/** * Looks up providers, and returns the property (and its associated provider) mapping the key, if * any. The order in which the providers are looked up is the provider-preference order, as * specificed in the security properties file. */ private static ProviderProperty getProviderProperty(String key) { ProviderProperty entry = null; List providers = Providers.getProviderList().providers(); for (int i = 0; i < providers.size(); i++) { String matchKey = null; Provider prov = (Provider) providers.get(i); String prop = prov.getProperty(key); if (prop == null) { // Is there a match if we do a case-insensitive property name // comparison? Let's try ... for (Enumeration e = prov.keys(); e.hasMoreElements() && prop == null; ) { matchKey = (String) e.nextElement(); if (key.equalsIgnoreCase(matchKey)) { prop = prov.getProperty(matchKey); break; } } } if (prop != null) { ProviderProperty newEntry = new ProviderProperty(); newEntry.className = prop; newEntry.provider = prov; return newEntry; } } return entry; }
/** * Remove this particular regex/subscriber pair (UNTESTED AND API MAY CHANGE). If regex is null, * all subscriptions for 'sub' are cancelled. If subscriber is null, any previous subscriptions * matching the regular expression will be cancelled. If both 'sub' and 'regex' are null, all * subscriptions will be cancelled. */ public void unsubscribe(String regex, ZCMSubscriber sub) { if (this.closed) throw new IllegalStateException(); synchronized (this) { for (Provider p : providers) p.unsubscribe(regex); } // TODO: providers don't seem to use anything beyond first channel synchronized (subscriptions) { // Find and remove subscriber from list for (Iterator<SubscriptionRecord> it = subscriptions.iterator(); it.hasNext(); ) { SubscriptionRecord sr = it.next(); if ((sub == null || sr.lcsub == sub) && (regex == null || sr.regex.equals(regex))) { it.remove(); } } // Find and remove subscriber from map for (String channel : subscriptionsMap.keySet()) { for (Iterator<SubscriptionRecord> it = subscriptionsMap.get(channel).iterator(); it.hasNext(); ) { SubscriptionRecord sr = it.next(); if ((sub == null || sr.lcsub == sub) && (regex == null || sr.regex.equals(regex))) { it.remove(); } } } } }
private void premain(Provider p) throws Exception { long start = System.currentTimeMillis(); System.out.println("Running test with provider " + p.getName() + "..."); main(p); long stop = System.currentTimeMillis(); System.out.println( "Completed test with provider " + p.getName() + " (" + (stop - start) + " ms)."); }
/** * Call this function to release all resources used by the ZCM instance. After calling this * function, the ZCM instance should consume no resources, and cannot be used to receive or * transmit messages. */ public synchronized void close() { if (this.closed) throw new IllegalStateException(); for (Provider p : providers) { p.close(); } providers = null; this.closed = true; }
/** Returns the property (if any) mapping the key for the given provider. */ private static String getProviderProperty(String key, Provider provider) { String prop = provider.getProperty(key); if (prop == null) { // Is there a match if we do a case-insensitive property name // comparison? Let's try ... for (Enumeration e = provider.keys(); e.hasMoreElements() && prop == null; ) { String matchKey = (String) e.nextElement(); if (key.equalsIgnoreCase(matchKey)) { prop = provider.getProperty(matchKey); break; } } } return prop; }
public static void testDefault(PKCS11Test test) throws Exception { // run test for default configured PKCS11 providers (if any) if ("true".equals(System.getProperty("NO_DEFAULT"))) { return; } Provider[] providers = Security.getProviders(); for (int i = 0; i < providers.length; i++) { Provider p = providers[i]; if (p.getName().startsWith("SunPKCS11-")) { test.premain(p); } } }
/* * Verify that the provider JAR files are signed properly, which * means the signer's certificate can be traced back to a * JCE trusted CA. * Return null if ok, failure Exception if verification failed. */ static synchronized Exception getVerificationResult(Provider p) { Object o = verificationResults.get(p); if (o == PROVIDER_VERIFIED) { return null; } else if (o != null) { return (Exception) o; } if (verifyingProviders.get(p) != null) { // this method is static synchronized, must be recursion // return failure now but do not save the result return new NoSuchProviderException("Recursion during verification"); } try { verifyingProviders.put(p, Boolean.FALSE); URL providerURL = getCodeBase(p.getClass()); verifyProviderJar(providerURL); // Verified ok, cache result verificationResults.put(p, PROVIDER_VERIFIED); return null; } catch (Exception e) { verificationResults.put(p, e); return e; } finally { verifyingProviders.remove(p); } }
static Instance getInstance(String type, Class<?> clazz, String algorithm, Provider provider) throws NoSuchAlgorithmException { Service s = GetInstance.getService(type, algorithm, provider); Exception ve = JceSecurity.getVerificationResult(provider); if (ve != null) { String msg = "JCE cannot authenticate the provider " + provider.getName(); throw new SecurityException(msg, ve); } return GetInstance.getInstance(s, clazz); }
/** * Adds a new provider, at a specified position. The position is the preference order in which * providers are searched for requested algorithms. Note that it is not guaranteed that this * preference will be respected. The position is 1-based, that is, 1 is most preferred, followed * by 2, and so on. * * <p>If the given provider is installed at the requested position, the provider that used to be * at that position, and all providers with a position greater than <code>position</code>, are * shifted up one position (towards the end of the list of installed providers). * * <p>A provider cannot be added if it is already installed. * * <p>First, if there is a security manager, its <code>checkSecurityAccess</code> method is called * with the string <code>"insertProvider."+provider.getName()</code> to see if it's ok to add a * new provider. If the default implementation of <code>checkSecurityAccess</code> is used (i.e., * that method is not overriden), then this will result in a call to the security manager's <code> * checkPermission</code> method with a <code> * SecurityPermission("insertProvider."+provider.getName())</code> permission. * * @param provider the provider to be added. * @param position the preference position that the caller would like for this provider. * @return the actual preference position in which the provider was added, or -1 if the provider * was not added because it is already installed. * @throws NullPointerException if provider is null * @throws SecurityException if a security manager exists and its <code>{@link * java.lang.SecurityManager#checkSecurityAccess}</code> method denies access to add a * new provider * @see #getProvider * @see #removeProvider * @see java.security.SecurityPermission */ public static synchronized int insertProviderAt(Provider provider, int position) { String providerName = provider.getName(); check("insertProvider." + providerName); ProviderList list = Providers.getFullProviderList(); ProviderList newList = ProviderList.insertAt(list, provider, position - 1); if (list == newList) { return -1; } Providers.setProviderList(newList); return newList.getIndex(providerName) + 1; }
private static void checkProviderInfoEntries(Provider p) throws Exception { String value = (String) p.get("Provider.id name"); if (!SampleProvider.NAME.equalsIgnoreCase(value) || !p.getName().equalsIgnoreCase(value)) { throw new Exception("Test Failed: incorrect name!"); } value = (String) p.get("Provider.id info"); if (!SampleProvider.INFO.equalsIgnoreCase(value) || !p.getInfo().equalsIgnoreCase(value)) { throw new Exception("Test Failed: incorrect info!"); } value = (String) p.get("Provider.id className"); if (!p.getClass().getName().equalsIgnoreCase(value)) { throw new Exception("Test Failed: incorrect className!"); } double dvalue = Double.parseDouble((String) p.get("Provider.id version")); if ((SampleProvider.VERSION != dvalue) || p.getVersion() != dvalue) { throw new Exception("Test Failed: incorrect version!"); } System.out.println("Test Passed"); }
public void main(Provider p) throws Exception { /* * Use Solaris SPARC 11.2 or later to avoid an intermittent failure * when running SunPKCS11-Solaris (8044554) */ if (p.getName().equals("SunPKCS11-Solaris") && System.getProperty("os.name").equals("SunOS") && System.getProperty("os.arch").equals("sparcv9") && System.getProperty("os.version").compareTo("5.11") <= 0 && getDistro().compareTo("11.2") < 0) { System.out.println( "SunPKCS11-Solaris provider requires " + "Solaris SPARC 11.2 or later, skipping"); return; } long start = System.currentTimeMillis(); provider = p; data = new byte[2048]; new Random().nextBytes(data); KeyStore ks = getKeyStore(); KeyFactory kf = KeyFactory.getInstance("RSA", provider); for (Enumeration e = ks.aliases(); e.hasMoreElements(); ) { String alias = (String) e.nextElement(); if (ks.isKeyEntry(alias)) { System.out.println("* Key " + alias + "..."); PrivateKey privateKey = (PrivateKey) ks.getKey(alias, password); PublicKey publicKey = ks.getCertificate(alias).getPublicKey(); privateKey = (PrivateKey) kf.translateKey(privateKey); publicKey = (PublicKey) kf.translateKey(publicKey); test(privateKey, publicKey); } } long stop = System.currentTimeMillis(); System.out.println("All tests passed (" + (stop - start) + " ms)."); }
/** * Private/Public Keys for a certificate * * @return * @throws NoSuchProviderException * @throws NoSuchAlgorithmException */ private KeyPair newKeyPair() throws NoSuchProviderException, NoSuchAlgorithmException { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", bouncyCastleProvider.getName()); keyPairGenerator.initialize(2048, secureRandom); return keyPairGenerator.generateKeyPair(); }
public static void main(String args[]) { Provider server = new Provider(); while (true) { server.run(); } }