001: /*
002: *
003: *
004: * Copyright 1990-2007 Sun Microsystems, Inc. All Rights Reserved.
005: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
006: *
007: * This program is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU General Public License version
009: * 2 only, as published by the Free Software Foundation.
010: *
011: * This program is distributed in the hope that it will be useful, but
012: * WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * General Public License version 2 for more details (a copy is
015: * included at /legal/license.txt).
016: *
017: * You should have received a copy of the GNU General Public License
018: * version 2 along with this work; if not, write to the Free Software
019: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA
021: *
022: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
023: * Clara, CA 95054 or visit www.sun.com if you need additional
024: * information or have any questions.
025: */
026:
027: package com.sun.satsa.acl;
028:
029: /**
030: * This class represents a set of APDU permissions.
031: */
032: public class APDUPermissions extends ACLPermissions {
033:
034: /**
035: * Constructs new object.
036: * @param parent parent ACFile object.
037: */
038: public APDUPermissions(ACSlot parent) {
039: super (parent);
040: }
041:
042: /**
043: * Verifies that the MIDlet have permission for this APDU command.
044: * @param apdu the command header.
045: * @throws SecurityException if access denied
046: */
047: public void checkPermission(int apdu) {
048:
049: if (type == ALLOW) {
050: return;
051: }
052: if (type == DISALLOW) {
053: throw new SecurityException("Access denied");
054: }
055:
056: for (int i = 0; i < permissions.size(); i++) {
057:
058: int[] data = (int[]) permissions.elementAt(i);
059:
060: for (int k = 0; k < data.length; k = k + 2) {
061: if ((apdu & data[k + 1]) == data[k]) {
062: return;
063: }
064: }
065: }
066: throw new SecurityException("Access denied: "
067: + Integer.toHexString(apdu));
068: }
069:
070: /**
071: * Contains default APDU headers for PIN operations.
072: */
073: private static int[] defaultPINCommand = { 0x80200000, // verify
074: 0x80240000, // change
075: 0x80260000, // disable
076: 0x80280000, // enable
077: 0x802C0000 // unblock
078: };
079:
080: /**
081: * Returns APDU header for given PIN and PIN operation.
082: * Initializes internal variables, verifies that operation is
083: * supported and permitted.
084: * @param id PIN identifier.
085: * @param uid unblocking PIN identifier.
086: * @param action PIN operation code.
087: * @return APDU header encoded as integer.
088: * @throws java.lang.SecurityException if access denied
089: */
090: public int preparePIN(int id, int uid, int action) {
091:
092: checkPINOperation(id, uid, action);
093: Integer result = (Integer) getPINCommand(id, action);
094: int command = result != null ? result.intValue()
095: : defaultPINCommand[action]
096: | (attr1.pinReference & 0xff);
097: checkPermission(command);
098: return command;
099: }
100: }
|