--- old/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/SunMSCAPI.java Fri May 22 02:35:00 2015 +++ new/src/jdk.crypto.mscapi/windows/classes/sun/security/mscapi/SunMSCAPI.java Fri May 22 02:34:59 2015 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2005, 2015, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -28,8 +28,11 @@ import java.security.AccessController; import java.security.PrivilegedAction; import java.security.Provider; +import java.security.NoSuchAlgorithmException; +import java.security.InvalidParameterException; +import java.security.ProviderException; import java.util.HashMap; -import java.util.Map; +import java.util.Arrays; /** * A Cryptographic Service Provider for the Microsoft Crypto API. @@ -52,97 +55,155 @@ }); } - public SunMSCAPI() { - super("SunMSCAPI", 1.9d, INFO); + private static final class ProviderService extends Provider.Service { + ProviderService(Provider p, String type, String algo, String cn) { + super(p, type, algo, cn, null, null); + } - // if there is no security manager installed, put directly into - // the provider. Otherwise, create a temporary map and use a - // doPrivileged() call at the end to transfer the contents - final Map map = - (System.getSecurityManager() == null) - ? this : new HashMap(); + ProviderService(Provider p, String type, String algo, String cn, + String[] aliases, HashMap attrs) { + super(p, type, algo, cn, + (aliases == null? null : Arrays.asList(aliases)), attrs); + } - /* - * Secure random - */ - map.put("SecureRandom.Windows-PRNG", "sun.security.mscapi.PRNG"); + @Override + public Object newInstance(Object ctrParamObj) + throws NoSuchAlgorithmException { + String type = getType(); + if (ctrParamObj != null) { + throw new InvalidParameterException + ("constructorParameter not used with " + type + + " engines"); + } + String algo = getAlgorithm(); + try { + if (type.equals("SecureRandom")) { + if (algo.equals("Windows-PRNG")) { + return new PRNG(); + } + } else if (type.equals("KeyStore")) { + if (algo.equals("Windows-MY")) { + return new KeyStore.MY(); + } else if (algo.equals("Windows-ROOT")) { + return new KeyStore.ROOT(); + } + } else if (type.equals("Signature")) { + if (algo.equals("NONEwithRSA")) { + return new RSASignature.Raw(); + } else if (algo.equals("SHA1withRSA")) { + return new RSASignature.SHA1(); + } else if (algo.equals("SHA1withRSA")) { + return new RSASignature.SHA1(); + } else if (algo.equals("SHA256withRSA")) { + return new RSASignature.SHA256(); + } else if (algo.equals("SHA384withRSA")) { + return new RSASignature.SHA384(); + } else if (algo.equals("SHA512withRSA")) { + return new RSASignature.SHA512(); + } else if (algo.equals("MD5withRSA")) { + return new RSASignature.MD5(); + } else if (algo.equals("MD2withRSA")) { + return new RSASignature.MD2(); + } + } else if (type.equals("KeyPairGenerator")) { + if (algo.equals("RSA")) { + return new RSAKeyPairGenerator(); + } + } else if (type.equals("Cipher")) { + if (algo.equals("RSA") || + algo.equals("RSA/ECB/PKCS1Padding")) { + return new RSACipher(); + } + } + } catch (Exception ex) { + throw new NoSuchAlgorithmException + ("Error constructing " + type + " for " + + algo + " using SunJGSS", ex); + } + throw new ProviderException("No impl for " + algo + + " " + type); + } + } - /* - * Key store - */ - map.put("KeyStore.Windows-MY", "sun.security.mscapi.KeyStore$MY"); - map.put("KeyStore.Windows-ROOT", "sun.security.mscapi.KeyStore$ROOT"); + public SunMSCAPI() { + super("SunMSCAPI", 1.9d, INFO); - /* - * Signature engines - */ - // NONEwithRSA must be supplied with a pre-computed message digest. - // Only the following digest algorithms are supported: MD5, SHA-1, - // SHA-256, SHA-384, SHA-512 and a special-purpose digest - // algorithm which is a concatenation of SHA-1 and MD5 digests. - map.put("Signature.NONEwithRSA", - "sun.security.mscapi.RSASignature$Raw"); - map.put("Signature.SHA1withRSA", - "sun.security.mscapi.RSASignature$SHA1"); - map.put("Signature.SHA256withRSA", - "sun.security.mscapi.RSASignature$SHA256"); - map.put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA"); - map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA"); - map.put("Signature.SHA384withRSA", - "sun.security.mscapi.RSASignature$SHA384"); - map.put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA"); - map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA"); + final Provider p = this; + AccessController.doPrivileged(new PrivilegedAction() { + public Void run() { + /* + * Secure random + */ + putService(new ProviderService(p, "SecureRandom", + "Windows-PRNG", "sun.security.mscapi.PRNG")); - map.put("Signature.SHA512withRSA", - "sun.security.mscapi.RSASignature$SHA512"); - map.put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA"); - map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA"); + /* + * Key store + */ + putService(new ProviderService(p, "KeyStore", + "Windows-MY", "sun.security.mscapi.KeyStore$MY")); + putService(new ProviderService(p, "KeyStore", + "Windows-ROOT", "sun.security.mscapi.KeyStore$ROOT")); - map.put("Signature.MD5withRSA", - "sun.security.mscapi.RSASignature$MD5"); - map.put("Signature.MD2withRSA", - "sun.security.mscapi.RSASignature$MD2"); + /* + * Signature engines + */ + HashMap attrs = new HashMap<>(1); + attrs.put("SupportedKeyClasses", "sun.security.mscapi.Key"); - // supported key classes - map.put("Signature.NONEwithRSA SupportedKeyClasses", - "sun.security.mscapi.Key"); - map.put("Signature.SHA1withRSA SupportedKeyClasses", - "sun.security.mscapi.Key"); - map.put("Signature.SHA256withRSA SupportedKeyClasses", - "sun.security.mscapi.Key"); - map.put("Signature.SHA384withRSA SupportedKeyClasses", - "sun.security.mscapi.Key"); - map.put("Signature.SHA512withRSA SupportedKeyClasses", - "sun.security.mscapi.Key"); - map.put("Signature.MD5withRSA SupportedKeyClasses", - "sun.security.mscapi.Key"); - map.put("Signature.MD2withRSA SupportedKeyClasses", - "sun.security.mscapi.Key"); + // NONEwithRSA must be supplied with a pre-computed message digest. + // Only the following digest algorithms are supported: MD5, SHA-1, + // SHA-256, SHA-384, SHA-512 and a special-purpose digest + // algorithm which is a concatenation of SHA-1 and MD5 digests. + putService(new ProviderService(p, "Signature", + "NONEwithRSA", "sun.security.mscapi.RSASignature$Raw", + null, attrs)); + putService(new ProviderService(p, "Signature", + "SHA1withRSA", "sun.security.mscapi.RSASignature$SHA1", + null, attrs)); + putService(new ProviderService(p, "Signature", + "SHA256withRSA", "sun.security.mscapi.RSASignature$SHA256", + new String[] { "1.2.840.113549.1.1.11", "OID.1.2.840.113549.1.1.11" }, + attrs)); + putService(new ProviderService(p, "Signature", + "SHA384withRSA", "sun.security.mscapi.RSASignature$SHA384", + new String[] { "1.2.840.113549.1.1.12", "OID.1.2.840.113549.1.1.12" }, + attrs)); + putService(new ProviderService(p, "Signature", + "SHA512withRSA", "sun.security.mscapi.RSASignature$SHA512", + new String[] { "1.2.840.113549.1.1.13", "OID.1.2.840.113549.1.1.13" }, + attrs)); + putService(new ProviderService(p, "Signature", + "MD5withRSA", "sun.security.mscapi.RSASignature$MD5", + null, attrs)); + putService(new ProviderService(p, "Signature", + "MD2withRSA", "sun.security.mscapi.RSASignature$MD2", + null, attrs)); - /* - * Key Pair Generator engines - */ - map.put("KeyPairGenerator.RSA", - "sun.security.mscapi.RSAKeyPairGenerator"); - map.put("KeyPairGenerator.RSA KeySize", "1024"); + /* + * Key Pair Generator engines + */ + attrs.clear(); + attrs.put("KeySize", "1024"); + putService(new ProviderService(p, "KeyPairGenerator", + "RSA", "sun.security.mscapi.RSAKeyPairGenerator", + null, attrs)); - /* - * Cipher engines - */ - map.put("Cipher.RSA", "sun.security.mscapi.RSACipher"); - map.put("Cipher.RSA/ECB/PKCS1Padding", - "sun.security.mscapi.RSACipher"); - map.put("Cipher.RSA SupportedModes", "ECB"); - map.put("Cipher.RSA SupportedPaddings", "PKCS1PADDING"); - map.put("Cipher.RSA SupportedKeyClasses", "sun.security.mscapi.Key"); - - if (map != this) { - final Provider provider = this; - PrivilegedAction putAllAction = () -> { - provider.putAll(map); + /* + * Cipher engines + */ + attrs.clear(); + attrs.put("SupportedModes", "ECB"); + attrs.put("SupportedPaddings", "PKCS1PADDING"); + attrs.put("SupportedKeyClasses", "sun.security.mscapi.Key"); + putService(new ProviderService(p, "Cipher", + "RSA", "sun.security.mscapi.RSACipher", + null, attrs)); + putService(new ProviderService(p, "Cipher", + "RSA/ECB/PKCS1Padding", "sun.security.mscapi.RSACipher", + null, attrs)); return null; - }; - AccessController.doPrivileged(putAllAction); - } + } + }); } }