diff options
| -rw-r--r-- | gnu/javax/net/ssl/provider/SSLContextImpl.java | 322 | ||||
| -rw-r--r-- | gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java | 116 | ||||
| -rw-r--r-- | gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java | 116 | ||||
| -rw-r--r-- | gnu/javax/net/ssl/provider/ServerKeyExchangeBuilder.java | 89 | ||||
| -rw-r--r-- | gnu/javax/net/ssl/provider/SimpleSessionContext.java | 146 |
5 files changed, 789 insertions, 0 deletions
diff --git a/gnu/javax/net/ssl/provider/SSLContextImpl.java b/gnu/javax/net/ssl/provider/SSLContextImpl.java new file mode 100644 index 000000000..be75cb028 --- /dev/null +++ b/gnu/javax/net/ssl/provider/SSLContextImpl.java @@ -0,0 +1,322 @@ +/* SSLContextImpl.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import gnu.javax.net.ssl.AbstractSessionContext; +import gnu.javax.net.ssl.NullManagerParameters; +import gnu.javax.net.ssl.SRPTrustManager; +import gnu.javax.net.ssl.StaticTrustAnchors; + +import java.security.InvalidAlgorithmParameterException; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.NoSuchProviderException; +import java.security.SecureRandom; +import java.security.UnrecoverableKeyException; + +import javax.net.ssl.KeyManager; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContextSpi; +import javax.net.ssl.SSLEngine; +import javax.net.ssl.SSLException; +import javax.net.ssl.SSLServerSocketFactory; +import javax.net.ssl.SSLSessionContext; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.X509ExtendedKeyManager; +import javax.net.ssl.X509KeyManager; +import javax.net.ssl.X509TrustManager; + +/** + * Our implementation of {@link SSLContextSpi}. + * + * @author Casey Marshall (csm@gnu.org) + */ +public final class SSLContextImpl + extends SSLContextSpi +{ + private SSLSessionContext serverContext; + private SSLSessionContext clientContext; + + X509ExtendedKeyManager keyManager; + X509TrustManager trustManager; + SRPTrustManager srpTrustManager; + SecureRandom random; + + public SSLContextImpl() + { + } + + /* (non-Javadoc) + * @see javax.net.ssl.SSLContextSpi#engineCreateSSLEngine() + */ + protected @Override SSLEngine engineCreateSSLEngine() + { + return engineCreateSSLEngine(null, -1); + } + + /* (non-Javadoc) + * @see javax.net.ssl.SSLContextSpi#engineCreateSSLEngine(java.lang.String, int) + */ + protected @Override SSLEngine engineCreateSSLEngine(String host, int port) + { + return new SSLEngineImpl(this, host, port); + } + + /* (non-Javadoc) + * @see javax.net.ssl.SSLContextSpi#engineGetClientSessionContext() + */ + protected @Override synchronized SSLSessionContext engineGetClientSessionContext() + { + if (clientContext == null) + { + try + { + clientContext = AbstractSessionContext.newInstance(); + } + catch (SSLException ssle) + { + // XXX Ignore? + } + } + return clientContext; + } + + /* (non-Javadoc) + * @see javax.net.ssl.SSLContextSpi#engineGetServerSessionContext() + */ + protected @Override synchronized SSLSessionContext engineGetServerSessionContext() + { + if (serverContext == null) + { + try + { + serverContext = AbstractSessionContext.newInstance(); + } + catch (SSLException ssle) + { + // XXX Ignore? + } + } + return serverContext; + } + + /* (non-Javadoc) + * @see javax.net.ssl.SSLContextSpi#engineGetServerSocketFactory() + */ + protected @Override SSLServerSocketFactory engineGetServerSocketFactory() + { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see javax.net.ssl.SSLContextSpi#engineGetSocketFactory() + */ + protected @Override SSLSocketFactory engineGetSocketFactory() + { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see javax.net.ssl.SSLContextSpi#engineInit(javax.net.ssl.KeyManager[], javax.net.ssl.TrustManager[], java.security.SecureRandom) + */ + protected @Override void engineInit(KeyManager[] keyManagers, + TrustManager[] trustManagers, + SecureRandom random) + throws KeyManagementException + { + keyManager = null; + trustManager = null; + srpTrustManager = null; + if (keyManagers != null) + { + for (int i = 0; i < keyManagers.length; i++) + { + if (keyManagers[i] instanceof X509ExtendedKeyManager) + { + keyManager = (X509ExtendedKeyManager) keyManagers[i]; + break; + } + } + } + if (keyManager == null) + { + keyManager = defaultKeyManager(); + } + if (trustManagers != null) + { + for (int i = 0; i < trustManagers.length; i++) + { + if (trustManagers[i] instanceof X509TrustManager) + { + if (trustManager == null) + { + trustManager = (X509TrustManager) trustManagers[i]; + } + } + else if (trustManagers[i] instanceof SRPTrustManager) + { + if (srpTrustManager == null) + { + srpTrustManager = (SRPTrustManager) trustManagers[i]; + } + } + } + } + if (trustManager == null && srpTrustManager == null) + { + trustManager = defaultTrustManager(); + } + if (random != null) + { + this.random = random; + } + else + { + this.random = defaultRandom(); + } + } + + /** + * Create and return a default key manager. The default is the JessieX509 + * algorithm, loaded from either the jssecerts file, or the cacerts file. + * + * @return The default key manager instance. + * @throws KeyManagementException If the instance cannot be created. + */ + private X509ExtendedKeyManager defaultKeyManager() throws KeyManagementException + { + KeyManagerFactory fact = null; + try + { + fact = KeyManagerFactory.getInstance("JessieX509", "Jessie"); + } + catch (NoSuchAlgorithmException nsae) + { + throw new KeyManagementException(nsae); + } + catch (NoSuchProviderException nspe) + { + throw new KeyManagementException(nspe); + } + try + { + fact.init(null, null); + return (X509ExtendedKeyManager) fact.getKeyManagers()[0]; + } + catch (NoSuchAlgorithmException nsae) { } + catch (KeyStoreException kse) { } + catch (UnrecoverableKeyException uke) { } + catch (IllegalStateException ise) { } + + try + { + fact.init(new NullManagerParameters()); + return (X509ExtendedKeyManager) fact.getKeyManagers()[0]; + } + catch (Exception shouldNotHappen) + { + throw new Error(shouldNotHappen.toString()); + } + } + + /** + * Create and return a default trust manager. The default is the JessieX509 + * algorithm, loaded from either the jssecerts file, or the cacerts file. + * + * @return The default trust manager instance. + * @throws KeyManagementException If the instance cannot be created. + */ + private X509TrustManager defaultTrustManager() throws KeyManagementException + { + try + { + TrustManagerFactory fact = + TrustManagerFactory.getInstance("JessieX509", "Jessie"); + fact.init((KeyStore) null); + return (X509TrustManager) fact.getTrustManagers()[0]; + } + catch (NoSuchAlgorithmException nsae) + { + throw new KeyManagementException(nsae); + } + catch (NoSuchProviderException nspe) + { + throw new KeyManagementException(nspe); + } + catch (KeyStoreException kse) + { + throw new KeyManagementException(kse); + } + } + + /** + * Create a default secure PRNG. This is defined as either the algorithm + * given in the <code>gnu.javax.net.ssl.secureRandom</code> security + * property, or Fortuna if that property is not set. If none of these + * algorithms can be found, and instance created with the SecureRandom + * constructor is returned. + * + * @return The default secure PRNG instance. + */ + private SecureRandom defaultRandom() + { + String alg = Util.getSecurityProperty("gnu.javax.net.ssl.secureRandom"); + if (alg == null) + { + alg = "Fortuna"; + } + SecureRandom rand = null; + try + { + rand = SecureRandom.getInstance(alg); + } + catch (NoSuchAlgorithmException nsae) + { + rand = new SecureRandom(); + } + + return rand; + } +}
\ No newline at end of file diff --git a/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java b/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java new file mode 100644 index 000000000..763bbaf3b --- /dev/null +++ b/gnu/javax/net/ssl/provider/SSLv3HMacMD5Impl.java @@ -0,0 +1,116 @@ +/* SSLv3HMacMD5.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.spec.AlgorithmParameterSpec; +import java.util.Collections; +import java.util.Map; + +import javax.crypto.MacSpi; +import javax.crypto.SecretKey; + +/** + * @author csm + */ +public class SSLv3HMacMD5Impl extends MacSpi +{ + private final SSLHMac adaptee; + + public SSLv3HMacMD5Impl() + { + adaptee = new SSLHMac("MD5"); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineDoFinal() + */ + @Override protected byte[] engineDoFinal() + { + return adaptee.digest(); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineGetMacLength() + */ + @Override protected int engineGetMacLength() + { + return adaptee.macSize(); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineInit(java.security.Key, java.security.spec.AlgorithmParameterSpec) + */ + @Override protected void engineInit(Key key, AlgorithmParameterSpec params) + throws InvalidAlgorithmParameterException, InvalidKeyException + { + if (!(key instanceof SecretKey) + || !key.getAlgorithm().equalsIgnoreCase("SSLv3HMac-MD5")) + throw new InvalidKeyException("expecting secret key with algorithm \"SSLv3HMac-MD5\""); + Map<String,byte[]> attr = + Collections.singletonMap(SSLHMac.MAC_KEY_MATERIAL, key.getEncoded()); + adaptee.init(attr); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineReset() + */ + @Override protected void engineReset() + { + adaptee.reset(); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineUpdate(byte) + */ + @Override protected void engineUpdate(byte input) + { + adaptee.update(input); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineUpdate(byte[], int, int) + */ + @Override protected void engineUpdate(byte[] input, int offset, int length) + { + adaptee.update(input, offset, length); + } +} diff --git a/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java b/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java new file mode 100644 index 000000000..008a21c04 --- /dev/null +++ b/gnu/javax/net/ssl/provider/SSLv3HMacSHAImpl.java @@ -0,0 +1,116 @@ +/* SSLv3HMacSHA.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.spec.AlgorithmParameterSpec; +import java.util.Collections; +import java.util.Map; + +import javax.crypto.MacSpi; +import javax.crypto.SecretKey; + +/** + * @author csm + */ +public class SSLv3HMacSHAImpl extends MacSpi +{ + private final SSLHMac adaptee; + + public SSLv3HMacSHAImpl() + { + adaptee = new SSLHMac("SHA-160"); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineDoFinal() + */ + @Override protected byte[] engineDoFinal() + { + return adaptee.digest(); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineGetMacLength() + */ + @Override protected int engineGetMacLength() + { + return adaptee.macSize(); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineInit(java.security.Key, java.security.spec.AlgorithmParameterSpec) + */ + @Override protected void engineInit(Key key, AlgorithmParameterSpec params) + throws InvalidAlgorithmParameterException, InvalidKeyException + { + if (!(key instanceof SecretKey) + || !key.getAlgorithm().equalsIgnoreCase("SSLv3HMac-SHA")) + throw new InvalidKeyException("expecting secret key with algorithm \"SSLv3HMac-SHA\""); + Map<String,byte[]> attr = + Collections.singletonMap(SSLHMac.MAC_KEY_MATERIAL, key.getEncoded()); + adaptee.init(attr); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineReset() + */ + @Override protected void engineReset() + { + adaptee.reset(); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineUpdate(byte) + */ + @Override protected void engineUpdate(byte input) + { + adaptee.update(input); + } + + /* (non-Javadoc) + * @see javax.crypto.MacSpi#engineUpdate(byte[], int, int) + */ + @Override protected void engineUpdate(byte[] input, int offset, int length) + { + adaptee.update(input, offset, length); + } +} diff --git a/gnu/javax/net/ssl/provider/ServerKeyExchangeBuilder.java b/gnu/javax/net/ssl/provider/ServerKeyExchangeBuilder.java new file mode 100644 index 000000000..d4b6fa397 --- /dev/null +++ b/gnu/javax/net/ssl/provider/ServerKeyExchangeBuilder.java @@ -0,0 +1,89 @@ +/* ServerKeyExchangeBuilder.java -- + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import java.nio.ByteBuffer; + +/** + * Builder for {@link ServerKeyExchange} objects. + * + * @author Casey Marshall (csm@gnu.org) + */ +public class ServerKeyExchangeBuilder extends ServerKeyExchange + implements Builder +{ + public ServerKeyExchangeBuilder(final CipherSuite suite) + { + super(ByteBuffer.allocate(1024), suite); + } + + /* (non-Javadoc) + * @see gnu.javax.net.ssl.provider.Builder#buffer() + */ + public ByteBuffer buffer() + { + return ((ByteBuffer) buffer.duplicate().position(0).limit(length())).slice(); + } + + public void setParams(ByteBuffer params) + { + if (suite.keyExchangeAlgorithm() == KeyExchangeAlgorithm.NONE) + throw new IllegalArgumentException("key exchange algorithm is none"); + ensureCapacity(params.remaining()); + buffer.duplicate().put(params); + } + + public void setSignature(ByteBuffer signature) + { + if (suite.keyExchangeAlgorithm() == KeyExchangeAlgorithm.NONE) + throw new IllegalArgumentException("key exchange algorithm is none"); + int paramsLen = params().length(); + ensureCapacity(paramsLen + signature.remaining()); + ((ByteBuffer) buffer.duplicate().position(paramsLen)).put(signature); + } + + public void ensureCapacity(int capacity) + { + if (buffer.capacity() >= capacity) + return; + ByteBuffer newBuffer = ByteBuffer.allocate(capacity); + newBuffer.duplicate().put(buffer); + buffer = newBuffer; + } +} diff --git a/gnu/javax/net/ssl/provider/SimpleSessionContext.java b/gnu/javax/net/ssl/provider/SimpleSessionContext.java new file mode 100644 index 000000000..b9d0f9551 --- /dev/null +++ b/gnu/javax/net/ssl/provider/SimpleSessionContext.java @@ -0,0 +1,146 @@ +/* SimpleSessionContext.java -- memory-only session store. + Copyright (C) 2006 Free Software Foundation, Inc. + +This file is a part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or (at +your option) any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; if not, write to the Free Software +Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 +USA + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.javax.net.ssl.provider; + +import gnu.javax.net.ssl.AbstractSessionContext; +import gnu.javax.net.ssl.Session; +import gnu.javax.net.ssl.SessionStoreException; +import gnu.javax.net.ssl.Session.ID; + +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +/** + * A simple, non-persistent SessionContext. + * + * @author csm + */ +public final class SimpleSessionContext + extends AbstractSessionContext +{ + /** + * By default, sessions last for 5 minutes. + */ + public static final int DEFAULT_TIMEOUT = 300; + + private final HashMap<Session.ID, Session> store; + private int storeLimit; + + public SimpleSessionContext() + { + super(DEFAULT_TIMEOUT); + storeLimit = 0; + store = new HashMap<Session.ID, Session>(); + } + + @Override + protected Session implGet(byte[] sessionId) + { + return store.get(new Session.ID(sessionId)); + } + + @Override + public void load(char[] password) throws SessionStoreException + { + // Not supported. Memory-only. + } + + @Override + public void put(Session session) + { + if (storeLimit > 0 && store.size() >= storeLimit) + { + Session oldest = null; + for (Map.Entry<Session.ID, Session> e : store.entrySet()) + { + Session s = e.getValue(); + long stamp = s.getLastAccessedTime(); + if (oldest == null || oldest.getLastAccessedTime() > stamp) + oldest = s; + } + store.remove(oldest.id()); + } + store.put(session.id(), session); + } + + @Override + public void remove(byte[] sessionId) + { + store.remove(new Session.ID(sessionId)); + } + + @Override + public void store(char[] password) throws SessionStoreException + { + // Not supported. Memory-only. + } + + public Enumeration getIds() + { + return new Enumeration() + { + Iterator<Session.ID> it = store.keySet().iterator(); + + public boolean hasMoreElements() + { + return it.hasNext(); + } + + public Object nextElement() + { + return it.next().id(); + } + }; + } + + public int getSessionCacheSize() + { + return storeLimit; + } + + public void setSessionCacheSize(int size) + { + if (size < 0) + throw new IllegalArgumentException("cache size must be nonnegative"); + this.storeLimit = size; + } + +} |