1 /*
2 * Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.security;
27
28 import java.io.*;
29 import java.util.*;
30 import static java.util.Locale.ENGLISH;
31 import java.lang.ref.*;
32 import java.lang.reflect.*;
33 import java.util.function.BiConsumer;
34 import java.util.function.BiFunction;
35 import java.util.function.Function;
36
37 /**
38 * This class represents a "provider" for the
39 * Java Security API, where a provider implements some or all parts of
40 * Java Security. Services that a provider may implement include:
41 *
42 * <ul>
43 *
44 * <li>Algorithms (such as DSA, RSA, or SHA-256).
45 *
46 * <li>Key generation, conversion, and management facilities (such as for
47 * algorithm-specific keys).
48 *
49 * </ul>
50 *
51 * <p>Some provider implementations may encounter unrecoverable internal
52 * errors during their operation, for example a failure to communicate with a
53 * security token. A {@link ProviderException} should be used to indicate
54 * such errors.
55 *
56 * <p>Please note that a provider can be used to implement any security
57 * service in Java that uses a pluggable architecture with a choice
58 * of implementations that fit underneath.
59 *
60 * <p>The service type {@code Provider} is reserved for use by the
61 * security framework. Services of this type cannot be added, removed,
62 * or modified by applications.
63 * The following attributes are automatically placed in each Provider object:
64 * <table cellspacing=4>
65 * <caption><b>Attributes Automatically Placed in a Provider Object</b></caption>
66 * <tr><th>Name</th><th>Value</th>
67 * <tr><td>{@code Provider.id name}</td>
68 * <td>{@code String.valueOf(provider.getName())}</td>
69 * <tr><td>{@code Provider.id version}</td>
70 * <td>{@code String.valueOf(provider.getVersionStr())}</td>
71 * <tr><td>{@code Provider.id info}</td>
72 <td>{@code String.valueOf(provider.getInfo())}</td>
73 * <tr><td>{@code Provider.id className}</td>
74 * <td>{@code provider.getClass().getName()}</td>
75 * </table>
76 *
77 * <p>Each provider has a name and a version string. A provider normally
78 * identifies itself with a file named {@code java.security.Provider}
79 * in the resource directory {@code META-INF/services}.
80 * Security providers are looked up via the {@link ServiceLoader} mechanism
81 * using the {@link ClassLoader#getSystemClassLoader application class loader}.
82 *
83 * <p>Providers may be configured such that they are automatically
84 * installed and made available at runtime via the
85 * {@link Security#getProviders() Security.getProviders()} method.
86 * The mechanism for configuring and installing security providers is
87 * implementation-specific.
88 *
89 * @implNote
90 * The JDK implementation supports static registration of the security
91 * providers via the {@code conf/security/java.security} file in the Java
92 * installation directory. These providers are automatically installed by
93 * the JDK runtime, see <a href =
94 * "../../../technotes/guides/security/crypto/CryptoSpec.html#Provider">The Provider Class</a>
95 * in the "Java Cryptography Architecture API Specification & Reference"
96 * for information about how a particular type of provider, the cryptographic
97 * service provider, works and is installed.
98 *
99 * @author Benjamin Renaud
100 * @author Andreas Sterbenz
101 */
102 public abstract class Provider extends Properties {
103
104 // Declare serialVersionUID to be compatible with JDK1.1
105 private static final long serialVersionUID = -4298000515446427739L;
106
107 private static final sun.security.util.Debug debug =
108 sun.security.util.Debug.getInstance("provider", "Provider");
109
110 /**
111 * The provider name.
112 *
113 * @serial
114 */
115 private String name;
116
117 /**
118 * A description of the provider and its services.
119 *
120 * @serial
121 */
122 private String info;
123
124 /**
125 * The provider version number.
126 *
127 * @serial
128 */
129 private double version;
130
131 /**
132 * The provider version string.
133 *
134 * @serial
135 */
136 private String versionStr;
137
138 private transient Set<Map.Entry<Object,Object>> entrySet = null;
139 private transient int entrySetCallCount = 0;
140
141 private transient boolean initialized;
142
143 private static Object newInstanceUtil(final Class<?> clazz,
144 final Class<?> ctrParamClz, final Object ctorParamObj)
145 throws Exception {
146 if (ctrParamClz == null) {
147 Constructor<?> con = clazz.getConstructor();
148 return con.newInstance();
149 } else {
150 // Looking for the constructor with a params first and fallback
151 // to one without if not found. This is to support the enhanced
152 // SecureRandom where both styles of constructors are supported.
153 // Before jdk9, there was no params support (only getInstance(alg))
154 // and an impl only had the params-less constructor. Since jdk9,
155 // there is getInstance(alg,params) and an impl can contain
156 // an Impl(params) constructor.
157 try {
158 Constructor<?> con = clazz.getConstructor(ctrParamClz);
159 return con.newInstance(ctorParamObj);
160 } catch (NoSuchMethodException nsme) {
161 // For pre-jdk9 SecureRandom implementations, they only
162 // have params-less constructors which still works when
163 // the input ctorParamObj is null.
164 //
165 // For other primitives using params, ctorParamObj should not
166 // be null and nsme is thrown, just like before.
167 if (ctorParamObj == null) {
168 try {
169 Constructor<?> con = clazz.getConstructor();
170 return con.newInstance();
171 } catch (NoSuchMethodException nsme2) {
172 nsme.addSuppressed(nsme2);
173 throw nsme;
174 }
175 } else {
176 throw nsme;
177 }
178 }
179 }
180 }
181
182 private static double parseVersionStr(String s) {
183 try {
184 int firstDotIdx = s.indexOf('.');
185 int nextDotIdx = s.indexOf('.', firstDotIdx + 1);
186 if (nextDotIdx != -1) {
187 s = s.substring(0, nextDotIdx);
188 }
189 int endIdx = s.indexOf('-');
190 if (endIdx > 0) {
191 s = s.substring(0, endIdx);
192 }
193 endIdx = s.indexOf('+');
194 if (endIdx > 0) {
195 s = s.substring(0, endIdx);
196 }
197 return Double.parseDouble(s);
198 } catch (NullPointerException | NumberFormatException e) {
199 return 0d;
200 }
201 }
202
203 /**
204 * Constructs a provider with the specified name, version number,
205 * and information. Calling this constructor is equivalent to call the
206 * {@link #Provider(String, String, String)} with {@code name}
207 * name, {@code Double.toString(version)}, and {@code info}.
208 *
209 * @param name the provider name.
210 *
211 * @param version the provider version number.
212 *
213 * @param info a description of the provider and its services.
214 *
215 * @deprecated use {@link #Provider(String, String, String)} instead.
216 */
217 @Deprecated(since="9")
218 protected Provider(String name, double version, String info) {
219 this.name = name;
220 this.version = version;
221 this.versionStr = Double.toString(version);
222 this.info = info;
223 putId();
224 initialized = true;
225 }
226
227 /**
228 * Constructs a provider with the specified name, version string,
229 * and information.
230 *
231 * <p>The version string contains a version number optionally followed
232 * by other information separated by one of the characters of '+', '-'.
233 *
234 * The format for the version number is:
235 *
236 * <blockquote><pre>
237 * ^[0-9]+(\.[0-9]+)*
238 * </pre></blockquote>
239 *
240 * <p>In order to return the version number in a double, when there are
241 * more than two components (separated by '.' as defined above), only
242 * the first two components are retained. The resulting string is then
243 * passed to {@link Double#valueOf(String)} to generate version number,
244 * i.e. {@link #getVersion}.
245 * <p>If the conversion failed, value 0 will be used.
246 *
247 * @param name the provider name.
248 *
249 * @param versionStr the provider version string.
250 *
251 * @param info a description of the provider and its services.
252 *
253 * @since 9
254 */
255 protected Provider(String name, String versionStr, String info) {
256 this.name = name;
257 this.versionStr = versionStr;
258 this.version = parseVersionStr(versionStr);
259 this.info = info;
260 putId();
261 initialized = true;
262 }
263
264 /**
265 * Apply the supplied configuration argument to this provider instance
266 * and return the configured provider. Note that if this provider cannot
267 * be configured in-place, a new provider will be created and returned.
268 * Therefore, callers should always use the returned provider.
269 *
270 * @implSpec
271 * The default implementation throws {@code UnsupportedOperationException}.
272 * Subclasses should override this method only if a configuration argument
273 * is supported.
274 *
275 * @param configArg the configuration information for configuring this
276 * provider.
277 *
278 * @throws UnsupportedOperationException if a configuration argument is
279 * not supported.
280 * @throws NullPointerException if the supplied configuration argument is
281 null.
282 * @throws InvalidParameterException if the supplied configuration argument
283 * is invalid.
284 * @return a provider configured with the supplied configuration argument.
285 *
286 * @since 9
287 */
288 public Provider configure(String configArg) {
289 throw new UnsupportedOperationException("configure is not supported");
290 }
291
292 /**
293 * Check if this provider instance has been configured.
294 *
295 * @implSpec
296 * The default implementation returns true.
297 * Subclasses should override this method if the provider instance requires
298 * an explicit {@code configure} call after being constructed.
299 *
300 * @return true if no further configuration is needed, false otherwise.
301 *
302 * @since 9
303 */
304 public boolean isConfigured() {
305 return true;
306 }
307
308
309 /**
310 * Returns the name of this provider.
311 *
312 * @return the name of this provider.
313 */
314 public String getName() {
315 return name;
316 }
317
318 /**
319 * Returns the version number for this provider.
320 *
321 * @return the version number for this provider.
322 *
323 * @deprecated use {@link #getVersionStr} instead.
324 */
325 @Deprecated(since="9")
326 public double getVersion() {
327 return version;
328 }
329
330 /**
331 * Returns the version string for this provider.
332 *
333 * @return the version string for this provider.
334 *
335 * @since 9
336 */
337 public String getVersionStr() {
338 return versionStr;
339 }
340
341 /**
342 * Returns a human-readable description of the provider and its
343 * services. This may return an HTML page, with relevant links.
344 *
345 * @return a description of the provider and its services.
346 */
347 public String getInfo() {
348 return info;
349 }
350
351 /**
352 * Returns a string with the name and the version string
353 * of this provider.
354 *
355 * @return the string with the name and the version string
356 * for this provider.
357 */
358 public String toString() {
359 return name + " version " + versionStr;
360 }
361
362 /*
363 * override the following methods to ensure that provider
364 * information can only be changed if the caller has the appropriate
365 * permissions.
366 */
367
368 /**
369 * Clears this provider so that it no longer contains the properties
370 * used to look up facilities implemented by the provider.
371 *
372 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
373 * method is called with the string {@code "clearProviderProperties."+name}
374 * (where {@code name} is the provider name) to see if it's ok to clear
375 * this provider.
376 *
377 * @throws SecurityException
378 * if a security manager exists and its {@link
379 * java.lang.SecurityManager#checkSecurityAccess} method
380 * denies access to clear this provider
381 *
382 * @since 1.2
383 */
384 @Override
385 public synchronized void clear() {
386 check("clearProviderProperties."+name);
387 if (debug != null) {
388 debug.println("Remove " + name + " provider properties");
389 }
390 implClear();
391 }
392
393 /**
394 * Reads a property list (key and element pairs) from the input stream.
395 *
396 * @param inStream the input stream.
397 * @exception IOException if an error occurred when reading from the
398 * input stream.
399 * @see java.util.Properties#load
400 */
401 @Override
402 public synchronized void load(InputStream inStream) throws IOException {
403 check("putProviderProperty."+name);
404 if (debug != null) {
405 debug.println("Load " + name + " provider properties");
406 }
407 Properties tempProperties = new Properties();
408 tempProperties.load(inStream);
409 implPutAll(tempProperties);
410 }
411
412 /**
413 * Copies all of the mappings from the specified Map to this provider.
414 * These mappings will replace any properties that this provider had
415 * for any of the keys currently in the specified Map.
416 *
417 * @since 1.2
418 */
419 @Override
420 public synchronized void putAll(Map<?,?> t) {
421 check("putProviderProperty."+name);
422 if (debug != null) {
423 debug.println("Put all " + name + " provider properties");
424 }
425 implPutAll(t);
426 }
427
428 /**
429 * Returns an unmodifiable Set view of the property entries contained
430 * in this Provider.
431 *
432 * @see java.util.Map.Entry
433 * @since 1.2
434 */
435 @Override
436 public synchronized Set<Map.Entry<Object,Object>> entrySet() {
437 checkInitialized();
438 if (entrySet == null) {
439 if (entrySetCallCount++ == 0) // Initial call
440 entrySet = Collections.unmodifiableMap(this).entrySet();
441 else
442 return super.entrySet(); // Recursive call
443 }
444
445 // This exception will be thrown if the implementation of
446 // Collections.unmodifiableMap.entrySet() is changed such that it
447 // no longer calls entrySet() on the backing Map. (Provider's
448 // entrySet implementation depends on this "implementation detail",
449 // which is unlikely to change.
450 if (entrySetCallCount != 2)
451 throw new RuntimeException("Internal error.");
452
453 return entrySet;
454 }
455
456 /**
457 * Returns an unmodifiable Set view of the property keys contained in
458 * this provider.
459 *
460 * @since 1.2
461 */
462 @Override
463 public Set<Object> keySet() {
464 checkInitialized();
465 return Collections.unmodifiableSet(super.keySet());
466 }
467
468 /**
469 * Returns an unmodifiable Collection view of the property values
470 * contained in this provider.
471 *
472 * @since 1.2
473 */
474 @Override
475 public Collection<Object> values() {
476 checkInitialized();
477 return Collections.unmodifiableCollection(super.values());
478 }
479
480 /**
481 * Sets the {@code key} property to have the specified
482 * {@code value}.
483 *
484 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
485 * method is called with the string {@code "putProviderProperty."+name},
486 * where {@code name} is the provider name, to see if it's ok to set this
487 * provider's property values.
488 *
489 * @throws SecurityException
490 * if a security manager exists and its {@link
491 * java.lang.SecurityManager#checkSecurityAccess} method
492 * denies access to set property values.
493 *
494 * @since 1.2
495 */
496 @Override
497 public synchronized Object put(Object key, Object value) {
498 check("putProviderProperty."+name);
499 if (debug != null) {
500 debug.println("Set " + name + " provider property [" +
501 key + "/" + value +"]");
502 }
503 return implPut(key, value);
504 }
505
506 /**
507 * If the specified key is not already associated with a value (or is mapped
508 * to {@code null}) associates it with the given value and returns
509 * {@code null}, else returns the current value.
510 *
511 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
512 * method is called with the string {@code "putProviderProperty."+name},
513 * where {@code name} is the provider name, to see if it's ok to set this
514 * provider's property values.
515 *
516 * @throws SecurityException
517 * if a security manager exists and its {@link
518 * java.lang.SecurityManager#checkSecurityAccess} method
519 * denies access to set property values.
520 *
521 * @since 1.8
522 */
523 @Override
524 public synchronized Object putIfAbsent(Object key, Object value) {
525 check("putProviderProperty."+name);
526 if (debug != null) {
527 debug.println("Set " + name + " provider property [" +
528 key + "/" + value +"]");
529 }
530 return implPutIfAbsent(key, value);
531 }
532
533 /**
534 * Removes the {@code key} property (and its corresponding
535 * {@code value}).
536 *
537 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
538 * method is called with the string {@code "removeProviderProperty."+name},
539 * where {@code name} is the provider name, to see if it's ok to remove this
540 * provider's properties.
541 *
542 * @throws SecurityException
543 * if a security manager exists and its {@link
544 * java.lang.SecurityManager#checkSecurityAccess} method
545 * denies access to remove this provider's properties.
546 *
547 * @since 1.2
548 */
549 @Override
550 public synchronized Object remove(Object key) {
551 check("removeProviderProperty."+name);
552 if (debug != null) {
553 debug.println("Remove " + name + " provider property " + key);
554 }
555 return implRemove(key);
556 }
557
558 /**
559 * Removes the entry for the specified key only if it is currently
560 * mapped to the specified value.
561 *
562 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
563 * method is called with the string {@code "removeProviderProperty."+name},
564 * where {@code name} is the provider name, to see if it's ok to remove this
565 * provider's properties.
566 *
567 * @throws SecurityException
568 * if a security manager exists and its {@link
569 * java.lang.SecurityManager#checkSecurityAccess} method
570 * denies access to remove this provider's properties.
571 *
572 * @since 1.8
573 */
574 @Override
575 public synchronized boolean remove(Object key, Object value) {
576 check("removeProviderProperty."+name);
577 if (debug != null) {
578 debug.println("Remove " + name + " provider property " + key);
579 }
580 return implRemove(key, value);
581 }
582
583 /**
584 * Replaces the entry for the specified key only if currently
585 * mapped to the specified value.
586 *
587 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
588 * method is called with the string {@code "putProviderProperty."+name},
589 * where {@code name} is the provider name, to see if it's ok to set this
590 * provider's property values.
591 *
592 * @throws SecurityException
593 * if a security manager exists and its {@link
594 * java.lang.SecurityManager#checkSecurityAccess} method
595 * denies access to set property values.
596 *
597 * @since 1.8
598 */
599 @Override
600 public synchronized boolean replace(Object key, Object oldValue,
601 Object newValue) {
602 check("putProviderProperty." + name);
603
604 if (debug != null) {
605 debug.println("Replace " + name + " provider property " + key);
606 }
607 return implReplace(key, oldValue, newValue);
608 }
609
610 /**
611 * Replaces the entry for the specified key only if it is
612 * currently mapped to some value.
613 *
614 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
615 * method is called with the string {@code "putProviderProperty."+name},
616 * where {@code name} is the provider name, to see if it's ok to set this
617 * provider's property values.
618 *
619 * @throws SecurityException
620 * if a security manager exists and its {@link
621 * java.lang.SecurityManager#checkSecurityAccess} method
622 * denies access to set property values.
623 *
624 * @since 1.8
625 */
626 @Override
627 public synchronized Object replace(Object key, Object value) {
628 check("putProviderProperty." + name);
629
630 if (debug != null) {
631 debug.println("Replace " + name + " provider property " + key);
632 }
633 return implReplace(key, value);
634 }
635
636 /**
637 * Replaces each entry's value with the result of invoking the given
638 * function on that entry, in the order entries are returned by an entry
639 * set iterator, until all entries have been processed or the function
640 * throws an exception.
641 *
642 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
643 * method is called with the string {@code "putProviderProperty."+name},
644 * where {@code name} is the provider name, to see if it's ok to set this
645 * provider's property values.
646 *
647 * @throws SecurityException
648 * if a security manager exists and its {@link
649 * java.lang.SecurityManager#checkSecurityAccess} method
650 * denies access to set property values.
651 *
652 * @since 1.8
653 */
654 @Override
655 public synchronized void replaceAll(BiFunction<? super Object,
656 ? super Object, ? extends Object> function) {
657 check("putProviderProperty." + name);
658
659 if (debug != null) {
660 debug.println("ReplaceAll " + name + " provider property ");
661 }
662 implReplaceAll(function);
663 }
664
665 /**
666 * Attempts to compute a mapping for the specified key and its
667 * current mapped value (or {@code null} if there is no current
668 * mapping).
669 *
670 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
671 * method is called with the strings {@code "putProviderProperty."+name}
672 * and {@code "removeProviderProperty."+name}, where {@code name} is the
673 * provider name, to see if it's ok to set this provider's property values
674 * and remove this provider's properties.
675 *
676 * @throws SecurityException
677 * if a security manager exists and its {@link
678 * java.lang.SecurityManager#checkSecurityAccess} method
679 * denies access to set property values or remove properties.
680 *
681 * @since 1.8
682 */
683 @Override
684 public synchronized Object compute(Object key, BiFunction<? super Object,
685 ? super Object, ? extends Object> remappingFunction) {
686 check("putProviderProperty." + name);
687 check("removeProviderProperty." + name);
688
689 if (debug != null) {
690 debug.println("Compute " + name + " provider property " + key);
691 }
692 return implCompute(key, remappingFunction);
693 }
694
695 /**
696 * If the specified key is not already associated with a value (or
697 * is mapped to {@code null}), attempts to compute its value using
698 * the given mapping function and enters it into this map unless
699 * {@code null}.
700 *
701 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
702 * method is called with the strings {@code "putProviderProperty."+name}
703 * and {@code "removeProviderProperty."+name}, where {@code name} is the
704 * provider name, to see if it's ok to set this provider's property values
705 * and remove this provider's properties.
706 *
707 * @throws SecurityException
708 * if a security manager exists and its {@link
709 * java.lang.SecurityManager#checkSecurityAccess} method
710 * denies access to set property values and remove properties.
711 *
712 * @since 1.8
713 */
714 @Override
715 public synchronized Object computeIfAbsent(Object key, Function<? super Object,
716 ? extends Object> mappingFunction) {
717 check("putProviderProperty." + name);
718 check("removeProviderProperty." + name);
719
720 if (debug != null) {
721 debug.println("ComputeIfAbsent " + name + " provider property " +
722 key);
723 }
724 return implComputeIfAbsent(key, mappingFunction);
725 }
726
727 /**
728 * If the value for the specified key is present and non-null, attempts to
729 * compute a new mapping given the key and its current mapped value.
730 *
731 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
732 * method is called with the strings {@code "putProviderProperty."+name}
733 * and {@code "removeProviderProperty."+name}, where {@code name} is the
734 * provider name, to see if it's ok to set this provider's property values
735 * and remove this provider's properties.
736 *
737 * @throws SecurityException
738 * if a security manager exists and its {@link
739 * java.lang.SecurityManager#checkSecurityAccess} method
740 * denies access to set property values or remove properties.
741 *
742 * @since 1.8
743 */
744 @Override
745 public synchronized Object computeIfPresent(Object key, BiFunction<? super Object,
746 ? super Object, ? extends Object> remappingFunction) {
747 check("putProviderProperty." + name);
748 check("removeProviderProperty." + name);
749
750 if (debug != null) {
751 debug.println("ComputeIfPresent " + name + " provider property " +
752 key);
753 }
754 return implComputeIfPresent(key, remappingFunction);
755 }
756
757 /**
758 * If the specified key is not already associated with a value or is
759 * associated with null, associates it with the given value. Otherwise,
760 * replaces the value with the results of the given remapping function,
761 * or removes if the result is null. This method may be of use when
762 * combining multiple mapped values for a key.
763 *
764 * <p>If a security manager is enabled, its {@code checkSecurityAccess}
765 * method is called with the strings {@code "putProviderProperty."+name}
766 * and {@code "removeProviderProperty."+name}, where {@code name} is the
767 * provider name, to see if it's ok to set this provider's property values
768 * and remove this provider's properties.
769 *
770 * @throws SecurityException
771 * if a security manager exists and its {@link
772 * java.lang.SecurityManager#checkSecurityAccess} method
773 * denies access to set property values or remove properties.
774 *
775 * @since 1.8
776 */
777 @Override
778 public synchronized Object merge(Object key, Object value, BiFunction<? super Object,
779 ? super Object, ? extends Object> remappingFunction) {
780 check("putProviderProperty." + name);
781 check("removeProviderProperty." + name);
782
783 if (debug != null) {
784 debug.println("Merge " + name + " provider property " + key);
785 }
786 return implMerge(key, value, remappingFunction);
787 }
788
789 // let javadoc show doc from superclass
790 @Override
791 public Object get(Object key) {
792 checkInitialized();
793 return super.get(key);
794 }
795 /**
796 * @since 1.8
797 */
798 @Override
799 public synchronized Object getOrDefault(Object key, Object defaultValue) {
800 checkInitialized();
801 return super.getOrDefault(key, defaultValue);
802 }
803
804 /**
805 * @since 1.8
806 */
807 @Override
808 public synchronized void forEach(BiConsumer<? super Object, ? super Object> action) {
809 checkInitialized();
810 super.forEach(action);
811 }
812
813 // let javadoc show doc from superclass
814 @Override
815 public Enumeration<Object> keys() {
816 checkInitialized();
817 return super.keys();
818 }
819
820 // let javadoc show doc from superclass
821 @Override
822 public Enumeration<Object> elements() {
823 checkInitialized();
824 return super.elements();
825 }
826
827 // let javadoc show doc from superclass
828 public String getProperty(String key) {
829 checkInitialized();
830 return super.getProperty(key);
831 }
832
833 private void checkInitialized() {
834 if (!initialized) {
835 throw new IllegalStateException();
836 }
837 }
838
839 private void check(String directive) {
840 checkInitialized();
841 SecurityManager security = System.getSecurityManager();
842 if (security != null) {
843 security.checkSecurityAccess(directive);
844 }
845 }
846
847 // legacy properties changed since last call to any services method?
848 private transient boolean legacyChanged;
849 // serviceMap changed since last call to getServices()
850 private transient boolean servicesChanged;
851
852 // Map<String,String>
853 private transient Map<String,String> legacyStrings;
854
855 // Map<ServiceKey,Service>
856 // used for services added via putService(), initialized on demand
857 private transient Map<ServiceKey,Service> serviceMap;
858
859 // Map<ServiceKey,Service>
860 // used for services added via legacy methods, init on demand
861 private transient Map<ServiceKey,Service> legacyMap;
862
863 // Set<Service>
864 // Unmodifiable set of all services. Initialized on demand.
865 private transient Set<Service> serviceSet;
866
867 // register the id attributes for this provider
868 // this is to ensure that equals() and hashCode() do not incorrectly
869 // report to different provider objects as the same
870 private void putId() {
871 // note: name and info may be null
872 super.put("Provider.id name", String.valueOf(name));
873 super.put("Provider.id version", String.valueOf(versionStr));
874 super.put("Provider.id info", String.valueOf(info));
875 super.put("Provider.id className", this.getClass().getName());
876 }
877
878 /**
879 * Reads the {@code ObjectInputStream} for the default serializable fields.
880 * If the serialized field {@code versionStr} is found in the STREAM FIELDS,
881 * its String value will be used to populate both the version string and
882 * version number. If {@code versionStr} is not found, but {@code version}
883 * is, then its double value will be used to populate both fields.
884 *
885 * @param in the {@code ObjectInputStream} to read
886 * @serial
887 */
888 private void readObject(ObjectInputStream in)
889 throws IOException, ClassNotFoundException {
890 Map<Object,Object> copy = new HashMap<>();
891 for (Map.Entry<Object,Object> entry : super.entrySet()) {
892 copy.put(entry.getKey(), entry.getValue());
893 }
894 defaults = null;
895 in.defaultReadObject();
896 if (this.versionStr == null) {
897 // set versionStr based on version when not found in serialized bytes
898 this.versionStr = Double.toString(this.version);
899 } else {
900 // otherwise, set version based on versionStr
901 this.version = parseVersionStr(this.versionStr);
902 }
903 implClear();
904 initialized = true;
905 putAll(copy);
906 }
907
908 private boolean checkLegacy(Object key) {
909 String keyString = (String)key;
910 if (keyString.startsWith("Provider.")) {
911 return false;
912 }
913
914 legacyChanged = true;
915 if (legacyStrings == null) {
916 legacyStrings = new LinkedHashMap<>();
917 }
918 return true;
919 }
920
921 /**
922 * Copies all of the mappings from the specified Map to this provider.
923 * Internal method to be called AFTER the security check has been
924 * performed.
925 */
926 private void implPutAll(Map<?,?> t) {
927 for (Map.Entry<?,?> e : t.entrySet()) {
928 implPut(e.getKey(), e.getValue());
929 }
930 }
931
932 private Object implRemove(Object key) {
933 if (key instanceof String) {
934 if (!checkLegacy(key)) {
935 return null;
936 }
937 legacyStrings.remove((String)key);
938 }
939 return super.remove(key);
940 }
941
942 private boolean implRemove(Object key, Object value) {
943 if (key instanceof String && value instanceof String) {
944 if (!checkLegacy(key)) {
945 return false;
946 }
947 legacyStrings.remove((String)key, value);
948 }
949 return super.remove(key, value);
950 }
951
952 private boolean implReplace(Object key, Object oldValue, Object newValue) {
953 if ((key instanceof String) && (oldValue instanceof String) &&
954 (newValue instanceof String)) {
955 if (!checkLegacy(key)) {
956 return false;
957 }
958 legacyStrings.replace((String)key, (String)oldValue,
959 (String)newValue);
960 }
961 return super.replace(key, oldValue, newValue);
962 }
963
964 private Object implReplace(Object key, Object value) {
965 if ((key instanceof String) && (value instanceof String)) {
966 if (!checkLegacy(key)) {
967 return null;
968 }
969 legacyStrings.replace((String)key, (String)value);
970 }
971 return super.replace(key, value);
972 }
973
974 @SuppressWarnings("unchecked") // Function must actually operate over strings
975 private void implReplaceAll(BiFunction<? super Object, ? super Object,
976 ? extends Object> function) {
977 legacyChanged = true;
978 if (legacyStrings == null) {
979 legacyStrings = new LinkedHashMap<>();
980 } else {
981 legacyStrings.replaceAll((BiFunction<? super String, ? super String,
982 ? extends String>) function);
983 }
984 super.replaceAll(function);
985 }
986
987 @SuppressWarnings("unchecked") // Function must actually operate over strings
988 private Object implMerge(Object key, Object value, BiFunction<? super Object,
989 ? super Object, ? extends Object> remappingFunction) {
990 if ((key instanceof String) && (value instanceof String)) {
991 if (!checkLegacy(key)) {
992 return null;
993 }
994 legacyStrings.merge((String)key, (String)value,
995 (BiFunction<? super String, ? super String, ? extends String>) remappingFunction);
996 }
997 return super.merge(key, value, remappingFunction);
998 }
999
1000 @SuppressWarnings("unchecked") // Function must actually operate over strings
1001 private Object implCompute(Object key, BiFunction<? super Object,
1002 ? super Object, ? extends Object> remappingFunction) {
1003 if (key instanceof String) {
1004 if (!checkLegacy(key)) {
1005 return null;
1006 }
1007 legacyStrings.compute((String) key,
1008 (BiFunction<? super String,? super String, ? extends String>) remappingFunction);
1009 }
1010 return super.compute(key, remappingFunction);
1011 }
1012
1013 @SuppressWarnings("unchecked") // Function must actually operate over strings
1014 private Object implComputeIfAbsent(Object key, Function<? super Object,
1015 ? extends Object> mappingFunction) {
1016 if (key instanceof String) {
1017 if (!checkLegacy(key)) {
1018 return null;
1019 }
1020 legacyStrings.computeIfAbsent((String) key,
1021 (Function<? super String, ? extends String>) mappingFunction);
1022 }
1023 return super.computeIfAbsent(key, mappingFunction);
1024 }
1025
1026 @SuppressWarnings("unchecked") // Function must actually operate over strings
1027 private Object implComputeIfPresent(Object key, BiFunction<? super Object,
1028 ? super Object, ? extends Object> remappingFunction) {
1029 if (key instanceof String) {
1030 if (!checkLegacy(key)) {
1031 return null;
1032 }
1033 legacyStrings.computeIfPresent((String) key,
1034 (BiFunction<? super String, ? super String, ? extends String>) remappingFunction);
1035 }
1036 return super.computeIfPresent(key, remappingFunction);
1037 }
1038
1039 private Object implPut(Object key, Object value) {
1040 if ((key instanceof String) && (value instanceof String)) {
1041 if (!checkLegacy(key)) {
1042 return null;
1043 }
1044 legacyStrings.put((String)key, (String)value);
1045 }
1046 return super.put(key, value);
1047 }
1048
1049 private Object implPutIfAbsent(Object key, Object value) {
1050 if ((key instanceof String) && (value instanceof String)) {
1051 if (!checkLegacy(key)) {
1052 return null;
1053 }
1054 legacyStrings.putIfAbsent((String)key, (String)value);
1055 }
1056 return super.putIfAbsent(key, value);
1057 }
1058
1059 private void implClear() {
1060 if (legacyStrings != null) {
1061 legacyStrings.clear();
1062 }
1063 if (legacyMap != null) {
1064 legacyMap.clear();
1065 }
1066 if (serviceMap != null) {
1067 serviceMap.clear();
1068 }
1069 legacyChanged = false;
1070 servicesChanged = false;
1071 serviceSet = null;
1072 super.clear();
1073 putId();
1074 }
1075
1076 // used as key in the serviceMap and legacyMap HashMaps
1077 private static class ServiceKey {
1078 private final String type;
1079 private final String algorithm;
1080 private final String originalAlgorithm;
1081 private ServiceKey(String type, String algorithm, boolean intern) {
1082 this.type = type;
1083 this.originalAlgorithm = algorithm;
1084 algorithm = algorithm.toUpperCase(ENGLISH);
1085 this.algorithm = intern ? algorithm.intern() : algorithm;
1086 }
1087 public int hashCode() {
1088 return type.hashCode() + algorithm.hashCode();
1089 }
1090 public boolean equals(Object obj) {
1091 if (this == obj) {
1092 return true;
1093 }
1094 if (obj instanceof ServiceKey == false) {
1095 return false;
1096 }
1097 ServiceKey other = (ServiceKey)obj;
1098 return this.type.equals(other.type)
1099 && this.algorithm.equals(other.algorithm);
1100 }
1101 boolean matches(String type, String algorithm) {
1102 return (this.type == type) && (this.originalAlgorithm == algorithm);
1103 }
1104 }
1105
1106 /**
1107 * Ensure all the legacy String properties are fully parsed into
1108 * service objects.
1109 */
1110 private void ensureLegacyParsed() {
1111 if ((legacyChanged == false) || (legacyStrings == null)) {
1112 return;
1113 }
1114 serviceSet = null;
1115 if (legacyMap == null) {
1116 legacyMap = new LinkedHashMap<>();
1117 } else {
1118 legacyMap.clear();
1119 }
1120 for (Map.Entry<String,String> entry : legacyStrings.entrySet()) {
1121 parseLegacyPut(entry.getKey(), entry.getValue());
1122 }
1123 removeInvalidServices(legacyMap);
1124 legacyChanged = false;
1125 }
1126
1127 /**
1128 * Remove all invalid services from the Map. Invalid services can only
1129 * occur if the legacy properties are inconsistent or incomplete.
1130 */
1131 private void removeInvalidServices(Map<ServiceKey,Service> map) {
1132 for (Iterator<Map.Entry<ServiceKey, Service>> t =
1133 map.entrySet().iterator(); t.hasNext(); ) {
1134 Service s = t.next().getValue();
1135 if (s.isValid() == false) {
1136 t.remove();
1137 }
1138 }
1139 }
1140
1141 private String[] getTypeAndAlgorithm(String key) {
1142 int i = key.indexOf('.');
1143 if (i < 1) {
1144 if (debug != null) {
1145 debug.println("Ignoring invalid entry in provider "
1146 + name + ":" + key);
1147 }
1148 return null;
1149 }
1150 String type = key.substring(0, i);
1151 String alg = key.substring(i + 1);
1152 return new String[] {type, alg};
1153 }
1154
1155 private static final String ALIAS_PREFIX = "Alg.Alias.";
1156 private static final String ALIAS_PREFIX_LOWER = "alg.alias.";
1157 private static final int ALIAS_LENGTH = ALIAS_PREFIX.length();
1158
1159 private void parseLegacyPut(String name, String value) {
1160 if (name.toLowerCase(ENGLISH).startsWith(ALIAS_PREFIX_LOWER)) {
1161 // e.g. put("Alg.Alias.MessageDigest.SHA", "SHA-1");
1162 // aliasKey ~ MessageDigest.SHA
1163 String stdAlg = value;
1164 String aliasKey = name.substring(ALIAS_LENGTH);
1165 String[] typeAndAlg = getTypeAndAlgorithm(aliasKey);
1166 if (typeAndAlg == null) {
1167 return;
1168 }
1169 String type = getEngineName(typeAndAlg[0]);
1170 String aliasAlg = typeAndAlg[1].intern();
1171 ServiceKey key = new ServiceKey(type, stdAlg, true);
1172 Service s = legacyMap.get(key);
1173 if (s == null) {
1174 s = new Service(this);
1175 s.type = type;
1176 s.algorithm = stdAlg;
1177 legacyMap.put(key, s);
1178 }
1179 legacyMap.put(new ServiceKey(type, aliasAlg, true), s);
1180 s.addAlias(aliasAlg);
1181 } else {
1182 String[] typeAndAlg = getTypeAndAlgorithm(name);
1183 if (typeAndAlg == null) {
1184 return;
1185 }
1186 int i = typeAndAlg[1].indexOf(' ');
1187 if (i == -1) {
1188 // e.g. put("MessageDigest.SHA-1", "sun.security.provider.SHA");
1189 String type = getEngineName(typeAndAlg[0]);
1190 String stdAlg = typeAndAlg[1].intern();
1191 String className = value;
1192 ServiceKey key = new ServiceKey(type, stdAlg, true);
1193 Service s = legacyMap.get(key);
1194 if (s == null) {
1195 s = new Service(this);
1196 s.type = type;
1197 s.algorithm = stdAlg;
1198 legacyMap.put(key, s);
1199 }
1200 s.className = className;
1201 } else { // attribute
1202 // e.g. put("MessageDigest.SHA-1 ImplementedIn", "Software");
1203 String attributeValue = value;
1204 String type = getEngineName(typeAndAlg[0]);
1205 String attributeString = typeAndAlg[1];
1206 String stdAlg = attributeString.substring(0, i).intern();
1207 String attributeName = attributeString.substring(i + 1);
1208 // kill additional spaces
1209 while (attributeName.startsWith(" ")) {
1210 attributeName = attributeName.substring(1);
1211 }
1212 attributeName = attributeName.intern();
1213 ServiceKey key = new ServiceKey(type, stdAlg, true);
1214 Service s = legacyMap.get(key);
1215 if (s == null) {
1216 s = new Service(this);
1217 s.type = type;
1218 s.algorithm = stdAlg;
1219 legacyMap.put(key, s);
1220 }
1221 s.addAttribute(attributeName, attributeValue);
1222 }
1223 }
1224 }
1225
1226 /**
1227 * Get the service describing this Provider's implementation of the
1228 * specified type of this algorithm or alias. If no such
1229 * implementation exists, this method returns null. If there are two
1230 * matching services, one added to this provider using
1231 * {@link #putService putService()} and one added via {@link #put put()},
1232 * the service added via {@link #putService putService()} is returned.
1233 *
1234 * @param type the type of {@link Service service} requested
1235 * (for example, {@code MessageDigest})
1236 * @param algorithm the case insensitive algorithm name (or alternate
1237 * alias) of the service requested (for example, {@code SHA-1})
1238 *
1239 * @return the service describing this Provider's matching service
1240 * or null if no such service exists
1241 *
1242 * @throws NullPointerException if type or algorithm is null
1243 *
1244 * @since 1.5
1245 */
1246 public synchronized Service getService(String type, String algorithm) {
1247 checkInitialized();
1248 // avoid allocating a new key object if possible
1249 ServiceKey key = previousKey;
1250 if (key.matches(type, algorithm) == false) {
1251 key = new ServiceKey(type, algorithm, false);
1252 previousKey = key;
1253 }
1254 if (serviceMap != null) {
1255 Service service = serviceMap.get(key);
1256 if (service != null) {
1257 return service;
1258 }
1259 }
1260 ensureLegacyParsed();
1261 return (legacyMap != null) ? legacyMap.get(key) : null;
1262 }
1263
1264 // ServiceKey from previous getService() call
1265 // by re-using it if possible we avoid allocating a new object
1266 // and the toUpperCase() call.
1267 // re-use will occur e.g. as the framework traverses the provider
1268 // list and queries each provider with the same values until it finds
1269 // a matching service
1270 private static volatile ServiceKey previousKey =
1271 new ServiceKey("", "", false);
1272
1273 /**
1274 * Get an unmodifiable Set of all services supported by
1275 * this Provider.
1276 *
1277 * @return an unmodifiable Set of all services supported by
1278 * this Provider
1279 *
1280 * @since 1.5
1281 */
1282 public synchronized Set<Service> getServices() {
1283 checkInitialized();
1284 if (legacyChanged || servicesChanged) {
1285 serviceSet = null;
1286 }
1287 if (serviceSet == null) {
1288 ensureLegacyParsed();
1289 Set<Service> set = new LinkedHashSet<>();
1290 if (serviceMap != null) {
1291 set.addAll(serviceMap.values());
1292 }
1293 if (legacyMap != null) {
1294 set.addAll(legacyMap.values());
1295 }
1296 serviceSet = Collections.unmodifiableSet(set);
1297 servicesChanged = false;
1298 }
1299 return serviceSet;
1300 }
1301
1302 /**
1303 * Add a service. If a service of the same type with the same algorithm
1304 * name exists and it was added using {@link #putService putService()},
1305 * it is replaced by the new service.
1306 * This method also places information about this service
1307 * in the provider's Hashtable values in the format described in the
1308 * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html">
1309 * Java Cryptography Architecture API Specification & Reference </a>.
1310 *
1311 * <p>Also, if there is a security manager, its
1312 * {@code checkSecurityAccess} method is called with the string
1313 * {@code "putProviderProperty."+name}, where {@code name} is
1314 * the provider name, to see if it's ok to set this provider's property
1315 * values. If the default implementation of {@code checkSecurityAccess}
1316 * is used (that is, that method is not overriden), then this results in
1317 * a call to the security manager's {@code checkPermission} method with
1318 * a {@code SecurityPermission("putProviderProperty."+name)}
1319 * permission.
1320 *
1321 * @param s the Service to add
1322 *
1323 * @throws SecurityException
1324 * if a security manager exists and its {@link
1325 * java.lang.SecurityManager#checkSecurityAccess} method denies
1326 * access to set property values.
1327 * @throws NullPointerException if s is null
1328 *
1329 * @since 1.5
1330 */
1331 protected synchronized void putService(Service s) {
1332 check("putProviderProperty." + name);
1333 if (debug != null) {
1334 debug.println(name + ".putService(): " + s);
1335 }
1336 if (s == null) {
1337 throw new NullPointerException();
1338 }
1339 if (s.getProvider() != this) {
1340 throw new IllegalArgumentException
1341 ("service.getProvider() must match this Provider object");
1342 }
1343 if (serviceMap == null) {
1344 serviceMap = new LinkedHashMap<>();
1345 }
1346 servicesChanged = true;
1347 String type = s.getType();
1348 String algorithm = s.getAlgorithm();
1349 ServiceKey key = new ServiceKey(type, algorithm, true);
1350 // remove existing service
1351 implRemoveService(serviceMap.get(key));
1352 serviceMap.put(key, s);
1353 for (String alias : s.getAliases()) {
1354 serviceMap.put(new ServiceKey(type, alias, true), s);
1355 }
1356 putPropertyStrings(s);
1357 }
1358
1359 /**
1360 * Put the string properties for this Service in this Provider's
1361 * Hashtable.
1362 */
1363 private void putPropertyStrings(Service s) {
1364 String type = s.getType();
1365 String algorithm = s.getAlgorithm();
1366 // use super() to avoid permission check and other processing
1367 super.put(type + "." + algorithm, s.getClassName());
1368 for (String alias : s.getAliases()) {
1369 super.put(ALIAS_PREFIX + type + "." + alias, algorithm);
1370 }
1371 for (Map.Entry<UString,String> entry : s.attributes.entrySet()) {
1372 String key = type + "." + algorithm + " " + entry.getKey();
1373 super.put(key, entry.getValue());
1374 }
1375 }
1376
1377 /**
1378 * Remove the string properties for this Service from this Provider's
1379 * Hashtable.
1380 */
1381 private void removePropertyStrings(Service s) {
1382 String type = s.getType();
1383 String algorithm = s.getAlgorithm();
1384 // use super() to avoid permission check and other processing
1385 super.remove(type + "." + algorithm);
1386 for (String alias : s.getAliases()) {
1387 super.remove(ALIAS_PREFIX + type + "." + alias);
1388 }
1389 for (Map.Entry<UString,String> entry : s.attributes.entrySet()) {
1390 String key = type + "." + algorithm + " " + entry.getKey();
1391 super.remove(key);
1392 }
1393 }
1394
1395 /**
1396 * Remove a service previously added using
1397 * {@link #putService putService()}. The specified service is removed from
1398 * this provider. It will no longer be returned by
1399 * {@link #getService getService()} and its information will be removed
1400 * from this provider's Hashtable.
1401 *
1402 * <p>Also, if there is a security manager, its
1403 * {@code checkSecurityAccess} method is called with the string
1404 * {@code "removeProviderProperty."+name}, where {@code name} is
1405 * the provider name, to see if it's ok to remove this provider's
1406 * properties. If the default implementation of
1407 * {@code checkSecurityAccess} is used (that is, that method is not
1408 * overriden), then this results in a call to the security manager's
1409 * {@code checkPermission} method with a
1410 * {@code SecurityPermission("removeProviderProperty."+name)}
1411 * permission.
1412 *
1413 * @param s the Service to be removed
1414 *
1415 * @throws SecurityException
1416 * if a security manager exists and its {@link
1417 * java.lang.SecurityManager#checkSecurityAccess} method denies
1418 * access to remove this provider's properties.
1419 * @throws NullPointerException if s is null
1420 *
1421 * @since 1.5
1422 */
1423 protected synchronized void removeService(Service s) {
1424 check("removeProviderProperty." + name);
1425 if (debug != null) {
1426 debug.println(name + ".removeService(): " + s);
1427 }
1428 if (s == null) {
1429 throw new NullPointerException();
1430 }
1431 implRemoveService(s);
1432 }
1433
1434 private void implRemoveService(Service s) {
1435 if ((s == null) || (serviceMap == null)) {
1436 return;
1437 }
1438 String type = s.getType();
1439 String algorithm = s.getAlgorithm();
1440 ServiceKey key = new ServiceKey(type, algorithm, false);
1441 Service oldService = serviceMap.get(key);
1442 if (s != oldService) {
1443 return;
1444 }
1445 servicesChanged = true;
1446 serviceMap.remove(key);
1447 for (String alias : s.getAliases()) {
1448 serviceMap.remove(new ServiceKey(type, alias, false));
1449 }
1450 removePropertyStrings(s);
1451 }
1452
1453 // Wrapped String that behaves in a case insensitive way for equals/hashCode
1454 private static class UString {
1455 final String string;
1456 final String lowerString;
1457
1458 UString(String s) {
1459 this.string = s;
1460 this.lowerString = s.toLowerCase(ENGLISH);
1461 }
1462
1463 public int hashCode() {
1464 return lowerString.hashCode();
1465 }
1466
1467 public boolean equals(Object obj) {
1468 if (this == obj) {
1469 return true;
1470 }
1471 if (obj instanceof UString == false) {
1472 return false;
1473 }
1474 UString other = (UString)obj;
1475 return lowerString.equals(other.lowerString);
1476 }
1477
1478 public String toString() {
1479 return string;
1480 }
1481 }
1482
1483 // describe relevant properties of a type of engine
1484 private static class EngineDescription {
1485 final String name;
1486 final boolean supportsParameter;
1487 final String constructorParameterClassName;
1488 private volatile Class<?> constructorParameterClass;
1489
1490 EngineDescription(String name, boolean sp, String paramName) {
1491 this.name = name;
1492 this.supportsParameter = sp;
1493 this.constructorParameterClassName = paramName;
1494 }
1495 Class<?> getConstructorParameterClass() throws ClassNotFoundException {
1496 Class<?> clazz = constructorParameterClass;
1497 if (clazz == null) {
1498 clazz = Class.forName(constructorParameterClassName);
1499 constructorParameterClass = clazz;
1500 }
1501 return clazz;
1502 }
1503 }
1504
1505 // built in knowledge of the engine types shipped as part of the JDK
1506 private static final Map<String,EngineDescription> knownEngines;
1507
1508 private static void addEngine(String name, boolean sp, String paramName) {
1509 EngineDescription ed = new EngineDescription(name, sp, paramName);
1510 // also index by canonical name to avoid toLowerCase() for some lookups
1511 knownEngines.put(name.toLowerCase(ENGLISH), ed);
1512 knownEngines.put(name, ed);
1513 }
1514
1515 static {
1516 knownEngines = new HashMap<>();
1517 // JCA
1518 addEngine("AlgorithmParameterGenerator", false, null);
1519 addEngine("AlgorithmParameters", false, null);
1520 addEngine("KeyFactory", false, null);
1521 addEngine("KeyPairGenerator", false, null);
1522 addEngine("KeyStore", false, null);
1523 addEngine("MessageDigest", false, null);
1524 addEngine("SecureRandom", false,
1525 "java.security.SecureRandomParameters");
1526 addEngine("Signature", true, null);
1527 addEngine("CertificateFactory", false, null);
1528 addEngine("CertPathBuilder", false, null);
1529 addEngine("CertPathValidator", false, null);
1530 addEngine("CertStore", false,
1531 "java.security.cert.CertStoreParameters");
1532 // JCE
1533 addEngine("Cipher", true, null);
1534 addEngine("ExemptionMechanism", false, null);
1535 addEngine("Mac", true, null);
1536 addEngine("KeyAgreement", true, null);
1537 addEngine("KeyGenerator", false, null);
1538 addEngine("SecretKeyFactory", false, null);
1539 // JSSE
1540 addEngine("KeyManagerFactory", false, null);
1541 addEngine("SSLContext", false, null);
1542 addEngine("TrustManagerFactory", false, null);
1543 // JGSS
1544 addEngine("GssApiMechanism", false, null);
1545 // SASL
1546 addEngine("SaslClientFactory", false, null);
1547 addEngine("SaslServerFactory", false, null);
1548 // POLICY
1549 addEngine("Policy", false,
1550 "java.security.Policy$Parameters");
1551 // CONFIGURATION
1552 addEngine("Configuration", false,
1553 "javax.security.auth.login.Configuration$Parameters");
1554 // XML DSig
1555 addEngine("XMLSignatureFactory", false, null);
1556 addEngine("KeyInfoFactory", false, null);
1557 addEngine("TransformService", false, null);
1558 // Smart Card I/O
1559 addEngine("TerminalFactory", false,
1560 "java.lang.Object");
1561 }
1562
1563 // get the "standard" (mixed-case) engine name for arbitary case engine name
1564 // if there is no known engine by that name, return s
1565 private static String getEngineName(String s) {
1566 // try original case first, usually correct
1567 EngineDescription e = knownEngines.get(s);
1568 if (e == null) {
1569 e = knownEngines.get(s.toLowerCase(ENGLISH));
1570 }
1571 return (e == null) ? s : e.name;
1572 }
1573
1574 /**
1575 * The description of a security service. It encapsulates the properties
1576 * of a service and contains a factory method to obtain new implementation
1577 * instances of this service.
1578 *
1579 * <p>Each service has a provider that offers the service, a type,
1580 * an algorithm name, and the name of the class that implements the
1581 * service. Optionally, it also includes a list of alternate algorithm
1582 * names for this service (aliases) and attributes, which are a map of
1583 * (name, value) String pairs.
1584 *
1585 * <p>This class defines the methods {@link #supportsParameter
1586 * supportsParameter()} and {@link #newInstance newInstance()}
1587 * which are used by the Java security framework when it searches for
1588 * suitable services and instantiates them. The valid arguments to those
1589 * methods depend on the type of service. For the service types defined
1590 * within Java SE, see the
1591 * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html">
1592 * Java Cryptography Architecture API Specification & Reference </a>
1593 * for the valid values.
1594 * Note that components outside of Java SE can define additional types of
1595 * services and their behavior.
1596 *
1597 * <p>Instances of this class are immutable.
1598 *
1599 * @since 1.5
1600 */
1601 public static class Service {
1602
1603 private String type, algorithm, className;
1604 private final Provider provider;
1605 private List<String> aliases;
1606 private Map<UString,String> attributes;
1607
1608 // Reference to the cached implementation Class object
1609 private volatile Reference<Class<?>> classRef;
1610
1611 // flag indicating whether this service has its attributes for
1612 // supportedKeyFormats or supportedKeyClasses set
1613 // if null, the values have not been initialized
1614 // if TRUE, at least one of supportedFormats/Classes is non null
1615 private volatile Boolean hasKeyAttributes;
1616
1617 // supported encoding formats
1618 private String[] supportedFormats;
1619
1620 // names of the supported key (super) classes
1621 private Class<?>[] supportedClasses;
1622
1623 // whether this service has been registered with the Provider
1624 private boolean registered;
1625
1626 private static final Class<?>[] CLASS0 = new Class<?>[0];
1627
1628 // this constructor and these methods are used for parsing
1629 // the legacy string properties.
1630
1631 private Service(Provider provider) {
1632 this.provider = provider;
1633 aliases = Collections.<String>emptyList();
1634 attributes = Collections.<UString,String>emptyMap();
1635 }
1636
1637 private boolean isValid() {
1638 return (type != null) && (algorithm != null) && (className != null);
1639 }
1640
1641 private void addAlias(String alias) {
1642 if (aliases.isEmpty()) {
1643 aliases = new ArrayList<>(2);
1644 }
1645 aliases.add(alias);
1646 }
1647
1648 void addAttribute(String type, String value) {
1649 if (attributes.isEmpty()) {
1650 attributes = new HashMap<>(8);
1651 }
1652 attributes.put(new UString(type), value);
1653 }
1654
1655 /**
1656 * Construct a new service.
1657 *
1658 * @param provider the provider that offers this service
1659 * @param type the type of this service
1660 * @param algorithm the algorithm name
1661 * @param className the name of the class implementing this service
1662 * @param aliases List of aliases or null if algorithm has no aliases
1663 * @param attributes Map of attributes or null if this implementation
1664 * has no attributes
1665 *
1666 * @throws NullPointerException if provider, type, algorithm, or
1667 * className is null
1668 */
1669 public Service(Provider provider, String type, String algorithm,
1670 String className, List<String> aliases,
1671 Map<String,String> attributes) {
1672 if ((provider == null) || (type == null) ||
1673 (algorithm == null) || (className == null)) {
1674 throw new NullPointerException();
1675 }
1676 this.provider = provider;
1677 this.type = getEngineName(type);
1678 this.algorithm = algorithm;
1679 this.className = className;
1680 if (aliases == null) {
1681 this.aliases = Collections.<String>emptyList();
1682 } else {
1683 this.aliases = new ArrayList<>(aliases);
1684 }
1685 if (attributes == null) {
1686 this.attributes = Collections.<UString,String>emptyMap();
1687 } else {
1688 this.attributes = new HashMap<>();
1689 for (Map.Entry<String,String> entry : attributes.entrySet()) {
1690 this.attributes.put(new UString(entry.getKey()), entry.getValue());
1691 }
1692 }
1693 }
1694
1695 /**
1696 * Get the type of this service. For example, {@code MessageDigest}.
1697 *
1698 * @return the type of this service
1699 */
1700 public final String getType() {
1701 return type;
1702 }
1703
1704 /**
1705 * Return the name of the algorithm of this service. For example,
1706 * {@code SHA-1}.
1707 *
1708 * @return the algorithm of this service
1709 */
1710 public final String getAlgorithm() {
1711 return algorithm;
1712 }
1713
1714 /**
1715 * Return the Provider of this service.
1716 *
1717 * @return the Provider of this service
1718 */
1719 public final Provider getProvider() {
1720 return provider;
1721 }
1722
1723 /**
1724 * Return the name of the class implementing this service.
1725 *
1726 * @return the name of the class implementing this service
1727 */
1728 public final String getClassName() {
1729 return className;
1730 }
1731
1732 // internal only
1733 private final List<String> getAliases() {
1734 return aliases;
1735 }
1736
1737 /**
1738 * Return the value of the specified attribute or null if this
1739 * attribute is not set for this Service.
1740 *
1741 * @param name the name of the requested attribute
1742 *
1743 * @return the value of the specified attribute or null if the
1744 * attribute is not present
1745 *
1746 * @throws NullPointerException if name is null
1747 */
1748 public final String getAttribute(String name) {
1749 if (name == null) {
1750 throw new NullPointerException();
1751 }
1752 return attributes.get(new UString(name));
1753 }
1754
1755 /**
1756 * Return a new instance of the implementation described by this
1757 * service. The security provider framework uses this method to
1758 * construct implementations. Applications will typically not need
1759 * to call it.
1760 *
1761 * <p>The default implementation uses reflection to invoke the
1762 * standard constructor for this type of service.
1763 * Security providers can override this method to implement
1764 * instantiation in a different way.
1765 * For details and the values of constructorParameter that are
1766 * valid for the various types of services see the
1767 * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html">
1768 * Java Cryptography Architecture API Specification &
1769 * Reference</a>.
1770 *
1771 * @param constructorParameter the value to pass to the constructor,
1772 * or null if this type of service does not use a constructorParameter.
1773 *
1774 * @return a new implementation of this service
1775 *
1776 * @throws InvalidParameterException if the value of
1777 * constructorParameter is invalid for this type of service.
1778 * @throws NoSuchAlgorithmException if instantiation failed for
1779 * any other reason.
1780 */
1781 public Object newInstance(Object constructorParameter)
1782 throws NoSuchAlgorithmException {
1783 if (registered == false) {
1784 if (provider.getService(type, algorithm) != this) {
1785 throw new NoSuchAlgorithmException
1786 ("Service not registered with Provider "
1787 + provider.getName() + ": " + this);
1788 }
1789 registered = true;
1790 }
1791 Class<?> ctrParamClz;
1792 try {
1793 EngineDescription cap = knownEngines.get(type);
1794 if (cap == null) {
1795 // unknown engine type, use generic code
1796 // this is the code path future for non-core
1797 // optional packages
1798 ctrParamClz = constructorParameter == null?
1799 null : constructorParameter.getClass();
1800 } else {
1801 ctrParamClz = cap.constructorParameterClassName == null?
1802 null : Class.forName(cap.constructorParameterClassName);
1803 if (constructorParameter != null) {
1804 if (ctrParamClz == null) {
1805 throw new InvalidParameterException
1806 ("constructorParameter not used with " + type
1807 + " engines");
1808 } else {
1809 Class<?> argClass = constructorParameter.getClass();
1810 if (ctrParamClz.isAssignableFrom(argClass) == false) {
1811 throw new InvalidParameterException
1812 ("constructorParameter must be instanceof "
1813 + cap.constructorParameterClassName.replace('$', '.')
1814 + " for engine type " + type);
1815 }
1816 }
1817 }
1818 }
1819 // constructorParameter can be null if not provided
1820 return newInstanceUtil(getImplClass(), ctrParamClz, constructorParameter);
1821 } catch (NoSuchAlgorithmException e) {
1822 throw e;
1823 } catch (InvocationTargetException e) {
1824 throw new NoSuchAlgorithmException
1825 ("Error constructing implementation (algorithm: "
1826 + algorithm + ", provider: " + provider.getName()
1827 + ", class: " + className + ")", e.getCause());
1828 } catch (Exception e) {
1829 throw new NoSuchAlgorithmException
1830 ("Error constructing implementation (algorithm: "
1831 + algorithm + ", provider: " + provider.getName()
1832 + ", class: " + className + ")", e);
1833 }
1834 }
1835
1836 // return the implementation Class object for this service
1837 private Class<?> getImplClass() throws NoSuchAlgorithmException {
1838 try {
1839 Reference<Class<?>> ref = classRef;
1840 Class<?> clazz = (ref == null) ? null : ref.get();
1841 if (clazz == null) {
1842 ClassLoader cl = provider.getClass().getClassLoader();
1843 if (cl == null) {
1844 clazz = Class.forName(className);
1845 } else {
1846 clazz = cl.loadClass(className);
1847 }
1848 if (!Modifier.isPublic(clazz.getModifiers())) {
1849 throw new NoSuchAlgorithmException
1850 ("class configured for " + type + " (provider: " +
1851 provider.getName() + ") is not public.");
1852 }
1853 classRef = new WeakReference<>(clazz);
1854 }
1855 return clazz;
1856 } catch (ClassNotFoundException e) {
1857 throw new NoSuchAlgorithmException
1858 ("class configured for " + type + " (provider: " +
1859 provider.getName() + ") cannot be found.", e);
1860 }
1861 }
1862
1863 /**
1864 * Test whether this Service can use the specified parameter.
1865 * Returns false if this service cannot use the parameter. Returns
1866 * true if this service can use the parameter, if a fast test is
1867 * infeasible, or if the status is unknown.
1868 *
1869 * <p>The security provider framework uses this method with
1870 * some types of services to quickly exclude non-matching
1871 * implementations for consideration.
1872 * Applications will typically not need to call it.
1873 *
1874 * <p>For details and the values of parameter that are valid for the
1875 * various types of services see the top of this class and the
1876 * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html">
1877 * Java Cryptography Architecture API Specification &
1878 * Reference</a>.
1879 * Security providers can override it to implement their own test.
1880 *
1881 * @param parameter the parameter to test
1882 *
1883 * @return false if this service cannot use the specified
1884 * parameter; true if it can possibly use the parameter
1885 *
1886 * @throws InvalidParameterException if the value of parameter is
1887 * invalid for this type of service or if this method cannot be
1888 * used with this type of service
1889 */
1890 public boolean supportsParameter(Object parameter) {
1891 EngineDescription cap = knownEngines.get(type);
1892 if (cap == null) {
1893 // unknown engine type, return true by default
1894 return true;
1895 }
1896 if (cap.supportsParameter == false) {
1897 throw new InvalidParameterException("supportsParameter() not "
1898 + "used with " + type + " engines");
1899 }
1900 // allow null for keys without attributes for compatibility
1901 if ((parameter != null) && (parameter instanceof Key == false)) {
1902 throw new InvalidParameterException
1903 ("Parameter must be instanceof Key for engine " + type);
1904 }
1905 if (hasKeyAttributes() == false) {
1906 return true;
1907 }
1908 if (parameter == null) {
1909 return false;
1910 }
1911 Key key = (Key)parameter;
1912 if (supportsKeyFormat(key)) {
1913 return true;
1914 }
1915 if (supportsKeyClass(key)) {
1916 return true;
1917 }
1918 return false;
1919 }
1920
1921 /**
1922 * Return whether this service has its supported properties for
1923 * keys defined. Parses the attributes if not yet initialized.
1924 */
1925 private boolean hasKeyAttributes() {
1926 Boolean b = hasKeyAttributes;
1927 if (b == null) {
1928 synchronized (this) {
1929 String s;
1930 s = getAttribute("SupportedKeyFormats");
1931 if (s != null) {
1932 supportedFormats = s.split("\\|");
1933 }
1934 s = getAttribute("SupportedKeyClasses");
1935 if (s != null) {
1936 String[] classNames = s.split("\\|");
1937 List<Class<?>> classList =
1938 new ArrayList<>(classNames.length);
1939 for (String className : classNames) {
1940 Class<?> clazz = getKeyClass(className);
1941 if (clazz != null) {
1942 classList.add(clazz);
1943 }
1944 }
1945 supportedClasses = classList.toArray(CLASS0);
1946 }
1947 boolean bool = (supportedFormats != null)
1948 || (supportedClasses != null);
1949 b = Boolean.valueOf(bool);
1950 hasKeyAttributes = b;
1951 }
1952 }
1953 return b.booleanValue();
1954 }
1955
1956 // get the key class object of the specified name
1957 private Class<?> getKeyClass(String name) {
1958 try {
1959 return Class.forName(name);
1960 } catch (ClassNotFoundException e) {
1961 // ignore
1962 }
1963 try {
1964 ClassLoader cl = provider.getClass().getClassLoader();
1965 if (cl != null) {
1966 return cl.loadClass(name);
1967 }
1968 } catch (ClassNotFoundException e) {
1969 // ignore
1970 }
1971 return null;
1972 }
1973
1974 private boolean supportsKeyFormat(Key key) {
1975 if (supportedFormats == null) {
1976 return false;
1977 }
1978 String format = key.getFormat();
1979 if (format == null) {
1980 return false;
1981 }
1982 for (String supportedFormat : supportedFormats) {
1983 if (supportedFormat.equals(format)) {
1984 return true;
1985 }
1986 }
1987 return false;
1988 }
1989
1990 private boolean supportsKeyClass(Key key) {
1991 if (supportedClasses == null) {
1992 return false;
1993 }
1994 Class<?> keyClass = key.getClass();
1995 for (Class<?> clazz : supportedClasses) {
1996 if (clazz.isAssignableFrom(keyClass)) {
1997 return true;
1998 }
1999 }
2000 return false;
2001 }
2002
2003 /**
2004 * Return a String representation of this service.
2005 *
2006 * @return a String representation of this service.
2007 */
2008 public String toString() {
2009 String aString = aliases.isEmpty()
2010 ? "" : "\r\n aliases: " + aliases.toString();
2011 String attrs = attributes.isEmpty()
2012 ? "" : "\r\n attributes: " + attributes.toString();
2013 return provider.getName() + ": " + type + "." + algorithm
2014 + " -> " + className + aString + attrs + "\r\n";
2015 }
2016 }
2017 }