J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2000-2006 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. Sun designates this |
| 8 | * particular file as subject to the "Classpath" exception as provided |
| 9 | * by Sun in the LICENSE file that accompanied this code. |
| 10 | * |
| 11 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 12 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 13 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 14 | * version 2 for more details (a copy is included in the LICENSE file that |
| 15 | * accompanied this code). |
| 16 | * |
| 17 | * You should have received a copy of the GNU General Public License version |
| 18 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 19 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 20 | * |
| 21 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 22 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 23 | * have any questions. |
| 24 | */ |
| 25 | package sun.security.provider.certpath; |
| 26 | |
| 27 | |
| 28 | import java.util.ArrayList; |
| 29 | import java.util.Collections; |
| 30 | import java.util.Iterator; |
| 31 | import java.util.List; |
| 32 | |
| 33 | |
| 34 | /** |
| 35 | * An AdjacencyList is used to store the history of certification paths |
| 36 | * attempted in constructing a path from an initiator to a target. The |
| 37 | * AdjacencyList is initialized with a <code>List</code> of |
| 38 | * <code>List</code>s, where each sub-<code>List</code> contains objects of |
| 39 | * type <code>Vertex</code>. A <code>Vertex</code> describes one possible or |
| 40 | * actual step in the chain building process, and the associated |
| 41 | * <code>Certificate</code>. Specifically, a <code>Vertex</code> object |
| 42 | * contains a <code>Certificate</code> and an index value referencing the |
| 43 | * next sub-list in the process. If the index value is -1 then this |
| 44 | * <code>Vertex</code> doesn't continue the attempted build path. |
| 45 | * <p> |
| 46 | * Example: |
| 47 | * <p> |
| 48 | * Attempted Paths:<ul> |
| 49 | * <li>C1->C2->C3 |
| 50 | * <li>C1->C4->C5 |
| 51 | * <li>C1->C4->C6 |
| 52 | * <li>C1->C4->C7 |
| 53 | * <li>C1->C8->C9 |
| 54 | * <li>C1->C10->C11 |
| 55 | * </ul> |
| 56 | * <p> |
| 57 | * AdjacencyList structure:<ul> |
| 58 | * <li>AL[0] = C1,1 |
| 59 | * <li>AL[1] = C2,2 =>C4,3 =>C8,4 =>C10,5 |
| 60 | * <li>AL[2] = C3,-1 |
| 61 | * <li>AL[3] = C5,-1 =>C6,-1 =>C7,-1 |
| 62 | * <li>AL[4] = C9,-1 |
| 63 | * <li>AL[5] = C11,-1 |
| 64 | * </ul> |
| 65 | * <p> |
| 66 | * The iterator method returns objects of type <code>BuildStep</code>, not |
| 67 | * objects of type <code>Vertex</code>. |
| 68 | * A <code>BuildStep</code> contains a <code>Vertex</code> and a result code, |
| 69 | * accessable via getResult method. There are five result values. |
| 70 | * <code>POSSIBLE</code> denotes that the current step represents a |
| 71 | * <code>Certificate</code> that the builder is considering at this point in |
| 72 | * the build. <code>FOLLOW</code> denotes a <code>Certificate</code> (one of |
| 73 | * those noted as <code>POSSIBLE</code>) that the builder is using to try |
| 74 | * extending the chain. <code>BACK</code> represents that a |
| 75 | * <code>FOLLOW</code> was incorrect, and is being removed from the chain. |
| 76 | * There is exactly one <code>FOLLOW</code> for each <code>BACK</code>. The |
| 77 | * values <code>SUCCEED</code> and <code>FAIL</code> mean that we've come to |
| 78 | * the end of the build process, and there will not be any more entries in |
| 79 | * the list. |
| 80 | * <p> |
| 81 | * @see sun.security.provider.certpath.BuildStep |
| 82 | * @see sun.security.provider.certpath.Vertex |
| 83 | * <p> |
| 84 | * @author seth proctor |
| 85 | * @since 1.4 |
| 86 | */ |
| 87 | public class AdjacencyList { |
| 88 | |
| 89 | // the actual set of steps the AdjacencyList represents |
| 90 | private ArrayList<BuildStep> mStepList; |
| 91 | |
| 92 | // the original list, just for the toString method |
| 93 | private List<List<Vertex>> mOrigList; |
| 94 | |
| 95 | /** |
| 96 | * Constructs a new <code>AdjacencyList</code> based on the specified |
| 97 | * <code>List</code>. See the example above. |
| 98 | * |
| 99 | * @param list a <code>List</code> of <code>List</code>s of |
| 100 | * <code>Vertex</code> objects |
| 101 | */ |
| 102 | public AdjacencyList(List<List<Vertex>> list) { |
| 103 | mStepList = new ArrayList<BuildStep>(); |
| 104 | mOrigList = list; |
| 105 | buildList(list, 0, null); |
| 106 | } |
| 107 | |
| 108 | /** |
| 109 | * Gets an <code>Iterator</code> to iterate over the set of |
| 110 | * <code>BuildStep</code>s in build-order. Any attempts to change |
| 111 | * the list through the remove method will fail. |
| 112 | * |
| 113 | * @return an <code>Iterator</code> over the <code>BuildStep</code>s |
| 114 | */ |
| 115 | public Iterator<BuildStep> iterator() { |
| 116 | return Collections.unmodifiableList(mStepList).iterator(); |
| 117 | } |
| 118 | |
| 119 | /** |
| 120 | * Recursive, private method which actually builds the step list from |
| 121 | * the given adjacency list. <code>Follow</code> is the parent BuildStep |
| 122 | * that we followed to get here, and if it's null, it means that we're |
| 123 | * at the start. |
| 124 | */ |
| 125 | private boolean buildList(List<List<Vertex>> theList, int index, |
| 126 | BuildStep follow) { |
| 127 | |
| 128 | // Each time this method is called, we're examining a new list |
| 129 | // from the global list. So, we have to start by getting the list |
| 130 | // that contains the set of Vertexes we're considering. |
| 131 | List<Vertex> l = theList.get(index); |
| 132 | |
| 133 | try { |
| 134 | // we're interested in the case where all indexes are -1... |
| 135 | boolean allNegOne = true; |
| 136 | // ...and in the case where every entry has a Throwable |
| 137 | boolean allXcps = true; |
| 138 | |
| 139 | for (Vertex v : l) { |
| 140 | if (v.getIndex() != -1) { |
| 141 | // count an empty list the same as an index of -1...this |
| 142 | // is to patch a bug somewhere in the builder |
| 143 | if (theList.get(v.getIndex()).size() != 0) |
| 144 | allNegOne = false; |
| 145 | } |
| 146 | else |
| 147 | if (v.getThrowable() == null) |
| 148 | allXcps = false; |
| 149 | |
| 150 | // every entry, regardless of the final use for it, is always |
| 151 | // entered as a possible step before we take any actions |
| 152 | mStepList.add(new BuildStep(v, BuildStep.POSSIBLE)); |
| 153 | } |
| 154 | |
| 155 | if (allNegOne) { |
| 156 | // There are two cases that we could be looking at here. We |
| 157 | // may need to back up, or the build may have succeeded at |
| 158 | // this point. This is based on whether or not any |
| 159 | // exceptions were found in the list. |
| 160 | if (allXcps) { |
| 161 | // we need to go back...see if this is the last one |
| 162 | if (follow == null) |
| 163 | mStepList.add(new BuildStep(null, BuildStep.FAIL)); |
| 164 | else |
| 165 | mStepList.add(new BuildStep(follow.getVertex(), |
| 166 | BuildStep.BACK)); |
| 167 | |
| 168 | return false; |
| 169 | } else { |
| 170 | // we succeeded...now the only question is which is the |
| 171 | // successful step? If there's only one entry without |
| 172 | // a throwable, then that's the successful step. Otherwise, |
| 173 | // we'll have to make some guesses... |
| 174 | List<Vertex> possibles = new ArrayList<Vertex>(); |
| 175 | for (Vertex v : l) { |
| 176 | if (v.getThrowable() == null) |
| 177 | possibles.add(v); |
| 178 | } |
| 179 | |
| 180 | if (possibles.size() == 1) { |
| 181 | // real easy...we've found the final Vertex |
| 182 | mStepList.add(new BuildStep(possibles.get(0), |
| 183 | BuildStep.SUCCEED)); |
| 184 | } else { |
| 185 | // ok...at this point, there is more than one Cert |
| 186 | // which might be the succeed step...how do we know |
| 187 | // which it is? I'm going to assume that our builder |
| 188 | // algorithm is good enough to know which is the |
| 189 | // correct one, and put it first...but a FIXME goes |
| 190 | // here anyway, and we should be comparing to the |
| 191 | // target/initiator Cert... |
| 192 | mStepList.add(new BuildStep(possibles.get(0), |
| 193 | BuildStep.SUCCEED)); |
| 194 | } |
| 195 | |
| 196 | return true; |
| 197 | } |
| 198 | } else { |
| 199 | // There's at least one thing that we can try before we give |
| 200 | // up and go back. Run through the list now, and enter a new |
| 201 | // BuildStep for each path that we try to follow. If none of |
| 202 | // the paths we try produce a successful end, we're going to |
| 203 | // have to back out ourselves. |
| 204 | boolean success = false; |
| 205 | |
| 206 | for (Vertex v : l) { |
| 207 | |
| 208 | // Note that we'll only find a SUCCEED case when we're |
| 209 | // looking at the last possible path, so we don't need to |
| 210 | // consider success in the while loop |
| 211 | |
| 212 | if (v.getIndex() != -1) { |
| 213 | if (theList.get(v.getIndex()).size() != 0) { |
| 214 | // If the entry we're looking at doesn't have an |
| 215 | // index of -1, and doesn't lead to an empty list, |
| 216 | // then it's something we follow! |
| 217 | BuildStep bs = new BuildStep(v, BuildStep.FOLLOW); |
| 218 | mStepList.add(bs); |
| 219 | success = buildList(theList, v.getIndex(), bs); |
| 220 | } |
| 221 | } |
| 222 | } |
| 223 | |
| 224 | if (success) { |
| 225 | // We're already finished! |
| 226 | return true; |
| 227 | } else { |
| 228 | // We failed, and we've exhausted all the paths that we |
| 229 | // could take. The only choice is to back ourselves out. |
| 230 | if (follow == null) |
| 231 | mStepList.add(new BuildStep(null, BuildStep.FAIL)); |
| 232 | else |
| 233 | mStepList.add(new BuildStep(follow.getVertex(), |
| 234 | BuildStep.BACK)); |
| 235 | |
| 236 | return false; |
| 237 | } |
| 238 | } |
| 239 | } |
| 240 | catch (Exception e) {} |
| 241 | |
| 242 | // we'll never get here, but you know java... |
| 243 | return false; |
| 244 | } |
| 245 | |
| 246 | /** |
| 247 | * Prints out a string representation of this AdjacencyList. |
| 248 | * |
| 249 | * @return String representation |
| 250 | */ |
| 251 | public String toString() { |
| 252 | String out = "[\n"; |
| 253 | |
| 254 | int i = 0; |
| 255 | for (List<Vertex> l : mOrigList) { |
| 256 | out = out + "LinkedList[" + i++ + "]:\n"; |
| 257 | |
| 258 | for (Vertex step : l) { |
| 259 | try { |
| 260 | out = out + step.toString(); |
| 261 | out = out + "\n"; |
| 262 | } |
| 263 | catch (Exception e) { out = out + "No Such Element\n"; } |
| 264 | } |
| 265 | } |
| 266 | out = out + "]\n"; |
| 267 | |
| 268 | return out; |
| 269 | } |
| 270 | } |