1 /*
2 * Copyright (c) 2005, 2016, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
28 import java.io.ByteArrayInputStream;
29 import java.io.IOException;
30 import java.io.InputStream;
31 import java.io.OutputStream;
32 import java.security.AccessController;
33 import java.security.InvalidKeyException;
34 import java.security.KeyStoreSpi;
35 import java.security.KeyStoreException;
36 import java.security.UnrecoverableKeyException;
37 import java.security.NoSuchAlgorithmException;
38 import java.security.SecurityPermission;
39 import java.security.cert.X509Certificate;
40 import java.security.cert.Certificate;
41 import java.security.cert.CertificateException;
42 import java.security.cert.CertificateFactory;
43 import java.security.interfaces.RSAPrivateCrtKey;
44 import java.util.*;
45
46 import sun.security.action.GetPropertyAction;
47
48 /**
49 * Implementation of key store for Windows using the Microsoft Crypto API.
50 *
51 * @since 1.6
52 */
53 abstract class KeyStore extends KeyStoreSpi {
54
55 public static final class MY extends KeyStore {
56 public MY() {
57 super("MY");
58 }
59 }
60
61 public static final class ROOT extends KeyStore {
62 public ROOT() {
63 super("ROOT");
64 }
65 }
66
67 class KeyEntry
169 }
170 certChain = chain;
171 }
172 }
173
174 /*
175 * An X.509 certificate factory.
176 * Used to create an X.509 certificate from its DER-encoding.
177 */
178 private CertificateFactory certificateFactory = null;
179
180 /*
181 * Compatibility mode: for applications that assume keystores are
182 * stream-based this mode tolerates (but ignores) a non-null stream
183 * or password parameter when passed to the load or store methods.
184 * The mode is enabled by default.
185 */
186 private static final String KEYSTORE_COMPATIBILITY_MODE_PROP =
187 "sun.security.mscapi.keyStoreCompatibilityMode";
188 private final boolean keyStoreCompatibilityMode;
189
190 /*
191 * The keystore entries.
192 * Keys in the map are unique aliases (thus can differ from
193 * KeyEntry.getAlias())
194 */
195 private Map<String,KeyEntry> entries = new HashMap<>();
196
197 /*
198 * The keystore name.
199 * Case is not significant.
200 */
201 private final String storeName;
202
203 KeyStore(String storeName) {
204 // Get the compatibility mode
205 String prop =
206 AccessController.doPrivileged(
207 new GetPropertyAction(KEYSTORE_COMPATIBILITY_MODE_PROP));
208
710
711 /*
712 * Use the same security check as AuthProvider.login
713 */
714 SecurityManager sm = System.getSecurityManager();
715 if (sm != null) {
716 sm.checkPermission(new SecurityPermission(
717 "authProvider.SunMSCAPI"));
718 }
719
720 // Clear all key entries
721 entries.clear();
722
723 try {
724
725 // Load keys and/or certificate chains
726 loadKeysOrCertificateChains(getName());
727
728 } catch (KeyStoreException e) {
729 throw new IOException(e);
730 }
731 }
732
733 /**
734 * Stores the given entry into the map, making sure
735 * the alias, used as the key is unique.
736 * If the same alias already exists, it tries to append
737 * a suffix (1), (2), etc to it until it finds a unique
738 * value.
739 */
740 private void storeWithUniqueAlias(String alias, KeyEntry entry) {
741 String uniqAlias = alias;
742 int uniqNum = 1;
743
744 while (true) {
745 if (entries.putIfAbsent(uniqAlias, entry) == null) {
746 break;
747 }
748 uniqAlias = alias + " (" + (uniqNum++) + ")";
749 }
|
1 /*
2 * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
28 import java.io.ByteArrayInputStream;
29 import java.io.IOException;
30 import java.io.InputStream;
31 import java.io.OutputStream;
32 import java.security.AccessController;
33 import java.security.InvalidKeyException;
34 import java.security.KeyStoreSpi;
35 import java.security.KeyStoreException;
36 import java.security.UnrecoverableKeyException;
37 import java.security.NoSuchAlgorithmException;
38 import java.security.SecurityPermission;
39 import java.security.cert.X509Certificate;
40 import java.security.cert.Certificate;
41 import java.security.cert.CertificateException;
42 import java.security.cert.CertificateFactory;
43 import java.security.interfaces.RSAPrivateCrtKey;
44 import java.util.*;
45
46 import sun.security.action.GetPropertyAction;
47
48 import sun.security.util.Debug;
49
50 /**
51 * Implementation of key store for Windows using the Microsoft Crypto API.
52 *
53 * @since 1.6
54 */
55 abstract class KeyStore extends KeyStoreSpi {
56
57 public static final class MY extends KeyStore {
58 public MY() {
59 super("MY");
60 }
61 }
62
63 public static final class ROOT extends KeyStore {
64 public ROOT() {
65 super("ROOT");
66 }
67 }
68
69 class KeyEntry
171 }
172 certChain = chain;
173 }
174 }
175
176 /*
177 * An X.509 certificate factory.
178 * Used to create an X.509 certificate from its DER-encoding.
179 */
180 private CertificateFactory certificateFactory = null;
181
182 /*
183 * Compatibility mode: for applications that assume keystores are
184 * stream-based this mode tolerates (but ignores) a non-null stream
185 * or password parameter when passed to the load or store methods.
186 * The mode is enabled by default.
187 */
188 private static final String KEYSTORE_COMPATIBILITY_MODE_PROP =
189 "sun.security.mscapi.keyStoreCompatibilityMode";
190 private final boolean keyStoreCompatibilityMode;
191 private static final Debug debug = Debug.getInstance("keystore");
192
193 /*
194 * The keystore entries.
195 * Keys in the map are unique aliases (thus can differ from
196 * KeyEntry.getAlias())
197 */
198 private Map<String,KeyEntry> entries = new HashMap<>();
199
200 /*
201 * The keystore name.
202 * Case is not significant.
203 */
204 private final String storeName;
205
206 KeyStore(String storeName) {
207 // Get the compatibility mode
208 String prop =
209 AccessController.doPrivileged(
210 new GetPropertyAction(KEYSTORE_COMPATIBILITY_MODE_PROP));
211
713
714 /*
715 * Use the same security check as AuthProvider.login
716 */
717 SecurityManager sm = System.getSecurityManager();
718 if (sm != null) {
719 sm.checkPermission(new SecurityPermission(
720 "authProvider.SunMSCAPI"));
721 }
722
723 // Clear all key entries
724 entries.clear();
725
726 try {
727
728 // Load keys and/or certificate chains
729 loadKeysOrCertificateChains(getName());
730
731 } catch (KeyStoreException e) {
732 throw new IOException(e);
733 }
734
735 if (debug != null) {
736 debug.println("MSCAPI keystore load: entry count: " +
737 entries.size());
738 }
739 }
740
741 /**
742 * Stores the given entry into the map, making sure
743 * the alias, used as the key is unique.
744 * If the same alias already exists, it tries to append
745 * a suffix (1), (2), etc to it until it finds a unique
746 * value.
747 */
748 private void storeWithUniqueAlias(String alias, KeyEntry entry) {
749 String uniqAlias = alias;
750 int uniqNum = 1;
751
752 while (true) {
753 if (entries.putIfAbsent(uniqAlias, entry) == null) {
754 break;
755 }
756 uniqAlias = alias + " (" + (uniqNum++) + ")";
757 }
|