1 /* 2 * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.security; 27 28 import java.io.*; 29 import java.util.*; 30 import static java.util.Locale.ENGLISH; 31 import java.lang.ref.*; 32 import java.lang.reflect.*; 33 import java.util.function.BiConsumer; 34 import java.util.function.BiFunction; 35 import java.util.function.Function; 36 37 /** 38 * This class represents a "provider" for the 39 * Java Security API, where a provider implements some or all parts of 40 * Java Security. Services that a provider may implement include: 41 * 42 * <ul> 43 * 44 * <li>Algorithms (such as DSA, RSA, or SHA-256). 45 * 46 * <li>Key generation, conversion, and management facilities (such as for 47 * algorithm-specific keys). 48 * 49 * </ul> 50 * 51 * <p>Some provider implementations may encounter unrecoverable internal 52 * errors during their operation, for example a failure to communicate with a 53 * security token. A {@link ProviderException} should be used to indicate 54 * such errors. 55 * 56 * <p>Please note that a provider can be used to implement any security 57 * service in Java that uses a pluggable architecture with a choice 58 * of implementations that fit underneath. 59 * 60 * <p>The service type {@code Provider} is reserved for use by the 61 * security framework. Services of this type cannot be added, removed, 62 * or modified by applications. 63 * The following attributes are automatically placed in each Provider object: 64 * <table cellspacing=4> 65 * <caption><b>Attributes Automatically Placed in a Provider Object</b></caption> 66 * <tr><th>Name</th><th>Value</th> 67 * <tr><td>{@code Provider.id name}</td> 68 * <td>{@code String.valueOf(provider.getName())}</td> 69 * <tr><td>{@code Provider.id version}</td> 70 * <td>{@code String.valueOf(provider.getVersion())}</td> 71 * <tr><td>{@code Provider.id info}</td> 72 <td>{@code String.valueOf(provider.getInfo())}</td> 73 * <tr><td>{@code Provider.id className}</td> 74 * <td>{@code provider.getClass().getName()}</td> 75 * </table> 76 * 77 * <p>Each provider has a name and a version number. A provider normally 78 * identifies itself with a file named {@code java.security.Provider} 79 * in the resource directory {@code META-INF/services}. 80 * Security providers are looked up via the {@link ServiceLoader} mechanism 81 * using the {@link ClassLoader#getSystemClassLoader application class loader}. 82 * 83 * <p>Providers may be configured such that they are automatically 84 * installed and made available at runtime via the 85 * {@link Security#getProviders() Security.getProviders()} method. 86 * The mechanism for configuring and installing security providers is 87 * implementation-specific. 88 * 89 * @implNote 90 * The JDK implementation supports static registration of the security 91 * providers via the {@code conf/security/java.security} file in the Java 92 * installation directory. These providers are automatically installed by 93 * the JDK runtime, see <a href = 94 * "../../../technotes/guides/security/crypto/CryptoSpec.html#Provider">The Provider Class</a> 95 * in the "Java Cryptography Architecture API Specification & Reference" 96 * for information about how a particular type of provider, the cryptographic 97 * service provider, works and is installed. 98 * 99 * @author Benjamin Renaud 100 * @author Andreas Sterbenz 101 */ 102 public abstract class Provider extends Properties { 103 104 // Declare serialVersionUID to be compatible with JDK1.1 105 static final long serialVersionUID = -4298000515446427739L; 106 107 private static final sun.security.util.Debug debug = 108 sun.security.util.Debug.getInstance 109 ("provider", "Provider"); 110 111 /** 112 * The provider name. 113 * 114 * @serial 115 */ 116 private String name; 117 118 /** 119 * A description of the provider and its services. 120 * 121 * @serial 122 */ 123 private String info; 124 125 /** 126 * The provider version number. 127 * 128 * @serial 129 */ 130 private double version; 131 132 133 private transient Set<Map.Entry<Object,Object>> entrySet = null; 134 private transient int entrySetCallCount = 0; 135 136 private transient boolean initialized; 137 138 private static Object newInstanceUtil(final Class<?> clazz, 139 final Class<?> ctrParamClz, final Object ctorParamObj) 140 throws Exception { 141 if (ctrParamClz == null) { 142 Constructor<?> con = clazz.getConstructor(); 143 return con.newInstance(); 144 } else { 145 Constructor<?> con = clazz.getConstructor(ctrParamClz); 146 return con.newInstance(ctorParamObj); 147 } 148 } 149 150 /** 151 * Constructs a provider with the specified name, version number, 152 * and information. 153 * 154 * @param name the provider name. 155 * 156 * @param version the provider version number. 157 * 158 * @param info a description of the provider and its services. 159 */ 160 protected Provider(String name, double version, String info) { 161 this.name = name; 162 this.version = version; 163 this.info = info; 164 putId(); 165 initialized = true; 166 } 167 168 /** 169 * Apply the supplied configuration argument to this provider instance 170 * and return the configured provider. Note that if this provider cannot 171 * be configured in-place, a new provider will be created and returned. 172 * Therefore, callers should always use the returned provider. 173 * 174 * @implSpec 175 * The default implementation throws {@code UnsupportedOperationException}. 176 * Subclasses should override this method only if a configuration argument 177 * is supported. 178 * 179 * @param configArg the configuration information for configuring this 180 * provider. 181 * 182 * @throws UnsupportedOperationException if a configuration argument is 183 * not supported. 184 * @throws NullPointerException if the supplied configuration argument is 185 null. 186 * @throws InvalidParameterException if the supplied configuration argument 187 * is invalid. 188 * @return a provider configured with the supplied configuration argument. 189 * 190 * @since 9 191 */ 192 public Provider configure(String configArg) { 193 throw new UnsupportedOperationException("configure is not supported"); 194 } 195 196 /** 197 * Check if this provider instance has been configured. 198 * 199 * @implSpec 200 * The default implementation returns true. 201 * Subclasses should override this method if the provider instance requires 202 * an explicit {@code configure} call after being constructed. 203 * 204 * @return true if no further configuration is needed, false otherwise. 205 * 206 * @since 9 207 */ 208 public boolean isConfigured() { 209 return true; 210 } 211 212 213 /** 214 * Returns the name of this provider. 215 * 216 * @return the name of this provider. 217 */ 218 public String getName() { 219 return name; 220 } 221 222 /** 223 * Returns the version number for this provider. 224 * 225 * @return the version number for this provider. 226 */ 227 public double getVersion() { 228 return version; 229 } 230 231 /** 232 * Returns a human-readable description of the provider and its 233 * services. This may return an HTML page, with relevant links. 234 * 235 * @return a description of the provider and its services. 236 */ 237 public String getInfo() { 238 return info; 239 } 240 241 /** 242 * Returns a string with the name and the version number 243 * of this provider. 244 * 245 * @return the string with the name and the version number 246 * for this provider. 247 */ 248 public String toString() { 249 return name + " version " + version; 250 } 251 252 /* 253 * override the following methods to ensure that provider 254 * information can only be changed if the caller has the appropriate 255 * permissions. 256 */ 257 258 /** 259 * Clears this provider so that it no longer contains the properties 260 * used to look up facilities implemented by the provider. 261 * 262 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 263 * method is called with the string {@code "clearProviderProperties."+name} 264 * (where {@code name} is the provider name) to see if it's ok to clear 265 * this provider. 266 * 267 * @throws SecurityException 268 * if a security manager exists and its {@link 269 * java.lang.SecurityManager#checkSecurityAccess} method 270 * denies access to clear this provider 271 * 272 * @since 1.2 273 */ 274 @Override 275 public synchronized void clear() { 276 check("clearProviderProperties."+name); 277 if (debug != null) { 278 debug.println("Remove " + name + " provider properties"); 279 } 280 implClear(); 281 } 282 283 /** 284 * Reads a property list (key and element pairs) from the input stream. 285 * 286 * @param inStream the input stream. 287 * @exception IOException if an error occurred when reading from the 288 * input stream. 289 * @see java.util.Properties#load 290 */ 291 @Override 292 public synchronized void load(InputStream inStream) throws IOException { 293 check("putProviderProperty."+name); 294 if (debug != null) { 295 debug.println("Load " + name + " provider properties"); 296 } 297 Properties tempProperties = new Properties(); 298 tempProperties.load(inStream); 299 implPutAll(tempProperties); 300 } 301 302 /** 303 * Copies all of the mappings from the specified Map to this provider. 304 * These mappings will replace any properties that this provider had 305 * for any of the keys currently in the specified Map. 306 * 307 * @since 1.2 308 */ 309 @Override 310 public synchronized void putAll(Map<?,?> t) { 311 check("putProviderProperty."+name); 312 if (debug != null) { 313 debug.println("Put all " + name + " provider properties"); 314 } 315 implPutAll(t); 316 } 317 318 /** 319 * Returns an unmodifiable Set view of the property entries contained 320 * in this Provider. 321 * 322 * @see java.util.Map.Entry 323 * @since 1.2 324 */ 325 @Override 326 public synchronized Set<Map.Entry<Object,Object>> entrySet() { 327 checkInitialized(); 328 if (entrySet == null) { 329 if (entrySetCallCount++ == 0) // Initial call 330 entrySet = Collections.unmodifiableMap(this).entrySet(); 331 else 332 return super.entrySet(); // Recursive call 333 } 334 335 // This exception will be thrown if the implementation of 336 // Collections.unmodifiableMap.entrySet() is changed such that it 337 // no longer calls entrySet() on the backing Map. (Provider's 338 // entrySet implementation depends on this "implementation detail", 339 // which is unlikely to change. 340 if (entrySetCallCount != 2) 341 throw new RuntimeException("Internal error."); 342 343 return entrySet; 344 } 345 346 /** 347 * Returns an unmodifiable Set view of the property keys contained in 348 * this provider. 349 * 350 * @since 1.2 351 */ 352 @Override 353 public Set<Object> keySet() { 354 checkInitialized(); 355 return Collections.unmodifiableSet(super.keySet()); 356 } 357 358 /** 359 * Returns an unmodifiable Collection view of the property values 360 * contained in this provider. 361 * 362 * @since 1.2 363 */ 364 @Override 365 public Collection<Object> values() { 366 checkInitialized(); 367 return Collections.unmodifiableCollection(super.values()); 368 } 369 370 /** 371 * Sets the {@code key} property to have the specified 372 * {@code value}. 373 * 374 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 375 * method is called with the string {@code "putProviderProperty."+name}, 376 * where {@code name} is the provider name, to see if it's ok to set this 377 * provider's property values. 378 * 379 * @throws SecurityException 380 * if a security manager exists and its {@link 381 * java.lang.SecurityManager#checkSecurityAccess} method 382 * denies access to set property values. 383 * 384 * @since 1.2 385 */ 386 @Override 387 public synchronized Object put(Object key, Object value) { 388 check("putProviderProperty."+name); 389 if (debug != null) { 390 debug.println("Set " + name + " provider property [" + 391 key + "/" + value +"]"); 392 } 393 return implPut(key, value); 394 } 395 396 /** 397 * If the specified key is not already associated with a value (or is mapped 398 * to {@code null}) associates it with the given value and returns 399 * {@code null}, else returns the current value. 400 * 401 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 402 * method is called with the string {@code "putProviderProperty."+name}, 403 * where {@code name} is the provider name, to see if it's ok to set this 404 * provider's property values. 405 * 406 * @throws SecurityException 407 * if a security manager exists and its {@link 408 * java.lang.SecurityManager#checkSecurityAccess} method 409 * denies access to set property values. 410 * 411 * @since 1.8 412 */ 413 @Override 414 public synchronized Object putIfAbsent(Object key, Object value) { 415 check("putProviderProperty."+name); 416 if (debug != null) { 417 debug.println("Set " + name + " provider property [" + 418 key + "/" + value +"]"); 419 } 420 return implPutIfAbsent(key, value); 421 } 422 423 /** 424 * Removes the {@code key} property (and its corresponding 425 * {@code value}). 426 * 427 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 428 * method is called with the string {@code "removeProviderProperty."+name}, 429 * where {@code name} is the provider name, to see if it's ok to remove this 430 * provider's properties. 431 * 432 * @throws SecurityException 433 * if a security manager exists and its {@link 434 * java.lang.SecurityManager#checkSecurityAccess} method 435 * denies access to remove this provider's properties. 436 * 437 * @since 1.2 438 */ 439 @Override 440 public synchronized Object remove(Object key) { 441 check("removeProviderProperty."+name); 442 if (debug != null) { 443 debug.println("Remove " + name + " provider property " + key); 444 } 445 return implRemove(key); 446 } 447 448 /** 449 * Removes the entry for the specified key only if it is currently 450 * mapped to the specified value. 451 * 452 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 453 * method is called with the string {@code "removeProviderProperty."+name}, 454 * where {@code name} is the provider name, to see if it's ok to remove this 455 * provider's properties. 456 * 457 * @throws SecurityException 458 * if a security manager exists and its {@link 459 * java.lang.SecurityManager#checkSecurityAccess} method 460 * denies access to remove this provider's properties. 461 * 462 * @since 1.8 463 */ 464 @Override 465 public synchronized boolean remove(Object key, Object value) { 466 check("removeProviderProperty."+name); 467 if (debug != null) { 468 debug.println("Remove " + name + " provider property " + key); 469 } 470 return implRemove(key, value); 471 } 472 473 /** 474 * Replaces the entry for the specified key only if currently 475 * mapped to the specified value. 476 * 477 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 478 * method is called with the string {@code "putProviderProperty."+name}, 479 * where {@code name} is the provider name, to see if it's ok to set this 480 * provider's property values. 481 * 482 * @throws SecurityException 483 * if a security manager exists and its {@link 484 * java.lang.SecurityManager#checkSecurityAccess} method 485 * denies access to set property values. 486 * 487 * @since 1.8 488 */ 489 @Override 490 public synchronized boolean replace(Object key, Object oldValue, 491 Object newValue) { 492 check("putProviderProperty." + name); 493 494 if (debug != null) { 495 debug.println("Replace " + name + " provider property " + key); 496 } 497 return implReplace(key, oldValue, newValue); 498 } 499 500 /** 501 * Replaces the entry for the specified key only if it is 502 * currently mapped to some value. 503 * 504 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 505 * method is called with the string {@code "putProviderProperty."+name}, 506 * where {@code name} is the provider name, to see if it's ok to set this 507 * provider's property values. 508 * 509 * @throws SecurityException 510 * if a security manager exists and its {@link 511 * java.lang.SecurityManager#checkSecurityAccess} method 512 * denies access to set property values. 513 * 514 * @since 1.8 515 */ 516 @Override 517 public synchronized Object replace(Object key, Object value) { 518 check("putProviderProperty." + name); 519 520 if (debug != null) { 521 debug.println("Replace " + name + " provider property " + key); 522 } 523 return implReplace(key, value); 524 } 525 526 /** 527 * Replaces each entry's value with the result of invoking the given 528 * function on that entry, in the order entries are returned by an entry 529 * set iterator, until all entries have been processed or the function 530 * throws an exception. 531 * 532 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 533 * method is called with the string {@code "putProviderProperty."+name}, 534 * where {@code name} is the provider name, to see if it's ok to set this 535 * provider's property values. 536 * 537 * @throws SecurityException 538 * if a security manager exists and its {@link 539 * java.lang.SecurityManager#checkSecurityAccess} method 540 * denies access to set property values. 541 * 542 * @since 1.8 543 */ 544 @Override 545 public synchronized void replaceAll(BiFunction<? super Object, ? super Object, ? extends Object> function) { 546 check("putProviderProperty." + name); 547 548 if (debug != null) { 549 debug.println("ReplaceAll " + name + " provider property "); 550 } 551 implReplaceAll(function); 552 } 553 554 /** 555 * Attempts to compute a mapping for the specified key and its 556 * current mapped value (or {@code null} if there is no current 557 * mapping). 558 * 559 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 560 * method is called with the strings {@code "putProviderProperty."+name} 561 * and {@code "removeProviderProperty."+name}, where {@code name} is the 562 * provider name, to see if it's ok to set this provider's property values 563 * and remove this provider's properties. 564 * 565 * @throws SecurityException 566 * if a security manager exists and its {@link 567 * java.lang.SecurityManager#checkSecurityAccess} method 568 * denies access to set property values or remove properties. 569 * 570 * @since 1.8 571 */ 572 @Override 573 public synchronized Object compute(Object key, 574 BiFunction<? super Object, ? super Object, ? extends Object> remappingFunction) { 575 check("putProviderProperty." + name); 576 check("removeProviderProperty" + name); 577 578 if (debug != null) { 579 debug.println("Compute " + name + " provider property " + key); 580 } 581 return implCompute(key, remappingFunction); 582 } 583 584 /** 585 * If the specified key is not already associated with a value (or 586 * is mapped to {@code null}), attempts to compute its value using 587 * the given mapping function and enters it into this map unless 588 * {@code null}. 589 * 590 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 591 * method is called with the strings {@code "putProviderProperty."+name} 592 * and {@code "removeProviderProperty."+name}, where {@code name} is the 593 * provider name, to see if it's ok to set this provider's property values 594 * and remove this provider's properties. 595 * 596 * @throws SecurityException 597 * if a security manager exists and its {@link 598 * java.lang.SecurityManager#checkSecurityAccess} method 599 * denies access to set property values and remove properties. 600 * 601 * @since 1.8 602 */ 603 @Override 604 public synchronized Object computeIfAbsent(Object key, Function<? super Object, ? extends Object> mappingFunction) { 605 check("putProviderProperty." + name); 606 check("removeProviderProperty" + name); 607 608 if (debug != null) { 609 debug.println("ComputeIfAbsent " + name + " provider property " + 610 key); 611 } 612 return implComputeIfAbsent(key, mappingFunction); 613 } 614 615 /** 616 * If the value for the specified key is present and non-null, attempts to 617 * compute a new mapping given the key and its current mapped value. 618 * 619 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 620 * method is called with the strings {@code "putProviderProperty."+name} 621 * and {@code "removeProviderProperty."+name}, where {@code name} is the 622 * provider name, to see if it's ok to set this provider's property values 623 * and remove this provider's properties. 624 * 625 * @throws SecurityException 626 * if a security manager exists and its {@link 627 * java.lang.SecurityManager#checkSecurityAccess} method 628 * denies access to set property values or remove properties. 629 * 630 * @since 1.8 631 */ 632 @Override 633 public synchronized Object computeIfPresent(Object key, BiFunction<? super Object, ? super Object, ? extends Object> remappingFunction) { 634 check("putProviderProperty." + name); 635 check("removeProviderProperty" + name); 636 637 if (debug != null) { 638 debug.println("ComputeIfPresent " + name + " provider property " + 639 key); 640 } 641 return implComputeIfPresent(key, remappingFunction); 642 } 643 644 /** 645 * If the specified key is not already associated with a value or is 646 * associated with null, associates it with the given value. Otherwise, 647 * replaces the value with the results of the given remapping function, 648 * or removes if the result is null. This method may be of use when 649 * combining multiple mapped values for a key. 650 * 651 * <p>If a security manager is enabled, its {@code checkSecurityAccess} 652 * method is called with the strings {@code "putProviderProperty."+name} 653 * and {@code "removeProviderProperty."+name}, where {@code name} is the 654 * provider name, to see if it's ok to set this provider's property values 655 * and remove this provider's properties. 656 * 657 * @throws SecurityException 658 * if a security manager exists and its {@link 659 * java.lang.SecurityManager#checkSecurityAccess} method 660 * denies access to set property values or remove properties. 661 * 662 * @since 1.8 663 */ 664 @Override 665 public synchronized Object merge(Object key, Object value, BiFunction<? super Object, ? super Object, ? extends Object> remappingFunction) { 666 check("putProviderProperty." + name); 667 check("removeProviderProperty" + name); 668 669 if (debug != null) { 670 debug.println("Merge " + name + " provider property " + key); 671 } 672 return implMerge(key, value, remappingFunction); 673 } 674 675 // let javadoc show doc from superclass 676 @Override 677 public Object get(Object key) { 678 checkInitialized(); 679 return super.get(key); 680 } 681 /** 682 * @since 1.8 683 */ 684 @Override 685 public synchronized Object getOrDefault(Object key, Object defaultValue) { 686 checkInitialized(); 687 return super.getOrDefault(key, defaultValue); 688 } 689 690 /** 691 * @since 1.8 692 */ 693 @Override 694 public synchronized void forEach(BiConsumer<? super Object, ? super Object> action) { 695 checkInitialized(); 696 super.forEach(action); 697 } 698 699 // let javadoc show doc from superclass 700 @Override 701 public Enumeration<Object> keys() { 702 checkInitialized(); 703 return super.keys(); 704 } 705 706 // let javadoc show doc from superclass 707 @Override 708 public Enumeration<Object> elements() { 709 checkInitialized(); 710 return super.elements(); 711 } 712 713 // let javadoc show doc from superclass 714 public String getProperty(String key) { 715 checkInitialized(); 716 return super.getProperty(key); 717 } 718 719 private void checkInitialized() { 720 if (!initialized) { 721 throw new IllegalStateException(); 722 } 723 } 724 725 private void check(String directive) { 726 checkInitialized(); 727 SecurityManager security = System.getSecurityManager(); 728 if (security != null) { 729 security.checkSecurityAccess(directive); 730 } 731 } 732 733 // legacy properties changed since last call to any services method? 734 private transient boolean legacyChanged; 735 // serviceMap changed since last call to getServices() 736 private transient boolean servicesChanged; 737 738 // Map<String,String> 739 private transient Map<String,String> legacyStrings; 740 741 // Map<ServiceKey,Service> 742 // used for services added via putService(), initialized on demand 743 private transient Map<ServiceKey,Service> serviceMap; 744 745 // Map<ServiceKey,Service> 746 // used for services added via legacy methods, init on demand 747 private transient Map<ServiceKey,Service> legacyMap; 748 749 // Set<Service> 750 // Unmodifiable set of all services. Initialized on demand. 751 private transient Set<Service> serviceSet; 752 753 // register the id attributes for this provider 754 // this is to ensure that equals() and hashCode() do not incorrectly 755 // report to different provider objects as the same 756 private void putId() { 757 // note: name and info may be null 758 super.put("Provider.id name", String.valueOf(name)); 759 super.put("Provider.id version", String.valueOf(version)); 760 super.put("Provider.id info", String.valueOf(info)); 761 super.put("Provider.id className", this.getClass().getName()); 762 } 763 764 private void readObject(ObjectInputStream in) 765 throws IOException, ClassNotFoundException { 766 Map<Object,Object> copy = new HashMap<>(); 767 for (Map.Entry<Object,Object> entry : super.entrySet()) { 768 copy.put(entry.getKey(), entry.getValue()); 769 } 770 defaults = null; 771 in.defaultReadObject(); 772 implClear(); 773 initialized = true; 774 putAll(copy); 775 } 776 777 private boolean checkLegacy(Object key) { 778 String keyString = (String)key; 779 if (keyString.startsWith("Provider.")) { 780 return false; 781 } 782 783 legacyChanged = true; 784 if (legacyStrings == null) { 785 legacyStrings = new LinkedHashMap<>(); 786 } 787 return true; 788 } 789 790 /** 791 * Copies all of the mappings from the specified Map to this provider. 792 * Internal method to be called AFTER the security check has been 793 * performed. 794 */ 795 private void implPutAll(Map<?,?> t) { 796 for (Map.Entry<?,?> e : t.entrySet()) { 797 implPut(e.getKey(), e.getValue()); 798 } 799 } 800 801 private Object implRemove(Object key) { 802 if (key instanceof String) { 803 if (!checkLegacy(key)) { 804 return null; 805 } 806 legacyStrings.remove((String)key); 807 } 808 return super.remove(key); 809 } 810 811 private boolean implRemove(Object key, Object value) { 812 if (key instanceof String && value instanceof String) { 813 if (!checkLegacy(key)) { 814 return false; 815 } 816 legacyStrings.remove((String)key, value); 817 } 818 return super.remove(key, value); 819 } 820 821 private boolean implReplace(Object key, Object oldValue, Object newValue) { 822 if ((key instanceof String) && (oldValue instanceof String) && 823 (newValue instanceof String)) { 824 if (!checkLegacy(key)) { 825 return false; 826 } 827 legacyStrings.replace((String)key, (String)oldValue, 828 (String)newValue); 829 } 830 return super.replace(key, oldValue, newValue); 831 } 832 833 private Object implReplace(Object key, Object value) { 834 if ((key instanceof String) && (value instanceof String)) { 835 if (!checkLegacy(key)) { 836 return null; 837 } 838 legacyStrings.replace((String)key, (String)value); 839 } 840 return super.replace(key, value); 841 } 842 843 @SuppressWarnings("unchecked") // Function must actually operate over strings 844 private void implReplaceAll(BiFunction<? super Object, ? super Object, ? extends Object> function) { 845 legacyChanged = true; 846 if (legacyStrings == null) { 847 legacyStrings = new LinkedHashMap<>(); 848 } else { 849 legacyStrings.replaceAll((BiFunction<? super String, ? super String, ? extends String>) function); 850 } 851 super.replaceAll(function); 852 } 853 854 @SuppressWarnings("unchecked") // Function must actually operate over strings 855 private Object implMerge(Object key, Object value, BiFunction<? super Object, ? super Object, ? extends Object> remappingFunction) { 856 if ((key instanceof String) && (value instanceof String)) { 857 if (!checkLegacy(key)) { 858 return null; 859 } 860 legacyStrings.merge((String)key, (String)value, 861 (BiFunction<? super String, ? super String, ? extends String>) remappingFunction); 862 } 863 return super.merge(key, value, remappingFunction); 864 } 865 866 @SuppressWarnings("unchecked") // Function must actually operate over strings 867 private Object implCompute(Object key, BiFunction<? super Object, ? super Object, ? extends Object> remappingFunction) { 868 if (key instanceof String) { 869 if (!checkLegacy(key)) { 870 return null; 871 } 872 legacyStrings.computeIfAbsent((String) key, 873 (Function<? super String, ? extends String>) remappingFunction); 874 } 875 return super.compute(key, remappingFunction); 876 } 877 878 @SuppressWarnings("unchecked") // Function must actually operate over strings 879 private Object implComputeIfAbsent(Object key, Function<? super Object, ? extends Object> mappingFunction) { 880 if (key instanceof String) { 881 if (!checkLegacy(key)) { 882 return null; 883 } 884 legacyStrings.computeIfAbsent((String) key, 885 (Function<? super String, ? extends String>) mappingFunction); 886 } 887 return super.computeIfAbsent(key, mappingFunction); 888 } 889 890 @SuppressWarnings("unchecked") // Function must actually operate over strings 891 private Object implComputeIfPresent(Object key, BiFunction<? super Object, ? super Object, ? extends Object> remappingFunction) { 892 if (key instanceof String) { 893 if (!checkLegacy(key)) { 894 return null; 895 } 896 legacyStrings.computeIfPresent((String) key, 897 (BiFunction<? super String, ? super String, ? extends String>) remappingFunction); 898 } 899 return super.computeIfPresent(key, remappingFunction); 900 } 901 902 private Object implPut(Object key, Object value) { 903 if ((key instanceof String) && (value instanceof String)) { 904 if (!checkLegacy(key)) { 905 return null; 906 } 907 legacyStrings.put((String)key, (String)value); 908 } 909 return super.put(key, value); 910 } 911 912 private Object implPutIfAbsent(Object key, Object value) { 913 if ((key instanceof String) && (value instanceof String)) { 914 if (!checkLegacy(key)) { 915 return null; 916 } 917 legacyStrings.putIfAbsent((String)key, (String)value); 918 } 919 return super.putIfAbsent(key, value); 920 } 921 922 private void implClear() { 923 if (legacyStrings != null) { 924 legacyStrings.clear(); 925 } 926 if (legacyMap != null) { 927 legacyMap.clear(); 928 } 929 if (serviceMap != null) { 930 serviceMap.clear(); 931 } 932 legacyChanged = false; 933 servicesChanged = false; 934 serviceSet = null; 935 super.clear(); 936 putId(); 937 } 938 939 // used as key in the serviceMap and legacyMap HashMaps 940 private static class ServiceKey { 941 private final String type; 942 private final String algorithm; 943 private final String originalAlgorithm; 944 private ServiceKey(String type, String algorithm, boolean intern) { 945 this.type = type; 946 this.originalAlgorithm = algorithm; 947 algorithm = algorithm.toUpperCase(ENGLISH); 948 this.algorithm = intern ? algorithm.intern() : algorithm; 949 } 950 public int hashCode() { 951 return type.hashCode() + algorithm.hashCode(); 952 } 953 public boolean equals(Object obj) { 954 if (this == obj) { 955 return true; 956 } 957 if (obj instanceof ServiceKey == false) { 958 return false; 959 } 960 ServiceKey other = (ServiceKey)obj; 961 return this.type.equals(other.type) 962 && this.algorithm.equals(other.algorithm); 963 } 964 boolean matches(String type, String algorithm) { 965 return (this.type == type) && (this.originalAlgorithm == algorithm); 966 } 967 } 968 969 /** 970 * Ensure all the legacy String properties are fully parsed into 971 * service objects. 972 */ 973 private void ensureLegacyParsed() { 974 if ((legacyChanged == false) || (legacyStrings == null)) { 975 return; 976 } 977 serviceSet = null; 978 if (legacyMap == null) { 979 legacyMap = new LinkedHashMap<>(); 980 } else { 981 legacyMap.clear(); 982 } 983 for (Map.Entry<String,String> entry : legacyStrings.entrySet()) { 984 parseLegacyPut(entry.getKey(), entry.getValue()); 985 } 986 removeInvalidServices(legacyMap); 987 legacyChanged = false; 988 } 989 990 /** 991 * Remove all invalid services from the Map. Invalid services can only 992 * occur if the legacy properties are inconsistent or incomplete. 993 */ 994 private void removeInvalidServices(Map<ServiceKey,Service> map) { 995 for (Iterator<Map.Entry<ServiceKey, Service>> t = 996 map.entrySet().iterator(); t.hasNext(); ) { 997 Service s = t.next().getValue(); 998 if (s.isValid() == false) { 999 t.remove(); 1000 } 1001 } 1002 } 1003 1004 private String[] getTypeAndAlgorithm(String key) { 1005 int i = key.indexOf('.'); 1006 if (i < 1) { 1007 if (debug != null) { 1008 debug.println("Ignoring invalid entry in provider " 1009 + name + ":" + key); 1010 } 1011 return null; 1012 } 1013 String type = key.substring(0, i); 1014 String alg = key.substring(i + 1); 1015 return new String[] {type, alg}; 1016 } 1017 1018 private static final String ALIAS_PREFIX = "Alg.Alias."; 1019 private static final String ALIAS_PREFIX_LOWER = "alg.alias."; 1020 private static final int ALIAS_LENGTH = ALIAS_PREFIX.length(); 1021 1022 private void parseLegacyPut(String name, String value) { 1023 if (name.toLowerCase(ENGLISH).startsWith(ALIAS_PREFIX_LOWER)) { 1024 // e.g. put("Alg.Alias.MessageDigest.SHA", "SHA-1"); 1025 // aliasKey ~ MessageDigest.SHA 1026 String stdAlg = value; 1027 String aliasKey = name.substring(ALIAS_LENGTH); 1028 String[] typeAndAlg = getTypeAndAlgorithm(aliasKey); 1029 if (typeAndAlg == null) { 1030 return; 1031 } 1032 String type = getEngineName(typeAndAlg[0]); 1033 String aliasAlg = typeAndAlg[1].intern(); 1034 ServiceKey key = new ServiceKey(type, stdAlg, true); 1035 Service s = legacyMap.get(key); 1036 if (s == null) { 1037 s = new Service(this); 1038 s.type = type; 1039 s.algorithm = stdAlg; 1040 legacyMap.put(key, s); 1041 } 1042 legacyMap.put(new ServiceKey(type, aliasAlg, true), s); 1043 s.addAlias(aliasAlg); 1044 } else { 1045 String[] typeAndAlg = getTypeAndAlgorithm(name); 1046 if (typeAndAlg == null) { 1047 return; 1048 } 1049 int i = typeAndAlg[1].indexOf(' '); 1050 if (i == -1) { 1051 // e.g. put("MessageDigest.SHA-1", "sun.security.provider.SHA"); 1052 String type = getEngineName(typeAndAlg[0]); 1053 String stdAlg = typeAndAlg[1].intern(); 1054 String className = value; 1055 ServiceKey key = new ServiceKey(type, stdAlg, true); 1056 Service s = legacyMap.get(key); 1057 if (s == null) { 1058 s = new Service(this); 1059 s.type = type; 1060 s.algorithm = stdAlg; 1061 legacyMap.put(key, s); 1062 } 1063 s.className = className; 1064 } else { // attribute 1065 // e.g. put("MessageDigest.SHA-1 ImplementedIn", "Software"); 1066 String attributeValue = value; 1067 String type = getEngineName(typeAndAlg[0]); 1068 String attributeString = typeAndAlg[1]; 1069 String stdAlg = attributeString.substring(0, i).intern(); 1070 String attributeName = attributeString.substring(i + 1); 1071 // kill additional spaces 1072 while (attributeName.startsWith(" ")) { 1073 attributeName = attributeName.substring(1); 1074 } 1075 attributeName = attributeName.intern(); 1076 ServiceKey key = new ServiceKey(type, stdAlg, true); 1077 Service s = legacyMap.get(key); 1078 if (s == null) { 1079 s = new Service(this); 1080 s.type = type; 1081 s.algorithm = stdAlg; 1082 legacyMap.put(key, s); 1083 } 1084 s.addAttribute(attributeName, attributeValue); 1085 } 1086 } 1087 } 1088 1089 /** 1090 * Get the service describing this Provider's implementation of the 1091 * specified type of this algorithm or alias. If no such 1092 * implementation exists, this method returns null. If there are two 1093 * matching services, one added to this provider using 1094 * {@link #putService putService()} and one added via {@link #put put()}, 1095 * the service added via {@link #putService putService()} is returned. 1096 * 1097 * @param type the type of {@link Service service} requested 1098 * (for example, {@code MessageDigest}) 1099 * @param algorithm the case insensitive algorithm name (or alternate 1100 * alias) of the service requested (for example, {@code SHA-1}) 1101 * 1102 * @return the service describing this Provider's matching service 1103 * or null if no such service exists 1104 * 1105 * @throws NullPointerException if type or algorithm is null 1106 * 1107 * @since 1.5 1108 */ 1109 public synchronized Service getService(String type, String algorithm) { 1110 checkInitialized(); 1111 // avoid allocating a new key object if possible 1112 ServiceKey key = previousKey; 1113 if (key.matches(type, algorithm) == false) { 1114 key = new ServiceKey(type, algorithm, false); 1115 previousKey = key; 1116 } 1117 if (serviceMap != null) { 1118 Service service = serviceMap.get(key); 1119 if (service != null) { 1120 return service; 1121 } 1122 } 1123 ensureLegacyParsed(); 1124 return (legacyMap != null) ? legacyMap.get(key) : null; 1125 } 1126 1127 // ServiceKey from previous getService() call 1128 // by re-using it if possible we avoid allocating a new object 1129 // and the toUpperCase() call. 1130 // re-use will occur e.g. as the framework traverses the provider 1131 // list and queries each provider with the same values until it finds 1132 // a matching service 1133 private static volatile ServiceKey previousKey = 1134 new ServiceKey("", "", false); 1135 1136 /** 1137 * Get an unmodifiable Set of all services supported by 1138 * this Provider. 1139 * 1140 * @return an unmodifiable Set of all services supported by 1141 * this Provider 1142 * 1143 * @since 1.5 1144 */ 1145 public synchronized Set<Service> getServices() { 1146 checkInitialized(); 1147 if (legacyChanged || servicesChanged) { 1148 serviceSet = null; 1149 } 1150 if (serviceSet == null) { 1151 ensureLegacyParsed(); 1152 Set<Service> set = new LinkedHashSet<>(); 1153 if (serviceMap != null) { 1154 set.addAll(serviceMap.values()); 1155 } 1156 if (legacyMap != null) { 1157 set.addAll(legacyMap.values()); 1158 } 1159 serviceSet = Collections.unmodifiableSet(set); 1160 servicesChanged = false; 1161 } 1162 return serviceSet; 1163 } 1164 1165 /** 1166 * Add a service. If a service of the same type with the same algorithm 1167 * name exists and it was added using {@link #putService putService()}, 1168 * it is replaced by the new service. 1169 * This method also places information about this service 1170 * in the provider's Hashtable values in the format described in the 1171 * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html"> 1172 * Java Cryptography Architecture API Specification & Reference </a>. 1173 * 1174 * <p>Also, if there is a security manager, its 1175 * {@code checkSecurityAccess} method is called with the string 1176 * {@code "putProviderProperty."+name}, where {@code name} is 1177 * the provider name, to see if it's ok to set this provider's property 1178 * values. If the default implementation of {@code checkSecurityAccess} 1179 * is used (that is, that method is not overriden), then this results in 1180 * a call to the security manager's {@code checkPermission} method with 1181 * a {@code SecurityPermission("putProviderProperty."+name)} 1182 * permission. 1183 * 1184 * @param s the Service to add 1185 * 1186 * @throws SecurityException 1187 * if a security manager exists and its {@link 1188 * java.lang.SecurityManager#checkSecurityAccess} method denies 1189 * access to set property values. 1190 * @throws NullPointerException if s is null 1191 * 1192 * @since 1.5 1193 */ 1194 protected synchronized void putService(Service s) { 1195 check("putProviderProperty." + name); 1196 if (debug != null) { 1197 debug.println(name + ".putService(): " + s); 1198 } 1199 if (s == null) { 1200 throw new NullPointerException(); 1201 } 1202 if (s.getProvider() != this) { 1203 throw new IllegalArgumentException 1204 ("service.getProvider() must match this Provider object"); 1205 } 1206 if (serviceMap == null) { 1207 serviceMap = new LinkedHashMap<>(); 1208 } 1209 servicesChanged = true; 1210 String type = s.getType(); 1211 String algorithm = s.getAlgorithm(); 1212 ServiceKey key = new ServiceKey(type, algorithm, true); 1213 // remove existing service 1214 implRemoveService(serviceMap.get(key)); 1215 serviceMap.put(key, s); 1216 for (String alias : s.getAliases()) { 1217 serviceMap.put(new ServiceKey(type, alias, true), s); 1218 } 1219 putPropertyStrings(s); 1220 } 1221 1222 /** 1223 * Put the string properties for this Service in this Provider's 1224 * Hashtable. 1225 */ 1226 private void putPropertyStrings(Service s) { 1227 String type = s.getType(); 1228 String algorithm = s.getAlgorithm(); 1229 // use super() to avoid permission check and other processing 1230 super.put(type + "." + algorithm, s.getClassName()); 1231 for (String alias : s.getAliases()) { 1232 super.put(ALIAS_PREFIX + type + "." + alias, algorithm); 1233 } 1234 for (Map.Entry<UString,String> entry : s.attributes.entrySet()) { 1235 String key = type + "." + algorithm + " " + entry.getKey(); 1236 super.put(key, entry.getValue()); 1237 } 1238 } 1239 1240 /** 1241 * Remove the string properties for this Service from this Provider's 1242 * Hashtable. 1243 */ 1244 private void removePropertyStrings(Service s) { 1245 String type = s.getType(); 1246 String algorithm = s.getAlgorithm(); 1247 // use super() to avoid permission check and other processing 1248 super.remove(type + "." + algorithm); 1249 for (String alias : s.getAliases()) { 1250 super.remove(ALIAS_PREFIX + type + "." + alias); 1251 } 1252 for (Map.Entry<UString,String> entry : s.attributes.entrySet()) { 1253 String key = type + "." + algorithm + " " + entry.getKey(); 1254 super.remove(key); 1255 } 1256 } 1257 1258 /** 1259 * Remove a service previously added using 1260 * {@link #putService putService()}. The specified service is removed from 1261 * this provider. It will no longer be returned by 1262 * {@link #getService getService()} and its information will be removed 1263 * from this provider's Hashtable. 1264 * 1265 * <p>Also, if there is a security manager, its 1266 * {@code checkSecurityAccess} method is called with the string 1267 * {@code "removeProviderProperty."+name}, where {@code name} is 1268 * the provider name, to see if it's ok to remove this provider's 1269 * properties. If the default implementation of 1270 * {@code checkSecurityAccess} is used (that is, that method is not 1271 * overriden), then this results in a call to the security manager's 1272 * {@code checkPermission} method with a 1273 * {@code SecurityPermission("removeProviderProperty."+name)} 1274 * permission. 1275 * 1276 * @param s the Service to be removed 1277 * 1278 * @throws SecurityException 1279 * if a security manager exists and its {@link 1280 * java.lang.SecurityManager#checkSecurityAccess} method denies 1281 * access to remove this provider's properties. 1282 * @throws NullPointerException if s is null 1283 * 1284 * @since 1.5 1285 */ 1286 protected synchronized void removeService(Service s) { 1287 check("removeProviderProperty." + name); 1288 if (debug != null) { 1289 debug.println(name + ".removeService(): " + s); 1290 } 1291 if (s == null) { 1292 throw new NullPointerException(); 1293 } 1294 implRemoveService(s); 1295 } 1296 1297 private void implRemoveService(Service s) { 1298 if ((s == null) || (serviceMap == null)) { 1299 return; 1300 } 1301 String type = s.getType(); 1302 String algorithm = s.getAlgorithm(); 1303 ServiceKey key = new ServiceKey(type, algorithm, false); 1304 Service oldService = serviceMap.get(key); 1305 if (s != oldService) { 1306 return; 1307 } 1308 servicesChanged = true; 1309 serviceMap.remove(key); 1310 for (String alias : s.getAliases()) { 1311 serviceMap.remove(new ServiceKey(type, alias, false)); 1312 } 1313 removePropertyStrings(s); 1314 } 1315 1316 // Wrapped String that behaves in a case insensitive way for equals/hashCode 1317 private static class UString { 1318 final String string; 1319 final String lowerString; 1320 1321 UString(String s) { 1322 this.string = s; 1323 this.lowerString = s.toLowerCase(ENGLISH); 1324 } 1325 1326 public int hashCode() { 1327 return lowerString.hashCode(); 1328 } 1329 1330 public boolean equals(Object obj) { 1331 if (this == obj) { 1332 return true; 1333 } 1334 if (obj instanceof UString == false) { 1335 return false; 1336 } 1337 UString other = (UString)obj; 1338 return lowerString.equals(other.lowerString); 1339 } 1340 1341 public String toString() { 1342 return string; 1343 } 1344 } 1345 1346 // describe relevant properties of a type of engine 1347 private static class EngineDescription { 1348 final String name; 1349 final boolean supportsParameter; 1350 final String constructorParameterClassName; 1351 private volatile Class<?> constructorParameterClass; 1352 1353 EngineDescription(String name, boolean sp, String paramName) { 1354 this.name = name; 1355 this.supportsParameter = sp; 1356 this.constructorParameterClassName = paramName; 1357 } 1358 Class<?> getConstructorParameterClass() throws ClassNotFoundException { 1359 Class<?> clazz = constructorParameterClass; 1360 if (clazz == null) { 1361 clazz = Class.forName(constructorParameterClassName); 1362 constructorParameterClass = clazz; 1363 } 1364 return clazz; 1365 } 1366 } 1367 1368 // built in knowledge of the engine types shipped as part of the JDK 1369 private static final Map<String,EngineDescription> knownEngines; 1370 1371 private static void addEngine(String name, boolean sp, String paramName) { 1372 EngineDescription ed = new EngineDescription(name, sp, paramName); 1373 // also index by canonical name to avoid toLowerCase() for some lookups 1374 knownEngines.put(name.toLowerCase(ENGLISH), ed); 1375 knownEngines.put(name, ed); 1376 } 1377 1378 static { 1379 knownEngines = new HashMap<>(); 1380 // JCA 1381 addEngine("AlgorithmParameterGenerator", false, null); 1382 addEngine("AlgorithmParameters", false, null); 1383 addEngine("KeyFactory", false, null); 1384 addEngine("KeyPairGenerator", false, null); 1385 addEngine("KeyStore", false, null); 1386 addEngine("MessageDigest", false, null); 1387 addEngine("SecureRandom", false, null); 1388 addEngine("Signature", true, null); 1389 addEngine("CertificateFactory", false, null); 1390 addEngine("CertPathBuilder", false, null); 1391 addEngine("CertPathValidator", false, null); 1392 addEngine("CertStore", false, 1393 "java.security.cert.CertStoreParameters"); 1394 // JCE 1395 addEngine("Cipher", true, null); 1396 addEngine("ExemptionMechanism", false, null); 1397 addEngine("Mac", true, null); 1398 addEngine("KeyAgreement", true, null); 1399 addEngine("KeyGenerator", false, null); 1400 addEngine("SecretKeyFactory", false, null); 1401 // JSSE 1402 addEngine("KeyManagerFactory", false, null); 1403 addEngine("SSLContext", false, null); 1404 addEngine("TrustManagerFactory", false, null); 1405 // JGSS 1406 addEngine("GssApiMechanism", false, null); 1407 // SASL 1408 addEngine("SaslClientFactory", false, null); 1409 addEngine("SaslServerFactory", false, null); 1410 // POLICY 1411 addEngine("Policy", false, 1412 "java.security.Policy$Parameters"); 1413 // CONFIGURATION 1414 addEngine("Configuration", false, 1415 "javax.security.auth.login.Configuration$Parameters"); 1416 // XML DSig 1417 addEngine("XMLSignatureFactory", false, null); 1418 addEngine("KeyInfoFactory", false, null); 1419 addEngine("TransformService", false, null); 1420 // Smart Card I/O 1421 addEngine("TerminalFactory", false, 1422 "java.lang.Object"); 1423 } 1424 1425 // get the "standard" (mixed-case) engine name for arbitary case engine name 1426 // if there is no known engine by that name, return s 1427 private static String getEngineName(String s) { 1428 // try original case first, usually correct 1429 EngineDescription e = knownEngines.get(s); 1430 if (e == null) { 1431 e = knownEngines.get(s.toLowerCase(ENGLISH)); 1432 } 1433 return (e == null) ? s : e.name; 1434 } 1435 1436 /** 1437 * The description of a security service. It encapsulates the properties 1438 * of a service and contains a factory method to obtain new implementation 1439 * instances of this service. 1440 * 1441 * <p>Each service has a provider that offers the service, a type, 1442 * an algorithm name, and the name of the class that implements the 1443 * service. Optionally, it also includes a list of alternate algorithm 1444 * names for this service (aliases) and attributes, which are a map of 1445 * (name, value) String pairs. 1446 * 1447 * <p>This class defines the methods {@link #supportsParameter 1448 * supportsParameter()} and {@link #newInstance newInstance()} 1449 * which are used by the Java security framework when it searches for 1450 * suitable services and instantiates them. The valid arguments to those 1451 * methods depend on the type of service. For the service types defined 1452 * within Java SE, see the 1453 * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html"> 1454 * Java Cryptography Architecture API Specification & Reference </a> 1455 * for the valid values. 1456 * Note that components outside of Java SE can define additional types of 1457 * services and their behavior. 1458 * 1459 * <p>Instances of this class are immutable. 1460 * 1461 * @since 1.5 1462 */ 1463 public static class Service { 1464 1465 private String type, algorithm, className; 1466 private final Provider provider; 1467 private List<String> aliases; 1468 private Map<UString,String> attributes; 1469 1470 // Reference to the cached implementation Class object 1471 private volatile Reference<Class<?>> classRef; 1472 1473 // flag indicating whether this service has its attributes for 1474 // supportedKeyFormats or supportedKeyClasses set 1475 // if null, the values have not been initialized 1476 // if TRUE, at least one of supportedFormats/Classes is non null 1477 private volatile Boolean hasKeyAttributes; 1478 1479 // supported encoding formats 1480 private String[] supportedFormats; 1481 1482 // names of the supported key (super) classes 1483 private Class<?>[] supportedClasses; 1484 1485 // whether this service has been registered with the Provider 1486 private boolean registered; 1487 1488 private static final Class<?>[] CLASS0 = new Class<?>[0]; 1489 1490 // this constructor and these methods are used for parsing 1491 // the legacy string properties. 1492 1493 private Service(Provider provider) { 1494 this.provider = provider; 1495 aliases = Collections.<String>emptyList(); 1496 attributes = Collections.<UString,String>emptyMap(); 1497 } 1498 1499 private boolean isValid() { 1500 return (type != null) && (algorithm != null) && (className != null); 1501 } 1502 1503 private void addAlias(String alias) { 1504 if (aliases.isEmpty()) { 1505 aliases = new ArrayList<>(2); 1506 } 1507 aliases.add(alias); 1508 } 1509 1510 void addAttribute(String type, String value) { 1511 if (attributes.isEmpty()) { 1512 attributes = new HashMap<>(8); 1513 } 1514 attributes.put(new UString(type), value); 1515 } 1516 1517 /** 1518 * Construct a new service. 1519 * 1520 * @param provider the provider that offers this service 1521 * @param type the type of this service 1522 * @param algorithm the algorithm name 1523 * @param className the name of the class implementing this service 1524 * @param aliases List of aliases or null if algorithm has no aliases 1525 * @param attributes Map of attributes or null if this implementation 1526 * has no attributes 1527 * 1528 * @throws NullPointerException if provider, type, algorithm, or 1529 * className is null 1530 */ 1531 public Service(Provider provider, String type, String algorithm, 1532 String className, List<String> aliases, 1533 Map<String,String> attributes) { 1534 if ((provider == null) || (type == null) || 1535 (algorithm == null) || (className == null)) { 1536 throw new NullPointerException(); 1537 } 1538 this.provider = provider; 1539 this.type = getEngineName(type); 1540 this.algorithm = algorithm; 1541 this.className = className; 1542 if (aliases == null) { 1543 this.aliases = Collections.<String>emptyList(); 1544 } else { 1545 this.aliases = new ArrayList<>(aliases); 1546 } 1547 if (attributes == null) { 1548 this.attributes = Collections.<UString,String>emptyMap(); 1549 } else { 1550 this.attributes = new HashMap<>(); 1551 for (Map.Entry<String,String> entry : attributes.entrySet()) { 1552 this.attributes.put(new UString(entry.getKey()), entry.getValue()); 1553 } 1554 } 1555 } 1556 1557 /** 1558 * Get the type of this service. For example, {@code MessageDigest}. 1559 * 1560 * @return the type of this service 1561 */ 1562 public final String getType() { 1563 return type; 1564 } 1565 1566 /** 1567 * Return the name of the algorithm of this service. For example, 1568 * {@code SHA-1}. 1569 * 1570 * @return the algorithm of this service 1571 */ 1572 public final String getAlgorithm() { 1573 return algorithm; 1574 } 1575 1576 /** 1577 * Return the Provider of this service. 1578 * 1579 * @return the Provider of this service 1580 */ 1581 public final Provider getProvider() { 1582 return provider; 1583 } 1584 1585 /** 1586 * Return the name of the class implementing this service. 1587 * 1588 * @return the name of the class implementing this service 1589 */ 1590 public final String getClassName() { 1591 return className; 1592 } 1593 1594 // internal only 1595 private final List<String> getAliases() { 1596 return aliases; 1597 } 1598 1599 /** 1600 * Return the value of the specified attribute or null if this 1601 * attribute is not set for this Service. 1602 * 1603 * @param name the name of the requested attribute 1604 * 1605 * @return the value of the specified attribute or null if the 1606 * attribute is not present 1607 * 1608 * @throws NullPointerException if name is null 1609 */ 1610 public final String getAttribute(String name) { 1611 if (name == null) { 1612 throw new NullPointerException(); 1613 } 1614 return attributes.get(new UString(name)); 1615 } 1616 1617 /** 1618 * Return a new instance of the implementation described by this 1619 * service. The security provider framework uses this method to 1620 * construct implementations. Applications will typically not need 1621 * to call it. 1622 * 1623 * <p>The default implementation uses reflection to invoke the 1624 * standard constructor for this type of service. 1625 * Security providers can override this method to implement 1626 * instantiation in a different way. 1627 * For details and the values of constructorParameter that are 1628 * valid for the various types of services see the 1629 * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html"> 1630 * Java Cryptography Architecture API Specification & 1631 * Reference</a>. 1632 * 1633 * @param constructorParameter the value to pass to the constructor, 1634 * or null if this type of service does not use a constructorParameter. 1635 * 1636 * @return a new implementation of this service 1637 * 1638 * @throws InvalidParameterException if the value of 1639 * constructorParameter is invalid for this type of service. 1640 * @throws NoSuchAlgorithmException if instantiation failed for 1641 * any other reason. 1642 */ 1643 public Object newInstance(Object constructorParameter) 1644 throws NoSuchAlgorithmException { 1645 if (registered == false) { 1646 if (provider.getService(type, algorithm) != this) { 1647 throw new NoSuchAlgorithmException 1648 ("Service not registered with Provider " 1649 + provider.getName() + ": " + this); 1650 } 1651 registered = true; 1652 } 1653 Class<?> ctrParamClz; 1654 try { 1655 EngineDescription cap = knownEngines.get(type); 1656 if (cap == null) { 1657 // unknown engine type, use generic code 1658 // this is the code path future for non-core 1659 // optional packages 1660 ctrParamClz = constructorParameter == null? 1661 null : constructorParameter.getClass(); 1662 } else { 1663 ctrParamClz = cap.constructorParameterClassName == null? 1664 null : Class.forName(cap.constructorParameterClassName); 1665 if (constructorParameter != null) { 1666 if (ctrParamClz == null) { 1667 throw new InvalidParameterException 1668 ("constructorParameter not used with " + type 1669 + " engines"); 1670 } else { 1671 Class<?> argClass = constructorParameter.getClass(); 1672 if (ctrParamClz.isAssignableFrom(argClass) == false) { 1673 throw new InvalidParameterException 1674 ("constructorParameter must be instanceof " 1675 + cap.constructorParameterClassName.replace('$', '.') 1676 + " for engine type " + type); 1677 } 1678 } 1679 } 1680 } 1681 return newInstanceUtil(getImplClass(), ctrParamClz, constructorParameter); 1682 } catch (NoSuchAlgorithmException e) { 1683 throw e; 1684 } catch (InvocationTargetException e) { 1685 throw new NoSuchAlgorithmException 1686 ("Error constructing implementation (algorithm: " 1687 + algorithm + ", provider: " + provider.getName() 1688 + ", class: " + className + ")", e.getCause()); 1689 } catch (Exception e) { 1690 throw new NoSuchAlgorithmException 1691 ("Error constructing implementation (algorithm: " 1692 + algorithm + ", provider: " + provider.getName() 1693 + ", class: " + className + ")", e); 1694 } 1695 } 1696 1697 // return the implementation Class object for this service 1698 private Class<?> getImplClass() throws NoSuchAlgorithmException { 1699 try { 1700 Reference<Class<?>> ref = classRef; 1701 Class<?> clazz = (ref == null) ? null : ref.get(); 1702 if (clazz == null) { 1703 ClassLoader cl = provider.getClass().getClassLoader(); 1704 if (cl == null) { 1705 clazz = Class.forName(className); 1706 } else { 1707 clazz = cl.loadClass(className); 1708 } 1709 if (!Modifier.isPublic(clazz.getModifiers())) { 1710 throw new NoSuchAlgorithmException 1711 ("class configured for " + type + " (provider: " + 1712 provider.getName() + ") is not public."); 1713 } 1714 classRef = new WeakReference<>(clazz); 1715 } 1716 return clazz; 1717 } catch (ClassNotFoundException e) { 1718 throw new NoSuchAlgorithmException 1719 ("class configured for " + type + " (provider: " + 1720 provider.getName() + ") cannot be found.", e); 1721 } 1722 } 1723 1724 /** 1725 * Test whether this Service can use the specified parameter. 1726 * Returns false if this service cannot use the parameter. Returns 1727 * true if this service can use the parameter, if a fast test is 1728 * infeasible, or if the status is unknown. 1729 * 1730 * <p>The security provider framework uses this method with 1731 * some types of services to quickly exclude non-matching 1732 * implementations for consideration. 1733 * Applications will typically not need to call it. 1734 * 1735 * <p>For details and the values of parameter that are valid for the 1736 * various types of services see the top of this class and the 1737 * <a href="../../../technotes/guides/security/crypto/CryptoSpec.html"> 1738 * Java Cryptography Architecture API Specification & 1739 * Reference</a>. 1740 * Security providers can override it to implement their own test. 1741 * 1742 * @param parameter the parameter to test 1743 * 1744 * @return false if this service cannot use the specified 1745 * parameter; true if it can possibly use the parameter 1746 * 1747 * @throws InvalidParameterException if the value of parameter is 1748 * invalid for this type of service or if this method cannot be 1749 * used with this type of service 1750 */ 1751 public boolean supportsParameter(Object parameter) { 1752 EngineDescription cap = knownEngines.get(type); 1753 if (cap == null) { 1754 // unknown engine type, return true by default 1755 return true; 1756 } 1757 if (cap.supportsParameter == false) { 1758 throw new InvalidParameterException("supportsParameter() not " 1759 + "used with " + type + " engines"); 1760 } 1761 // allow null for keys without attributes for compatibility 1762 if ((parameter != null) && (parameter instanceof Key == false)) { 1763 throw new InvalidParameterException 1764 ("Parameter must be instanceof Key for engine " + type); 1765 } 1766 if (hasKeyAttributes() == false) { 1767 return true; 1768 } 1769 if (parameter == null) { 1770 return false; 1771 } 1772 Key key = (Key)parameter; 1773 if (supportsKeyFormat(key)) { 1774 return true; 1775 } 1776 if (supportsKeyClass(key)) { 1777 return true; 1778 } 1779 return false; 1780 } 1781 1782 /** 1783 * Return whether this service has its Supported* properties for 1784 * keys defined. Parses the attributes if not yet initialized. 1785 */ 1786 private boolean hasKeyAttributes() { 1787 Boolean b = hasKeyAttributes; 1788 if (b == null) { 1789 synchronized (this) { 1790 String s; 1791 s = getAttribute("SupportedKeyFormats"); 1792 if (s != null) { 1793 supportedFormats = s.split("\\|"); 1794 } 1795 s = getAttribute("SupportedKeyClasses"); 1796 if (s != null) { 1797 String[] classNames = s.split("\\|"); 1798 List<Class<?>> classList = 1799 new ArrayList<>(classNames.length); 1800 for (String className : classNames) { 1801 Class<?> clazz = getKeyClass(className); 1802 if (clazz != null) { 1803 classList.add(clazz); 1804 } 1805 } 1806 supportedClasses = classList.toArray(CLASS0); 1807 } 1808 boolean bool = (supportedFormats != null) 1809 || (supportedClasses != null); 1810 b = Boolean.valueOf(bool); 1811 hasKeyAttributes = b; 1812 } 1813 } 1814 return b.booleanValue(); 1815 } 1816 1817 // get the key class object of the specified name 1818 private Class<?> getKeyClass(String name) { 1819 try { 1820 return Class.forName(name); 1821 } catch (ClassNotFoundException e) { 1822 // ignore 1823 } 1824 try { 1825 ClassLoader cl = provider.getClass().getClassLoader(); 1826 if (cl != null) { 1827 return cl.loadClass(name); 1828 } 1829 } catch (ClassNotFoundException e) { 1830 // ignore 1831 } 1832 return null; 1833 } 1834 1835 private boolean supportsKeyFormat(Key key) { 1836 if (supportedFormats == null) { 1837 return false; 1838 } 1839 String format = key.getFormat(); 1840 if (format == null) { 1841 return false; 1842 } 1843 for (String supportedFormat : supportedFormats) { 1844 if (supportedFormat.equals(format)) { 1845 return true; 1846 } 1847 } 1848 return false; 1849 } 1850 1851 private boolean supportsKeyClass(Key key) { 1852 if (supportedClasses == null) { 1853 return false; 1854 } 1855 Class<?> keyClass = key.getClass(); 1856 for (Class<?> clazz : supportedClasses) { 1857 if (clazz.isAssignableFrom(keyClass)) { 1858 return true; 1859 } 1860 } 1861 return false; 1862 } 1863 1864 /** 1865 * Return a String representation of this service. 1866 * 1867 * @return a String representation of this service. 1868 */ 1869 public String toString() { 1870 String aString = aliases.isEmpty() 1871 ? "" : "\r\n aliases: " + aliases.toString(); 1872 String attrs = attributes.isEmpty() 1873 ? "" : "\r\n attributes: " + attributes.toString(); 1874 return provider.getName() + ": " + type + "." + algorithm 1875 + " -> " + className + aString + attrs + "\r\n"; 1876 } 1877 1878 } 1879 1880 }