New src/java.base/share/classes/sun/security/ssl/KeyManagerFactoryImpl.java

   1 /*
   2  * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.security.ssl;
  27 
  28 import java.util.List;
  29 import java.util.Collections;
  30 
  31 import java.security.*;
  32 import java.security.KeyStore.*;
  33 
  34 import javax.net.ssl.*;
  35 
  36 abstract class KeyManagerFactoryImpl extends KeyManagerFactorySpi {
  37 
  38     X509ExtendedKeyManager keyManager;
  39     boolean isInitialized;
  40 
  41     KeyManagerFactoryImpl() {
  42         // empty
  43     }
  44 
  45     /**
  46      * Returns one key manager for each type of key material.
  47      */
  48     @Override
  49     protected KeyManager[] engineGetKeyManagers() {
  50         if (!isInitialized) {
  51             throw new IllegalStateException(
  52                         "KeyManagerFactoryImpl is not initialized");
  53         }
  54         return new KeyManager[] { keyManager };
  55     }
  56 
  57     // Factory for the SunX509 keymanager
  58     public static final class SunX509 extends KeyManagerFactoryImpl {
  59 
  60         @Override
  61         protected void engineInit(KeyStore ks, char[] password) throws
  62                 KeyStoreException, NoSuchAlgorithmException,
  63                 UnrecoverableKeyException {
  64             if ((ks != null) && SunJSSE.isFIPS()) {
  65                 if (ks.getProvider() != SunJSSE.cryptoProvider) {
  66                     throw new KeyStoreException("FIPS mode: KeyStore must be "
  67                         + "from provider " + SunJSSE.cryptoProvider.getName());
  68                 }
  69             }
  70             keyManager = new SunX509KeyManagerImpl(ks, password);
  71             isInitialized = true;
  72         }
  73 
  74         @Override
  75         protected void engineInit(ManagerFactoryParameters spec) throws
  76                 InvalidAlgorithmParameterException {
  77             throw new InvalidAlgorithmParameterException(
  78                 "SunX509KeyManager does not use ManagerFactoryParameters");
  79         }
  80 
  81     }
  82 
  83     // Factory for the X509 keymanager
  84     public static final class X509 extends KeyManagerFactoryImpl {
  85 
  86         @Override
  87         protected void engineInit(KeyStore ks, char[] password) throws
  88                 KeyStoreException, NoSuchAlgorithmException,
  89                 UnrecoverableKeyException {
  90             if (ks == null) {
  91                 keyManager = new X509KeyManagerImpl(
  92                         Collections.<Builder>emptyList());
  93             } else {
  94                 if (SunJSSE.isFIPS() &&
  95                         (ks.getProvider() != SunJSSE.cryptoProvider)) {
  96                     throw new KeyStoreException(
  97                         "FIPS mode: KeyStore must be " +
  98                         "from provider " + SunJSSE.cryptoProvider.getName());
  99                 }
 100                 try {
 101                     Builder builder = Builder.newInstance(ks,
 102                         new PasswordProtection(password));
 103                     keyManager = new X509KeyManagerImpl(builder);
 104                 } catch (RuntimeException e) {
 105                     throw new KeyStoreException("initialization failed", e);
 106                 }
 107             }
 108             isInitialized = true;
 109         }
 110 
 111         @Override
 112         protected void engineInit(ManagerFactoryParameters params) throws
 113                 InvalidAlgorithmParameterException {
 114             if (params instanceof KeyStoreBuilderParameters == false) {
 115                 throw new InvalidAlgorithmParameterException(
 116                 "Parameters must be instance of KeyStoreBuilderParameters");
 117             }
 118             if (SunJSSE.isFIPS()) {
 119                 // XXX should be fixed
 120                 throw new InvalidAlgorithmParameterException
 121                     ("FIPS mode: KeyStoreBuilderParameters not supported");
 122             }
 123             List<Builder> builders =
 124                 ((KeyStoreBuilderParameters)params).getParameters();
 125             keyManager = new X509KeyManagerImpl(builders);
 126             isInitialized = true;
 127         }
 128 
 129     }
 130 
 131 }