framework.security/src/main/java/org/apache/felix/framework/SecurityActivator.java

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.apache.felix.framework;

import java.io.File;
import java.io.IOException;
import java.util.StringTokenizer;

import org.apache.felix.framework.ext.SecurityProvider;
import org.apache.felix.framework.security.SecurityConstants;
import org.apache.felix.framework.security.condpermadmin.ConditionalPermissionAdminImpl;
import org.apache.felix.framework.security.permissionadmin.PermissionAdminImpl;
import org.apache.felix.framework.security.util.Conditions;
import org.apache.felix.framework.security.util.LocalPermissions;
import org.apache.felix.framework.security.util.Permissions;
import org.apache.felix.framework.security.util.PropertiesCache;
import org.apache.felix.framework.util.SecureAction;
import org.osgi.framework.BundleActivator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.BundleException;
import org.osgi.framework.Constants;
import org.osgi.service.condpermadmin.ConditionalPermissionAdmin;
import org.osgi.service.permissionadmin.PermissionAdmin;

/**
 * <p>
 * This Felix specific activator installs a security provider with the Felix
 * framework. The security settings can be changed via the
 * {@link PermissionAdmin} and/or the {@link ConditionalPermissionAdmin}
 * services that may be published by this class.
 * </p>
 * <p>
 * Permission informations as well as caching data will be stored in several
 * files in a directory called <tt>security</tt> obtained by a call to
 * {@link BundleContext#getDataFile(String))}.
 * </p>
 * <p>
 * The following properties are recognized:
 * <p>
 * {@link SecurityConstants#ENABLE_PERMISSIONADMIN_PROP} - Whether or not (
 * <tt>true</tt>|<tt>false</tt>) to publish a{@link ConditionalPermissionAdmin}
 * service. The default is
 * {@link SecurityConstants#ENABLE_PERMISSIONADMIN_VALUE}.
 * </p>
 * <p>
 * {@link SecurityConstants#ENABLE_CONDPERMADMIN_PROP} - Whether or not (
 * <tt>true</tt>|<tt>false</tt>) to publish a{@link ConditionalPermissionAdmin}
 * service. The default is {@link SecurityConstants#ENABLE_CONDPERMADMIN_VALUE}.
 * </p>
 * <p>
 * {@link SecurityConstants#KEYSTORE_FILE_PROP} - The keystore URL(s) to use as
 * trusted CA stores. The urls must be separated by a guard (i.e., <tt>|</tt>).
 * The default is {@link SecurityConstants#KEYSTORE_FILE_VALUE}.
 * </p>
 * <p>
 * {@link SecurityConstants#KEYSTORE_PASS_PROP} - The keystore password(s) to
 * use for the given keystores. The passwords must be separated by a guard
 * (i.e., <tt>|</tt>).The default is
 * {@link SecurityConstants#KEYSTORE_PASS_VALUE}.
 * </p>
 * <p>
 * {@link SecurityConstants#KEYSTORE_TYPE_PROP} - The keystore type(s) to use
 * for the given keystores. The types must be separated by a guard (i.e.,
 * <tt>|</tt>).The default is {@link SecurityConstants#KEYSTORE_TYPE_VALUE}.
 * </p>
 * <p>
 * {@link SecurityConstants#CRL_FILE_PROP} - The CRL URL(s) to use for revoked
 * certificates. The urls must be separated by a guard (i.e., <tt>|</tt>). The
 * default is {@link SecurityConstants#CRL_FILE_VALUE}.
 * </p>
 * </p>
 */
/*
 * TODO: using a string for passwords is bad. We need to investigate
 * alternatives.
 * 
 * TODO: we might want to allow for the recognized properties to change without
 * a restart. This is trick because we can not publish a managed service due to
 * not being able to import as we are an extension bundle.
 */
public final class SecurityActivator implements BundleActivator
{
    public synchronized void start(BundleContext context) throws Exception
    {
        PermissionAdminImpl pai = null;

        SecureAction action = new SecureAction();

        Permissions permissions = new Permissions(context, action);

        File tmp = context.getDataFile("security" + File.separator + "tmp");
        if ((tmp == null) || (!tmp.isDirectory() && !tmp.mkdirs()))
        {
            throw new IOException("Can't create tmp dir.");
        }
        // TODO: log something if we can not clean-up the tmp dir
        File[] old = tmp.listFiles();
        if (old != null)
        {
            for (int i = 0; i < old.length; i++)
            {
                old[i].delete();
            }
        }

        if ("TRUE".equalsIgnoreCase(getProperty(context,
            SecurityConstants.ENABLE_PERMISSIONADMIN_PROP,
            SecurityConstants.ENABLE_PERMISSIONADMIN_VALUE)))
        {
            File cache = context.getDataFile("security" + File.separator
                + "pa.txt");
            if ((cache == null) || (!cache.isFile() && !cache.createNewFile()))
            {
                throw new IOException("Can't create cache file");
            }
            pai = new PermissionAdminImpl(permissions, new PropertiesCache(
                cache, tmp, action));
        }

        ConditionalPermissionAdminImpl cpai = null;

        if ("TRUE".equalsIgnoreCase(getProperty(context,
            SecurityConstants.ENABLE_CONDPERMADMIN_PROP,
            SecurityConstants.ENABLE_CONDPERMADMIN_VALUE)))
        {
            File cpaCache = context.getDataFile("security" + File.separator
                + "cpa.txt");
            if ((cpaCache == null)
                || (!cpaCache.isFile() && !cpaCache.createNewFile()))
            {
                throw new IOException("Can't create cache file");
            }

            LocalPermissions localPermissions = new LocalPermissions(
                permissions);

            cpai = new ConditionalPermissionAdminImpl(permissions,
                new Conditions(action), localPermissions, new PropertiesCache(
                    cpaCache, tmp, action), pai);
        }

        if ((pai != null) || (cpai != null))
        {
            String crlList = getProperty(context,
                SecurityConstants.CRL_FILE_PROP,
                SecurityConstants.CRL_FILE_VALUE);
            String storeList = getProperty(context,
                SecurityConstants.KEYSTORE_FILE_PROP,
                SecurityConstants.KEYSTORE_FILE_VALUE);
            String passwdList = getProperty(context,
                SecurityConstants.KEYSTORE_PASS_PROP,
                SecurityConstants.KEYSTORE_PASS_VALUE);
            String typeList = getProperty(context,
                SecurityConstants.KEYSTORE_TYPE_PROP,
                SecurityConstants.KEYSTORE_TYPE_VALUE);
            String osgi_keystores = getProperty(context,
                Constants.FRAMEWORK_TRUST_REPOSITORIES, null);
            if (osgi_keystores != null)
            {
                StringTokenizer tok = new StringTokenizer(osgi_keystores,
                    File.pathSeparator);

                if (storeList.length() == 0)
                {
                    storeList += "file:" + tok.nextToken();
                    passwdList += " ";
                    typeList += "JKS";
                }
                while (tok.hasMoreTokens())
                {
                    storeList += "|file:" + tok.nextToken();
                    passwdList += "| ";
                    typeList += "|JKS";
                }
            }

            StringTokenizer storeTok = new StringTokenizer(storeList, "|");
            StringTokenizer passwdTok = new StringTokenizer(passwdList, "|");
            StringTokenizer typeTok = new StringTokenizer(typeList, "|");

            if ((storeTok.countTokens() != typeTok.countTokens())
                || (passwdTok.countTokens() != storeTok.countTokens()))
            {
                throw new BundleException(
                    "Each CACerts keystore must have one type and one passwd entry and vice versa.");
            }

            SecurityProvider provider = new SecurityProviderImpl(crlList,
                typeList, passwdList, storeList, pai, cpai, action);

            ((Felix) context.getBundle(0)).setSecurityProvider(provider);
        }

        if (pai != null)
        {
            context.registerService(PermissionAdmin.class.getName(), pai, null);
        }

        if (cpai != null)
        {
            context.registerService(ConditionalPermissionAdmin.class.getName(),
                cpai, null);
        }
    }

    public synchronized void stop(BundleContext context) throws Exception
    {
        ((Felix) context.getBundle(0)).setSecurityProvider(null);
    }

    private String getProperty(BundleContext context, String key,
        String defaultValue)
    {
        String result = context.getProperty(key);

        return (result != null) ? result : defaultValue;
    }
}