151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/* 22c87ad3a45cecf9e344487cad1abfdebe79f2c7cNarayan Kamath * Copyright (C) 2014 The Android Open Source Project 351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Copyright (c) 1996, 2010, Oracle and/or its affiliates. All rights reserved. 451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is free software; you can redistribute it and/or modify it 751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * under the terms of the GNU General Public License version 2 only, as 851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * published by the Free Software Foundation. Oracle designates this 951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * particular file as subject to the "Classpath" exception as provided 1051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * by Oracle in the LICENSE file that accompanied this code. 1151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This code is distributed in the hope that it will be useful, but WITHOUT 1351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * version 2 for more details (a copy is included in the LICENSE file that 1651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * accompanied this code). 1751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 1851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * You should have received a copy of the GNU General Public License version 1951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2 along with this work; if not, write to the Free Software Foundation, 2051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 2251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or visit www.oracle.com if you need additional information or have any 2451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * questions. 2551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 2651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipackage java.security; 2851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 2951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.io.Serializable; 3051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Enumeration; 3151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiimport java.util.Properties; 3251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 3351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski/** 3451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>This class represents a scope for identities. It is an Identity 3551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * itself, and therefore has a name and can have a scope. It can also 3651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * optionally have a public key and associated certificates. 3751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 3851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>An IdentityScope can contain Identity objects of all kinds, including 3951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Signers. All types of Identity objects can be retrieved, added, and 4051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * removed using the same methods. Note that it is possible, and in fact 4151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * expected, that different types of identity scopes will 4251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * apply different policies for their various operations on the 4351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * various types of Identities. 4451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 4551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>There is a one-to-one mapping between keys and identities, and 4651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * there can only be one copy of one key per scope. For example, suppose 4751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <b>Acme Software, Inc</b> is a software publisher known to a user. 4851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Suppose it is an Identity, that is, it has a public key, and a set of 4951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * associated certificates. It is named in the scope using the name 5051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * "Acme Software". No other named Identity in the scope has the same 5151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * public key. Of course, none has the same name as well. 5251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 5351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Identity 5451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Signer 5551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Principal 5651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see Key 5751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 5851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @author Benjamin Renaud 5951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 6051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @deprecated This class is no longer used. Its functionality has been 6151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * replaced by <code>java.security.KeyStore</code>, the 6251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>java.security.cert</code> package, and 6351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>java.security.Principal</code>. 6451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 6551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski@Deprecated 6651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskipublic abstract 6751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebskiclass IdentityScope extends Identity { 6851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 6951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static final long serialVersionUID = -2337346281189773310L; 7051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /* The system's scope */ 7251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static IdentityScope scope; 7351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // initialize the system scope 7551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static void initializeSystemScope() { 7651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 7751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski String classname = AccessController.doPrivileged( 7851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski new PrivilegedAction<String>() { 7951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String run() { 8051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return Security.getProperty("system.scope"); 8151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 8251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski }); 8351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (classname == null) { 8551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return; 8651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } else { 8851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 8951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski try { 905d4394fda0504fc0997e1128d05ec7cbfcac6522Piotr Jastrzebski scope = (IdentityScope) Class.forName(classname).newInstance(); 915d4394fda0504fc0997e1128d05ec7cbfcac6522Piotr Jastrzebski } catch (Exception e) { 9251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski //Security.error("unable to establish a system scope from " + 9351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski // classname); 9451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski e.printStackTrace(); 9551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 9851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 9951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 10051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * This constructor is used for serialization only and should not 10151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * be used by subclasses. 10251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 10351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected IdentityScope() { 10451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski this("restoring..."); 10551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 10651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 10751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 10851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Constructs a new identity scope with the specified name. 10951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 11051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name the scope name. 11151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 11251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public IdentityScope(String name) { 11351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super(name); 11451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 11551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 11651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 11751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Constructs a new identity scope with the specified name and scope. 11851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 11951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name the scope name. 12051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param scope the scope for the new identity scope. 12151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 12251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception KeyManagementException if there is already an identity 12351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * with the same name in the scope. 12451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 12551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public IdentityScope(String name, IdentityScope scope) 12651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws KeyManagementException { 12751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski super(name, scope); 12851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 12951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 13051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 13151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the system's identity scope. 13251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the system's identity scope, or {@code null} if none has been 13451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * set. 13551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 13651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see #setSystemScope 13751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 13851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public static IdentityScope getSystemScope() { 13951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (scope == null) { 14051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski initializeSystemScope(); 14151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return scope; 14351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 14451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 14651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 14751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Sets the system's identity scope. 14851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 14951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <p>First, if there is a security manager, its 15051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>checkSecurityAccess</code> 15151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * method is called with <code>"setSystemScope"</code> 15251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * as its argument to see if it's ok to set the identity scope. 15351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 15451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param scope the scope to set. 15551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 15651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception SecurityException if a security manager exists and its 15751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * <code>checkSecurityAccess</code> method doesn't allow 15851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * setting the identity scope. 15951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 16051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see #getSystemScope 16151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @see SecurityManager#checkSecurityAccess 16251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 16351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski protected static void setSystemScope(IdentityScope scope) { 16451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski check("setSystemScope"); 16551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski IdentityScope.scope = scope; 16651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 16751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 16851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 16951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the number of identities within this identity scope. 17051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the number of identities within this identity scope. 17251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 17351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract int size(); 17451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 17551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 17651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns the identity in this scope with the specified name (if any). 17751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 17851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param name the name of the identity to be retrieved. 17951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 18051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the identity named <code>name</code>, or null if there are 18151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * no identities named <code>name</code> in this scope. 18251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 18351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract Identity getIdentity(String name); 18451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 18551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 18651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Retrieves the identity whose name is the same as that of the 18751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * specified principal. (Note: Identity implements Principal.) 18851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 18951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param principal the principal corresponding to the identity 19051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * to be retrieved. 19151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 19251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the identity whose name is the same as that of the 19351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * principal, or null if there are no identities of the same name 19451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * in this scope. 19551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 19651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public Identity getIdentity(Principal principal) { 19751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return getIdentity(principal.getName()); 19851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 19951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 20051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 20151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Retrieves the identity with the specified public key. 20251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 20351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param key the public key for the identity to be returned. 20451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 20551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return the identity with the given key, or null if there are 20651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * no identities in this scope with that key. 20751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 20851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract Identity getIdentity(PublicKey key); 20951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 21051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 21151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Adds an identity to this identity scope. 21251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 21351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param identity the identity to be added. 21451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 21551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception KeyManagementException if the identity is not 21651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * valid, a name conflict occurs, another identity has the same 21751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * public key as the identity being added, or another exception 21851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * occurs. */ 21951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract void addIdentity(Identity identity) 22051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws KeyManagementException; 22151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 22251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 22351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Removes an identity from this identity scope. 22451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 22551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @param identity the identity to be removed. 22651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 22751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @exception KeyManagementException if the identity is missing, 22851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * or another exception occurs. 22951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 23051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract void removeIdentity(Identity identity) 23151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski throws KeyManagementException; 23251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 23351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 23451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns an enumeration of all identities in this identity scope. 23551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 23651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return an enumeration of all identities in this identity scope. 23751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 23851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public abstract Enumeration<Identity> identities(); 23951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 24051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski /** 24151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * Returns a string representation of this identity scope, including 24251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * its name, its scope name, and the number of identities in this 24351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * identity scope. 24451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * 24551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski * @return a string representation of this identity scope. 24651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski */ 24751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski public String toString() { 24851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski return super.toString() + "[" + size() + "]"; 24951b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 25051b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 25151b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski private static void check(String directive) { 25251b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski SecurityManager security = System.getSecurityManager(); 25351b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski if (security != null) { 25451b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski security.checkSecurityAccess(directive); 25551b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 25651b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski } 25751b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski 25851b1b6997fd3f980076b8081f7f1165ccc2a4008Piotr Jastrzebski} 259