/**
* Returns a KeyPairGenerator object that generates public/private key pairs for the specified
* algorithm.
*
* <p>This method traverses the list of registered security Providers, starting with the most
* preferred Provider. A new KeyPairGenerator object encapsulating the KeyPairGeneratorSpi
* implementation from the first Provider that supports the specified algorithm is returned.
*
* <p>Note that the list of registered providers may be retrieved via the {@link
* Security#getProviders() Security.getProviders()} method.
*
* @param algorithm the standard string name of the algorithm. See Appendix A in the <a href=
* "../../../technotes/guides/security/crypto/CryptoSpec.html#AppA"> Java Cryptography
* Architecture API Specification & Reference </a> for information about standard
* algorithm names.
* @return the new KeyPairGenerator object.
* @exception NoSuchAlgorithmException if no Provider supports a KeyPairGeneratorSpi
* implementation for the specified algorithm.
* @see Provider
*/
public static KeyPairGenerator getInstance(String algorithm) throws NoSuchAlgorithmException {
List<Service> list = GetInstance.getServices("KeyPairGenerator", algorithm);
Iterator<Service> t = list.iterator();
if (t.hasNext() == false) {
throw new NoSuchAlgorithmException(algorithm + " KeyPairGenerator not available");
}
// find a working Spi or KeyPairGenerator subclass
NoSuchAlgorithmException failure = null;
do {
Service s = t.next();
try {
Instance instance = GetInstance.getInstance(s, KeyPairGeneratorSpi.class);
if (instance.impl instanceof KeyPairGenerator) {
return getInstance(instance, algorithm);
} else {
return new Delegate(instance, t, algorithm);
}
} catch (NoSuchAlgorithmException e) {
if (failure == null) {
failure = e;
}
}
} while (t.hasNext());
throw failure;
}
/**
* Update the active spi of this class and return the next implementation for failover. If no
* more implemenations are available, this method returns null. However, the active spi of this
* class is never set to null.
*/
private KeyPairGeneratorSpi nextSpi(KeyPairGeneratorSpi oldSpi, boolean reinit) {
synchronized (lock) {
// somebody else did a failover concurrently
// try that spi now
if ((oldSpi != null) && (oldSpi != spi)) {
return spi;
}
if (serviceIterator == null) {
return null;
}
while (serviceIterator.hasNext()) {
Service s = serviceIterator.next();
try {
Object inst = s.newInstance(null);
// ignore non-spis
if (inst instanceof KeyPairGeneratorSpi == false) {
continue;
}
if (inst instanceof KeyPairGenerator) {
continue;
}
KeyPairGeneratorSpi spi = (KeyPairGeneratorSpi) inst;
if (reinit) {
if (initType == I_SIZE) {
spi.initialize(initKeySize, initRandom);
} else if (initType == I_PARAMS) {
spi.initialize(initParams, initRandom);
} else if (initType != I_NONE) {
throw new AssertionError("KeyPairGenerator initType: " + initType);
}
}
provider = s.getProvider();
this.spi = spi;
return spi;
} catch (Exception e) {
// ignore
}
}
disableFailover();
return null;
}
}
/**
* Returns an array containing all installed providers that satisfy the specified* selection
* criteria, or null if no such providers have been installed. The returned providers are ordered
* according to their <a href= "#insertProviderAt(java.security.Provider, int)">preference
* order</a>.
*
* <p>The selection criteria are represented by a map. Each map entry represents a selection
* criterion. A provider is selected iff it satisfies all selection criteria. The key for any
* entry in such a map must be in one of the following two formats:
*
* <ul>
* <li><i><crypto_service>.<algorithm_or_type></i>
* <p>The cryptographic service name must not contain any dots.
* <p>The value associated with the key must be an empty string.
* <p>A provider satisfies this selection criterion iff the provider implements the
* specified algorithm or type for the specified cryptographic service.
* <li><i><crypto_service>.<algorithm_or_type> <attribute_name></i>
* <p>The cryptographic service name must not contain any dots. There must be one or more
* space charaters between the <i><algorithm_or_type></i> and the
* <i><attribute_name></i>.
* <p>The value associated with the key must be a non-empty string. A provider satisfies
* this selection criterion iff the provider implements the specified algorithm or type for
* the specified cryptographic service and its implementation meets the constraint expressed
* by the specified attribute name/value pair.
* </ul>
*
* <p>See Appendix A in the <a href= "../../../guide/security/CryptoSpec.html#AppA"> Java
* Cryptogaphy Architecture API Specification & Reference </a> for information about standard
* cryptographic service names, standard algorithm names and standard attribute names.
*
* @param filter the criteria for selecting providers. The filter is case-insensitive.
* @return all the installed providers that satisfy the selection criteria, or null if no such
* providers have been installed.
* @throws InvalidParameterException if the filter is not in the required format
* @throws NullPointerException if filter is null
* @see #getProviders(java.lang.String)
*/
public static Provider[] getProviders(Map<String, String> filter) {
// Get all installed providers first.
// Then only return those providers who satisfy the selection criteria.
Provider[] allProviders = Security.getProviders();
Set keySet = filter.keySet();
LinkedHashSet candidates = new LinkedHashSet(5);
// Returns all installed providers
// if the selection criteria is null.
if ((keySet == null) || (allProviders == null)) {
return allProviders;
}
boolean firstSearch = true;
// For each selection criterion, remove providers
// which don't satisfy the criterion from the candidate set.
for (Iterator ite = keySet.iterator(); ite.hasNext(); ) {
String key = (String) ite.next();
String value = (String) filter.get(key);
LinkedHashSet newCandidates = getAllQualifyingCandidates(key, value, allProviders);
if (firstSearch) {
candidates = newCandidates;
firstSearch = false;
}
if ((newCandidates != null) && !newCandidates.isEmpty()) {
// For each provider in the candidates set, if it
// isn't in the newCandidate set, we should remove
// it from the candidate set.
for (Iterator cansIte = candidates.iterator(); cansIte.hasNext(); ) {
Provider prov = (Provider) cansIte.next();
if (!newCandidates.contains(prov)) {
cansIte.remove();
}
}
} else {
candidates = null;
break;
}
}
if ((candidates == null) || (candidates.isEmpty())) return null;
Object[] candidatesArray = candidates.toArray();
Provider[] result = new Provider[candidatesArray.length];
for (int i = 0; i < result.length; i++) {
result[i] = (Provider) candidatesArray[i];
}
return result;
}
