- All Implemented Interfaces:
Serializable
This class extends the concept of a codebase to encapsulate not only the location (URL) but also the certificate chains that were used to verify signed code originating from that location.
- Since:
- 1.2
- See Also:
-
Constructor Summary
ConstructorDescriptionCodeSource
(URL url, Certificate[] certs) Constructs aCodeSource
and associates it with the specified location and set of certificates.CodeSource
(URL url, CodeSigner[] signers) Constructs aCodeSource
and associates it with the specified location and set of code signers. -
Method Summary
Modifier and TypeMethodDescriptionboolean
Tests for equality between the specified object and this object.final Certificate[]
Returns the certificates associated with thisCodeSource
.final CodeSigner[]
Returns the code signers associated with thisCodeSource
.final URL
Returns the location associated with thisCodeSource
.int
hashCode()
Returns the hash code value for this object.boolean
implies
(CodeSource codesource) Returns true if thisCodeSource
object "implies" the specifiedCodeSource
.toString()
Returns a string describing thisCodeSource
, telling its URL and certificates.
-
Constructor Details
-
CodeSource
Constructs aCodeSource
and associates it with the specified location and set of certificates.- Parameters:
url
- the location (URL). It may benull
.certs
- the certificate(s). It may benull
. The contents of the array are copied to protect against subsequent modification.
-
CodeSource
Constructs aCodeSource
and associates it with the specified location and set of code signers.- Parameters:
url
- the location (URL). It may benull
.signers
- the code signers. It may benull
. The contents of the array are copied to protect against subsequent modification.- Since:
- 1.5
-
-
Method Details
-
hashCode
-
equals
Tests for equality between the specified object and this object. TwoCodeSource
objects are considered equal if their locations are of identical value and if their signer certificate chains are of identical value. It is not required that the certificate chains be in the same order. -
getLocation
Returns the location associated with thisCodeSource
.- Returns:
- the location (URL), or
null
if no URL was supplied during construction.
-
getCertificates
Returns the certificates associated with thisCodeSource
.If this
CodeSource
object was created using theCodeSource(URL url, CodeSigner[] signers)
constructor then its certificate chains are extracted and used to create an array ofCertificate
objects. Each signer certificate is followed by its supporting certificate chain (which may be empty). Each signer certificate and its supporting certificate chain is ordered bottom-to-top (i.e., with the signer certificate first and the (root) certificate authority last).- Returns:
- a copy of the certificate array, or
null
if there is none.
-
getCodeSigners
Returns the code signers associated with thisCodeSource
.If this
CodeSource
object was created using theCodeSource(URL url, java.security.cert.Certificate[] certs)
constructor then its certificate chains are extracted and used to create an array ofCodeSigner
objects. Note that only X.509 certificates are examined - all other certificate types are ignored.- Returns:
- a copy of the code signer array, or
null
if there is none. - Since:
- 1.5
-
implies
Returns true if thisCodeSource
object "implies" the specifiedCodeSource
.More specifically, this method makes the following checks. If any fail, it returns
false
. If they all succeed, it returnstrue
.- codesource must not be null.
- If this object's certificates are not null, then all of this object's certificates must be present in codesource's certificates.
- If this object's location (getLocation()) is not null, then the
following checks are made against this object's location and
codesource's:
- codesource's location must not be null.
- If this object's location equals codesource's location, then return true.
- This object's protocol (getLocation().getProtocol()) must be equal to codesource's protocol, ignoring case.
- If this object's host (getLocation().getHost()) is not null, then the SocketPermission constructed with this object's host must imply the SocketPermission constructed with codesource's host.
- If this object's port (getLocation().getPort()) is not equal to -1 (that is, if a port is specified), it must equal codesource's port or default port (codesource.getLocation().getDefaultPort()).
- If this object's file (getLocation().getFile()) doesn't equal codesource's file, then the following checks are made: If this object's file ends with "/-", then codesource's file must start with this object's file (exclusive the trailing "-"). If this object's file ends with a "/*", then codesource's file must start with this object's file and must not have any further "/" separators. If this object's file doesn't end with a "/", then codesource's file must match this object's file with a '/' appended.
- If this object's reference (getLocation().getRef()) is not null, it must equal codesource's reference.
For example, the codesource objects with the following locations and
null
certificates all imply the codesource with the locationhttp://www.example.com/classes/foo.jar
andnull
certificates:http: http://*.example.com/classes/* http://www.example.com/classes/- http://www.example.com/classes/foo.jar
Note that if thisCodeSource
has anull
location and anull
certificate chain, then it implies every otherCodeSource
.- Parameters:
codesource
-CodeSource
to compare against.- Returns:
true
if the specified codesource is implied by this codesource,false
if not.
-
toString
-