// Forms new instance of factory
@DSSafe(DSCat.SAFE_LIST)
@DSGenerator(
tool_name = "Doppelganger",
tool_version = "2.0",
generated_on = "2014-09-03 15:00:08.675 -0400",
hash_original_method = "A22E26D7D508455A024AA2A1D979B72B",
hash_generated_method = "95A1D0DF36A51AD50595EF2DE46F3F97")
private static Object newInstance(String factoryName, Provider prv) throws SaslException {
String msg = "auth.31"; // $NON-NLS-1$
Object factory;
ClassLoader cl = prv.getClass().getClassLoader();
if (cl == null) {
cl = ClassLoader.getSystemClassLoader();
}
try {
factory = (Class.forName(factoryName, true, cl)).newInstance();
return factory;
} catch (IllegalAccessException e) {
throw new SaslException(msg + factoryName, e);
} catch (ClassNotFoundException e) {
throw new SaslException(msg + factoryName, e);
} catch (InstantiationException e) {
throw new SaslException(msg + factoryName, e);
}
}
/*
* Verify that the provider JAR files are signed properly, which
* means the signer's certificate can be traced back to a
* JCE trusted CA.
* Return null if ok, failure Exception if verification failed.
*/
static synchronized Exception getVerificationResult(Provider p) {
Object o = verificationResults.get(p);
if (o == PROVIDER_VERIFIED) {
return null;
} else if (o != null) {
return (Exception) o;
}
if (verifyingProviders.get(p) != null) {
// this method is static synchronized, must be recursion
// return failure now but do not save the result
return new NoSuchProviderException("Recursion during verification");
}
try {
verifyingProviders.put(p, Boolean.FALSE);
URL providerURL = getCodeBase(p.getClass());
verifyProviderJar(providerURL);
// Verified ok, cache result
verificationResults.put(p, PROVIDER_VERIFIED);
return null;
} catch (Exception e) {
verificationResults.put(p, e);
return e;
} finally {
verifyingProviders.remove(p);
}
}
public static void main(String[] args) throws Exception {
Provider p = new com.sun.exp.provider.EXP();
Security.insertProviderAt(p, 1);
Object[] signers = p.getClass().getSigners();
if (signers == null || signers.length <= 0) {
throw new SecurityException("Test Failed");
} else {
for (int i = 0; i < signers.length; i++) {
System.out.println("signer [" + i + "] = " + signers[i]);
}
}
MessageDigest md = MessageDigest.getInstance("SHA1");
System.out.println("test passed");
}
private static void checkProviderInfoEntries(Provider p) throws Exception {
String value = (String) p.get("Provider.id name");
if (!SampleProvider.NAME.equalsIgnoreCase(value) || !p.getName().equalsIgnoreCase(value)) {
throw new Exception("Test Failed: incorrect name!");
}
value = (String) p.get("Provider.id info");
if (!SampleProvider.INFO.equalsIgnoreCase(value) || !p.getInfo().equalsIgnoreCase(value)) {
throw new Exception("Test Failed: incorrect info!");
}
value = (String) p.get("Provider.id className");
if (!p.getClass().getName().equalsIgnoreCase(value)) {
throw new Exception("Test Failed: incorrect className!");
}
double dvalue = Double.parseDouble((String) p.get("Provider.id version"));
if ((SampleProvider.VERSION != dvalue) || p.getVersion() != dvalue) {
throw new Exception("Test Failed: incorrect version!");
}
System.out.println("Test Passed");
}
private static Object findImplEngine(final String baseName, String algorithm) {
final Provider bcProvider = securityProvider;
String alias;
while ((alias = bcProvider.getProperty("Alg.Alias." + baseName + "." + algorithm)) != null) {
algorithm = alias;
}
final String className = bcProvider.getProperty(baseName + "." + algorithm);
if (className != null) {
try {
Class klass;
ClassLoader loader = bcProvider.getClass().getClassLoader();
if (loader != null) {
klass = loader.loadClass(className);
} else {
klass = Class.forName(className);
}
return klass.newInstance();
} catch (ClassNotFoundException e) {
throw new IllegalStateException(
"algorithm "
+ algorithm
+ " in provider "
+ bcProvider.getName()
+ " but no class \""
+ className
+ "\" found!");
} catch (Exception e) {
throw new IllegalStateException(
"algorithm "
+ algorithm
+ " in provider "
+ bcProvider.getName()
+ " but class \""
+ className
+ "\" inaccessible!");
}
}
return null;
}
/**
* Makes sure all all expected implementations (but not aliases) and that there are no extras,
* according to what we expect from StandardNames
*/
public void test_Provider_getServices() throws Exception {
// build set of expected algorithms
Map<String, Set<String>> remaining =
new HashMap<String, Set<String>>(StandardNames.PROVIDER_ALGORITHMS);
for (Entry<String, Set<String>> entry : remaining.entrySet()) {
entry.setValue(new HashSet<String>(entry.getValue()));
}
List<String> extra = new ArrayList();
List<String> missing = new ArrayList();
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
String providerName = provider.getName();
// ignore BouncyCastle provider if it is installed on the RI
if (StandardNames.IS_RI && providerName.equals("BC")) {
continue;
}
Set<Provider.Service> services = provider.getServices();
assertNotNull(services);
assertFalse(services.isEmpty());
for (Provider.Service service : services) {
String type = service.getType();
String algorithm = service.getAlgorithm().toUpperCase();
String className = service.getClassName();
if (false) {
System.out.println(providerName + " " + type + " " + algorithm + " " + className);
}
// remove from remaining, assert unknown if missing
Set<String> algorithms = remaining.get(type);
if (algorithms == null || !algorithms.remove(algorithm)) {
// seems to be missing, but sometimes the same
// algorithm is available from multiple providers
// (e.g. KeyFactory RSA is available from
// SunRsaSign and SunJSSE), so double check in
// original source before giving error
if (!(StandardNames.PROVIDER_ALGORITHMS.containsKey(type)
&& StandardNames.PROVIDER_ALGORITHMS.get(type).contains(algorithm))) {
extra.add("Unknown " + type + " " + algorithm + " " + providerName + "\n");
}
}
if (algorithms != null && algorithms.isEmpty()) {
remaining.remove(type);
}
// make sure class exists and can be initialized
try {
assertNotNull(Class.forName(className, true, provider.getClass().getClassLoader()));
} catch (ClassNotFoundException e) {
// Sun forgot their own class
if (!className.equals("sun.security.pkcs11.P11MAC")) {
missing.add(className);
}
}
}
}
// assert that we don't have any extra in the implementation
Collections.sort(extra); // sort so that its grouped by type
assertEquals("Extra algorithms", Collections.EMPTY_LIST, extra);
// assert that we don't have any missing in the implementation
assertEquals("Missing algorithms", Collections.EMPTY_MAP, remaining);
// assert that we don't have any missing classes
Collections.sort(missing); // sort it for readability
assertEquals("Missing classes", Collections.EMPTY_LIST, missing);
}
/**
* Makes sure all provider properties either point to a class implementation that exists or are
* aliases to known algorithms.
*/
public void test_Provider_Properties() throws Exception {
/*
* A useful reference on Provider properties
* <a href="http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/HowToImplAProvider.html>
* How to Implement a Provider in the Java ™ Cryptography Architecture
* </a>
*/
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
// check Provider.id proprieties
assertEquals(provider.getName(), provider.get("Provider.id name"));
assertEquals(String.valueOf(provider.getVersion()), provider.get("Provider.id version"));
assertEquals(provider.getInfo(), provider.get("Provider.id info"));
assertEquals(provider.getClass().getName(), provider.get("Provider.id className"));
// build map of all known aliases and implementations
Map<String, String> aliases = new HashMap<String, String>();
Map<String, String> implementations = new HashMap<String, String>();
for (Entry<Object, Object> entry : provider.entrySet()) {
Object k = entry.getKey();
Object v = entry.getValue();
assertEquals(String.class, k.getClass());
assertEquals(String.class, v.getClass());
String key = (String) k;
String value = (String) v;
// skip Provider.id keys, we check well known ones values above
if (key.startsWith("Provider.id ")) {
continue;
}
// skip property settings such as: "Signature.SHA1withDSA ImplementedIn" "Software"
if (key.indexOf(' ') != -1) {
continue;
}
Matcher m = alias.matcher(key);
if (m.find()) {
String type = m.group(1);
aliases.put(key, type + "." + value);
} else {
implementations.put(key, value);
}
}
// verify implementation classes are available
for (Entry<String, String> entry : implementations.entrySet()) {
String typeAndAlgorithm = entry.getKey();
String className = entry.getValue();
try {
assertNotNull(Class.forName(className, true, provider.getClass().getClassLoader()));
} catch (ClassNotFoundException e) {
// Sun forgot their own class
if (!className.equals("sun.security.pkcs11.P11MAC")) {
fail("Could not find class " + className + " for " + typeAndAlgorithm);
}
}
}
// make sure all aliases point to some known implementation
for (Entry<String, String> entry : aliases.entrySet()) {
String alias = entry.getKey();
String actual = entry.getValue();
assertTrue(
"Could not find implementation " + actual + " for alias " + alias,
implementations.containsKey(actual));
}
}
}
public static void main(String[] args) throws Exception {
// Dynamically register the SunMSCAPI provider
Security.addProvider(new sun.security.mscapi.SunMSCAPI());
Provider p = Security.getProvider("SunMSCAPI");
System.out.println("SunMSCAPI provider classname is " + p.getClass().getName());
System.out.println("SunMSCAPI provider name is " + p.getName());
System.out.println("SunMSCAPI provider version # is " + p.getVersion());
System.out.println("SunMSCAPI provider info is " + p.getInfo());
/*
* Secure Random
*/
SecureRandom random = SecureRandom.getInstance("Windows-PRNG", p);
System.out.println(" Windows-PRNG is implemented by: " + random.getClass().getName());
/*
* Key Store
*/
KeyStore keystore = KeyStore.getInstance("Windows-MY", p);
System.out.println(" Windows-MY is implemented by: " + keystore.getClass().getName());
keystore = KeyStore.getInstance("Windows-ROOT", p);
System.out.println(" Windows-ROOT is implemented by: " + keystore.getClass().getName());
/*
* Signature
*/
Signature signature = Signature.getInstance("SHA1withRSA", p);
System.out.println(" SHA1withRSA is implemented by: " + signature.getClass().getName());
signature = Signature.getInstance("MD5withRSA", p);
System.out.println(" MD5withRSA is implemented by: " + signature.getClass().getName());
signature = Signature.getInstance("MD2withRSA", p);
System.out.println(" MD2withRSA is implemented by: " + signature.getClass().getName());
/*
* Key Pair Generator
*/
KeyPairGenerator keypairGenerator = KeyPairGenerator.getInstance("RSA", p);
System.out.println(" RSA is implemented by: " + keypairGenerator.getClass().getName());
/*
* Cipher
*/
Cipher cipher = null;
try {
cipher = Cipher.getInstance("RSA", p);
System.out.println(" RSA is implemented by: " + cipher.getClass().getName());
cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", p);
System.out.println(
" RSA/ECB/PKCS1Padding is implemented by: " + cipher.getClass().getName());
} catch (GeneralSecurityException e) {
System.out.println("Cipher not supported by provider, skipping...");
}
}
/**
* Replacement for JCA/JCE's {@link javax.crypto.Cipher#getInstance}. The original method only
* accepts JCE providers from signed jars, which prevents us from bundling our cryptography
* provider Bouncy Caster with the application.
*
* @param transformation the transformation to find an implementation for
*/
public static Cipher getCipher(final String transformation) {
try {
/* Split the transformation into algorithm, mode and padding */
final Matcher transformation_matcher =
s_transformation_pattern.matcher(transformation.toUpperCase());
if (!transformation_matcher.matches())
throw new RuntimeException("Transformation " + transformation + " is invalid");
final String algorithm = transformation_matcher.group(1);
final String mode = transformation_matcher.group(3);
final String padding = transformation_matcher.group(4);
final boolean isBareAlgorithm = (mode == null) && (padding == null);
/* Build the property values we need to search for. */
final String algorithmModePadding =
!isBareAlgorithm ? algorithm + "/" + mode + "/" + padding : null;
final String algorithmMode = !isBareAlgorithm ? algorithm + "/" + mode : null;
final String algorithmPadding = !isBareAlgorithm ? algorithm + "//" + padding : null;
/* Search the provider for implementations. We ask for more specific (i.e matching
* the requested mode and or padding) implementation first, then fall back to more
* generals ones which we then must configure for the mode and padding.
*/
final CipherSpi cipherSpi;
if (!isBareAlgorithm && (resolveProperty(Provider, "Cipher", algorithmModePadding) != null)) {
@SuppressWarnings("unchecked")
final Class<? extends CipherSpi> cipherSpiClass =
(Class<? extends CipherSpi>)
Class.forName(resolveProperty(Provider, "Cipher", algorithmModePadding));
cipherSpi = cipherSpiClass.newInstance();
} else if (!isBareAlgorithm && (resolveProperty(Provider, "Cipher", algorithmMode) != null)) {
@SuppressWarnings("unchecked")
final Class<? extends CipherSpi> cipherSpiClass =
(Class<? extends CipherSpi>)
Class.forName(resolveProperty(Provider, "Cipher", algorithmMode));
cipherSpi = cipherSpiClass.newInstance();
if (!isBareAlgorithm) cipherSpiSetPadding(cipherSpi, padding);
} else if (!isBareAlgorithm
&& (resolveProperty(Provider, "Cipher", algorithmPadding) != null)) {
@SuppressWarnings("unchecked")
final Class<? extends CipherSpi> cipherSpiClass =
(Class<? extends CipherSpi>)
Class.forName(resolveProperty(Provider, "Cipher", algorithmPadding));
cipherSpi = cipherSpiClass.newInstance();
if (!isBareAlgorithm) cipherSpiSetMode(cipherSpi, mode);
} else if (resolveProperty(Provider, "Cipher", algorithm) != null) {
@SuppressWarnings("unchecked")
final Class<? extends CipherSpi> cipherSpiClass =
(Class<? extends CipherSpi>)
Class.forName(resolveProperty(Provider, "Cipher", algorithm));
cipherSpi = cipherSpiClass.newInstance();
if (!isBareAlgorithm) {
cipherSpiSetMode(cipherSpi, mode);
cipherSpiSetPadding(cipherSpi, padding);
}
} else {
throw new RuntimeException(
"Provider "
+ Provider.getName()
+ " ("
+ Provider.getClass()
+ ") does not implement "
+ transformation);
}
/* Create a {@link javax.crypto.Cipher} instance from the {@link javax.crypto.CipherSpi} the provider gave us */
s_logger.info("Using SPI " + cipherSpi.getClass() + " for " + transformation);
return getCipher(cipherSpi, transformation.toUpperCase());
} catch (final RuntimeException e) {
throw e;
} catch (final Error e) {
throw e;
} catch (final Throwable e) {
throw new RuntimeException(
"Provider "
+ Provider.getName()
+ " ("
+ Provider.getClass()
+ ") failed to instanciate "
+ transformation,
e);
}
}
ProviderConfig(Provider provider) {
this.className = provider.getClass().getName();
this.argument = "";
this.provider = provider;
}
