/**
* Load the policies from the specified file. Also checks that the policies are correctly signed.
*/
private static void loadPolicies(
File jarPathName, CryptoPermissions defaultPolicy, CryptoPermissions exemptPolicy)
throws Exception {
JarFile jf = new JarFile(jarPathName);
Enumeration<JarEntry> entries = jf.entries();
while (entries.hasMoreElements()) {
JarEntry je = entries.nextElement();
InputStream is = null;
try {
if (je.getName().startsWith("default_")) {
is = jf.getInputStream(je);
defaultPolicy.load(is);
} else if (je.getName().startsWith("exempt_")) {
is = jf.getInputStream(je);
exemptPolicy.load(is);
} else {
continue;
}
} finally {
if (is != null) {
is.close();
}
}
// Enforce the signer restraint, i.e. signer of JCE framework
// jar should also be the signer of the two jurisdiction policy
// jar files.
JarVerifier.verifyPolicySigned(je.getCertificates());
}
// Close and nullify the JarFile reference to help GC.
jf.close();
jf = null;
}
private static void initialize() {
props = new Properties();
boolean loadedProps = false;
boolean overrideAll = false;
// first load the system properties file
// to determine the value of security.overridePropertiesFile
File propFile = securityPropFile("java.security");
if (propFile.exists()) {
try {
FileInputStream fis = new FileInputStream(propFile);
InputStream is = new BufferedInputStream(fis);
props.load(is);
is.close();
loadedProps = true;
if (sdebug != null) {
sdebug.println("reading security properties file: " + propFile);
}
} catch (IOException e) {
if (sdebug != null) {
sdebug.println("unable to load security properties from " + propFile);
e.printStackTrace();
}
}
}
if ("true".equalsIgnoreCase(props.getProperty("security.overridePropertiesFile"))) {
String extraPropFile = System.getProperty("java.security.properties");
if (extraPropFile != null && extraPropFile.startsWith("=")) {
overrideAll = true;
extraPropFile = extraPropFile.substring(1);
}
if (overrideAll) {
props = new Properties();
if (sdebug != null) {
sdebug.println("overriding other security properties files!");
}
}
// now load the user-specified file so its values
// will win if they conflict with the earlier values
if (extraPropFile != null) {
try {
URL propURL;
extraPropFile = PropertyExpander.expand(extraPropFile);
propFile = new File(extraPropFile);
if (propFile.exists()) {
propURL = new URL("file:" + propFile.getCanonicalPath());
} else {
propURL = new URL(extraPropFile);
}
BufferedInputStream bis = new BufferedInputStream(propURL.openStream());
props.load(bis);
bis.close();
loadedProps = true;
if (sdebug != null) {
sdebug.println("reading security properties file: " + propURL);
if (overrideAll) {
sdebug.println("overriding other security properties files!");
}
}
} catch (Exception e) {
if (sdebug != null) {
sdebug.println("unable to load security properties from " + extraPropFile);
e.printStackTrace();
}
}
}
}
if (!loadedProps) {
initializeStatic();
if (sdebug != null) {
sdebug.println("unable to load security properties " + "-- using defaults");
}
}
}
