All Downloads are FREE. Search and download functionalities are using the official Maven repository.

java.security.Security Maven / Gradle / Ivy

There is a newer version: 1.2.9
Show newest version
/*
 *  Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  See the NOTICE file distributed with
 *  this work for additional information regarding copyright ownership.
 *  The ASF licenses this file to You under the Apache License, Version 2.0
 *  (the "License"); you may not use this file except in compliance with
 *  the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

package java.security;

import java.io.BufferedInputStream;
import java.io.InputStream;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Properties;
import java.util.Set;
import org.apache.harmony.security.fortress.Engine;
import org.apache.harmony.security.fortress.SecurityAccess;
import org.apache.harmony.security.fortress.Services;

/**
 * {@code Security} is the central class in the Java Security API. It manages
 * the list of security {@code Provider} that have been installed into this
 * runtime environment.
 */
public final class Security {

    // Security properties
    private static final Properties secprops = new Properties();

    // static initialization
    // - load security properties files
    // - load statically registered providers
    // - if no provider description file found then load default providers
    static {
        boolean loaded = false;
        try {
            InputStream configStream = Security.class.getResourceAsStream("security.properties");
            InputStream input = new BufferedInputStream(configStream);
            secprops.load(input);
            loaded = true;
            configStream.close();
        } catch (Exception ex) {
            System.logE("Could not load 'security.properties'", ex);
        }
        if (!loaded) {
            registerDefaultProviders();
        }
        Engine.door = new SecurityDoor();
    }

    /**
     * This class can't be instantiated.
     */
    private Security() {
    }

    // Register default providers
    private static void registerDefaultProviders() {
        secprops.put("security.provider.1", "com.bugvm.conscrypt.OpenSSLProvider");
        secprops.put("security.provider.2", "org.apache.harmony.security.provider.cert.DRLCertFactory");
        secprops.put("security.provider.3", "com.bugvm.bouncycastle.jce.provider.BouncyCastleProvider");
        secprops.put("security.provider.4", "org.apache.harmony.security.provider.crypto.CryptoProvider");
        secprops.put("security.provider.5", "com.bugvm.conscrypt.JSSEProvider");
    }

    /**
     * Returns value for the specified algorithm with the specified name.
     *
     * @param algName
     *            the name of the algorithm.
     * @param propName
     *            the name of the property.
     * @return value of the property.
     * @deprecated Use {@link AlgorithmParameters} and {@link KeyFactory} instead.
     */
    @Deprecated
    public static String getAlgorithmProperty(String algName, String propName) {
        if (algName == null || propName == null) {
            return null;
        }
        String prop = "Alg." + propName + "." + algName;
        Provider[] providers = getProviders();
        for (Provider provider : providers) {
            for (Enumeration e = provider.propertyNames(); e.hasMoreElements(); ) {
                String propertyName = (String) e.nextElement();
                if (propertyName.equalsIgnoreCase(prop)) {
                    return provider.getProperty(propertyName);
                }
            }
        }
        return null;
    }

    /**
     * Insert the given {@code Provider} at the specified {@code position}. The
     * positions define the preference order in which providers are searched for
     * requested algorithms.
     *
     * @param provider
     *            the provider to insert.
     * @param position
     *            the position (starting from 1).
     * @return the actual position or {@code -1} if the given {@code provider}
     *         was already in the list. The actual position may be different
     *         from the desired position.
     */
    public static synchronized int insertProviderAt(Provider provider, int position) {
        // check that provider is not already
        // installed, else return -1; if (position <1) or (position > max
        // position) position = max position + 1; insert provider, shift up
        // one position for next providers; Note: The position is 1-based
        if (getProvider(provider.getName()) != null) {
            return -1;
        }
        int result = Services.insertProviderAt(provider, position);
        renumProviders();
        return result;
    }

    /**
     * Adds the given {@code provider} to the collection of providers at the
     * next available position.
     *
     * @param provider
     *            the provider to be added.
     * @return the actual position or {@code -1} if the given {@code provider}
     *         was already in the list.
     */
    public static int addProvider(Provider provider) {
        return insertProviderAt(provider, 0);
    }

    /**
     * Removes the {@code Provider} with the specified name form the collection
     * of providers. If the the {@code Provider} with the specified name is
     * removed, all provider at a greater position are shifted down one
     * position.
     *
     * 

Returns silently if {@code name} is {@code null} or no provider with the * specified name is installed. * * @param name * the name of the provider to remove. */ public static synchronized void removeProvider(String name) { // It is not clear from spec.: // 1. if name is null, should we checkSecurityAccess or not? // throw SecurityException or not? // 2. as 1 but provider is not installed // 3. behavior if name is empty string? Provider p; if ((name == null) || (name.length() == 0)) { return; } p = getProvider(name); if (p == null) { return; } Services.removeProvider(p.getProviderNumber()); renumProviders(); p.setProviderNumber(-1); } /** * Returns an array containing all installed providers. The providers are * ordered according their preference order. * * @return an array containing all installed providers. */ public static synchronized Provider[] getProviders() { return Services.getProviders(); } /** * Returns the {@code Provider} with the specified name. Returns {@code * null} if name is {@code null} or no provider with the specified name is * installed. * * @param name * the name of the requested provider. * @return the provider with the specified name, maybe {@code null}. */ public static synchronized Provider getProvider(String name) { return Services.getProvider(name); } /** * Returns the array of providers which meet the user supplied string * filter. The specified filter must be supplied in one of two formats: * *

  • CRYPTO_SERVICE_NAME.ALGORITHM_OR_TYPE *

    * (for example: "MessageDigest.SHA") *

  • CRYPTO_SERVICE_NAME.ALGORITHM_OR_TYPE * ATTR_NAME:ATTR_VALUE *

    * (for example: "Signature.MD2withRSA KeySize:512") * * * @param filter * case-insensitive filter. * @return the providers which meet the user supplied string filter {@code * filter}. A {@code null} value signifies that none of the * installed providers meets the filter specification. * @throws InvalidParameterException * if an unusable filter is supplied. * @throws NullPointerException * if {@code filter} is {@code null}. */ public static Provider[] getProviders(String filter) { if (filter == null) { throw new NullPointerException("filter == null"); } if (filter.length() == 0) { throw new InvalidParameterException(); } HashMap hm = new HashMap(); int i = filter.indexOf(':'); if ((i == filter.length() - 1) || (i == 0)) { throw new InvalidParameterException(); } if (i < 1) { hm.put(filter, ""); } else { hm.put(filter.substring(0, i), filter.substring(i + 1)); } return getProviders(hm); } /** * Returns the array of providers which meet the user supplied set of * filters. The filter must be supplied in one of two formats: * *

  • CRYPTO_SERVICE_NAME.ALGORITHM_OR_TYPE *

    * for example: "MessageDigest.SHA" The value associated with the key must * be an empty string.

  • CRYPTO_SERVICE_NAME.ALGORITHM_OR_TYPE * ATTR_NAME:ATTR_VALUE *

    * for example: "Signature.MD2withRSA KeySize:512" where "KeySize:512" is * the value of the filter map entry. * * * @param filter * case-insensitive filter. * @return the providers which meet the user supplied string filter {@code * filter}. A {@code null} value signifies that none of the * installed providers meets the filter specification. * @throws InvalidParameterException * if an unusable filter is supplied. * @throws NullPointerException * if {@code filter} is {@code null}. */ public static synchronized Provider[] getProviders(Map filter) { if (filter == null) { throw new NullPointerException("filter == null"); } if (filter.isEmpty()) { return null; } java.util.List result = Services.getProvidersList(); Set> keys = filter.entrySet(); Map.Entry entry; for (Iterator> it = keys.iterator(); it.hasNext();) { entry = it.next(); String key = entry.getKey(); String val = entry.getValue(); String attribute = null; int i = key.indexOf(' '); int j = key.indexOf('.'); if (j == -1) { throw new InvalidParameterException(); } if (i == -1) { // . if (val.length() != 0) { throw new InvalidParameterException(); } } else { // . if (val.length() == 0) { throw new InvalidParameterException(); } attribute = key.substring(i + 1); if (attribute.trim().length() == 0) { throw new InvalidParameterException(); } key = key.substring(0, i); } String serv = key.substring(0, j); String alg = key.substring(j + 1); if (serv.length() == 0 || alg.length() == 0) { throw new InvalidParameterException(); } Provider p; for (int k = 0; k < result.size(); k++) { try { p = result.get(k); } catch (IndexOutOfBoundsException e) { break; } if (!p.implementsAlg(serv, alg, attribute, val)) { result.remove(p); k--; } } } if (result.size() > 0) { return result.toArray(new Provider[result.size()]); } return null; } /** * Returns the value of the security property named by the argument. * * @param key * the name of the requested security property. * @return the value of the security property. */ public static String getProperty(String key) { if (key == null) { throw new NullPointerException("key == null"); } String property = secprops.getProperty(key); if (property != null) { property = property.trim(); } return property; } /** * Sets the value of the specified security property. */ public static void setProperty(String key, String value) { secprops.put(key, value); } /** * Returns a {@code Set} of all registered algorithms for the specified * cryptographic service. {@code "Signature"}, {@code "Cipher"} and {@code * "KeyStore"} are examples for such kind of services. * * @param serviceName * the case-insensitive name of the service. * @return a {@code Set} of all registered algorithms for the specified * cryptographic service, or an empty {@code Set} if {@code * serviceName} is {@code null} or if no registered provider * provides the requested service. */ public static Set getAlgorithms(String serviceName) { Set result = new HashSet(); // compatibility with RI if (serviceName == null) { return result; } for (Provider provider : getProviders()) { for (Provider.Service service: provider.getServices()) { if (service.getType().equalsIgnoreCase(serviceName)) { result.add(service.getAlgorithm()); } } } return result; } /** * * Update sequence numbers of all providers. * */ private static void renumProviders() { Provider[] p = Services.getProviders(); for (int i = 0; i < p.length; i++) { p[i].setProviderNumber(i + 1); } } private static class SecurityDoor implements SecurityAccess { // Access to Security.renumProviders() public void renumProviders() { Security.renumProviders(); } // Access to Security.getAliases() public List getAliases(Provider.Service s) { return s.getAliases(); } // Access to Provider.getService() public Provider.Service getService(Provider p, String type) { return p.getService(type); } } }





  • © 2015 - 2024 Weber Informatics LLC | Privacy Policy