedObject so) {
	super(so);
	}

	AlgorithmParameters getParameters() {
	AlgorithmParameters params = null;
	if (super.encodedParams != null) {
	try {
	params = AlgorithmParameters.getInstance("PBE",
	SunJCE.getInstance());
	params.init(super.encodedParams);
	} catch (NoSuchAlgorithmException nsae) {
	throw new RuntimeException(
	"SunJCE provider is not configured properly");
	} catch (IOException io) {
	throw new RuntimeException("Parameter failure: "+
	io.getMessage());
	}
	}
	return params;
	}

	final Key getKey(Cipher c, int maxLength)
	throws IOException, ClassNotFoundException, IllegalBlockSizeException,
	BadPaddingException {

	try (ObjectInputStream ois = SharedSecrets.getJavaxCryptoSealedObjectAccess()
	.getExtObjectInputStream(this, c)) {
	AccessController.doPrivileged(
	(PrivilegedAction<Void>) () -> {
	ois.setObjectInputFilter(new DeserializationChecker(maxLength));
	return null;
	});
	try {
	@SuppressWarnings("unchecked")
	Key t = (Key) ois.readObject();
	return t;
	} catch (InvalidClassException ice) {
	String msg = ice.getMessage();
	if (msg.contains("REJECTED")) {
	throw new IOException("Rejected by the"
	+ " jceks.key.serialFilter or jdk.serialFilter"
	+ " property", ice);
	} else {
	throw ice;
	}
	}
	}
	}

	/**
	* The filter for the content of a SealedObjectForKeyProtector.
	*
	* First, the jceks.key.serialFilter will be consulted. If the result
	* is UNDECIDED, the system level jdk.serialFilter will be consulted.
	*/
	private static class DeserializationChecker implements ObjectInputFilter {

	private static final ObjectInputFilter OWN_FILTER;

	static {
	String prop = AccessController.doPrivileged(
	(PrivilegedAction<String>) () -> {
	String tmp = System.getProperty(KEY_SERIAL_FILTER);
	if (tmp != null) {
	return tmp;
	} else {
	return Security.getProperty(KEY_SERIAL_FILTER);
	}
	});
	OWN_FILTER = prop == null
	? null
	: ObjectInputFilter.Config.createFilter(prop);
	}

	// Maximum possible length of anything inside
	private final int maxLength;

	private DeserializationChecker(int maxLength) {
	this.maxLength = maxLength;
	}

	@Override
	public ObjectInputFilter.Status checkInput(
	ObjectInputFilter.FilterInfo info) {

	if (info.arrayLength() > maxLength) {
	return Status.REJECTED;
	}

	if (info.serialClass() == Object.class) {
	return Status.UNDECIDED;
	}

	if (OWN_FILTER != null) {
	Status result = OWN_FILTER.checkInput(info);
	if (result != Status.UNDECIDED) {
	return result;
	}
	}

	ObjectInputFilter defaultFilter =
	ObjectInputFilter.Config.getSerialFilter();
	if (defaultFilter != null) {
	return defaultFilter.checkInput(info);
	}

	return Status.UNDECIDED;
	}
	}
	}