/**
* Load the policies from the specified file. Also checks that the policies are correctly signed.
*/
private static void loadPolicies(
File jarPathName, CryptoPermissions defaultPolicy, CryptoPermissions exemptPolicy)
throws Exception {
JarFile jf = new JarFile(jarPathName);
Enumeration<JarEntry> entries = jf.entries();
while (entries.hasMoreElements()) {
JarEntry je = entries.nextElement();
InputStream is = null;
try {
if (je.getName().startsWith("default_")) {
is = jf.getInputStream(je);
defaultPolicy.load(is);
} else if (je.getName().startsWith("exempt_")) {
is = jf.getInputStream(je);
exemptPolicy.load(is);
} else {
continue;
}
} finally {
if (is != null) {
is.close();
}
}
// Enforce the signer restraint, i.e. signer of JCE framework
// jar should also be the signer of the two jurisdiction policy
// jar files.
JarVerifier.verifyPolicySigned(je.getCertificates());
}
// Close and nullify the JarFile reference to help GC.
jf.close();
jf = null;
}
private Certificate[] getCertificates(final File container, final String entry)
throws IOException {
if (container.isDirectory()) {
return null;
}
final JarFile jarFile = this.jarFiles.get(container);
if (jarFile == null) {
return null;
}
final JarEntry ent = jarFile.getJarEntry(entry);
return (Certificate[]) ((ent == null) ? null : ent.getCertificates());
}
public java.security.cert.Certificate[] getCertificates() {
Certificate[] certs = je.getCertificates();
return certs == null ? null : (Certificate[]) certs.clone();
}