| Overview | Package | Class | Tree | Deprecated | Index | Help | Legend |
|
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
java.lang.Object | +--java.security.Security
Untamed:
This class centralizes all security properties and common security methods. One of its primary uses is to manage providers.
| Field Summary | |
(package private) static boolean |
debug
|
private static Hashtable |
engineCache
|
(package private) static boolean |
error
|
private static int |
indexStaticProviders
|
private static int |
numOfStaticProviders
|
private static Properties |
props
|
private static Hashtable |
providerLoads
|
private static Vector |
providerMasterClassNames
|
private static Hashtable |
providerPropertiesCache
|
private static Vector |
providers
|
private static boolean |
reloadProviders
|
private static boolean |
resetProviderIndex
|
private static sun.security.util.Debug |
sdebug
|
private static Hashtable |
searchResultsCache
|
| Constructor Summary | |
private |
Security()
Don't let anyone instantiate this. |
| Method Summary | |
static int |
addProvider(Provider provider)
Enabled: Adds a provider to the next position available. |
private static void |
check(String directive)
|
private static boolean |
checkSuperclass(Class subclass,
Class superclass)
|
private static void |
countProviders()
Loops through provider declarations, which are expected to be of the form: security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.jsafe.Jsafe etc. |
(package private) static void |
debug(String msg)
Print an debugging message that may be significant to a developer. |
(package private) static void |
debug(String msg,
Throwable t)
Print an debugging message that may be significant to a developer. |
private static Object[] |
doGetImpl(String algorithm,
String type,
java.security.Security.ProviderProperty pp)
|
private static Object[] |
doGetImpl(String algorithm,
String type,
java.security.Security.ProviderProperty pp,
Object params)
|
(package private) static void |
error(String msg)
Print an error message that may be significant to a user. |
(package private) static void |
error(String msg,
Throwable t)
Print an error message that may be significant to a user. |
static String |
getAlgorithmProperty(String algName,
String propName)
Deprecated. This method used to return the value of a proprietary property in the master file of the "SUN" Cryptographic Service Provider in order to determine how to parse algorithm-specific parameters. Use the new provider-based and algorithm-independent AlgorithmParameters and KeyFactory engine
classes (introduced in the Java 2 platform) instead. |
static Set |
getAlgorithms(String serviceName)
Enabled: Returns a Set of Strings containing the names of all available algorithms or types for the specified Java cryptographic service (e.g., Signature, MessageDigest, Cipher, Mac, KeyStore). |
private static LinkedHashSet |
getAllQualifyingCandidates(String filterKey,
String filterValue,
Provider[] allProviders)
|
private static java.security.Security.ProviderProperty |
getEngineClassName(String algName,
Provider provider,
String engineType)
The parameter provider cannot be null. |
private static java.security.Security.ProviderProperty |
getEngineClassName(String algName,
String engineType)
|
private static java.security.Security.ProviderProperty |
getEngineClassName(String algName,
String provider,
String engineType)
|
(package private) static String[] |
getFilterComponents(String filterKey,
String filterValue)
|
(package private) static Object[] |
getImpl(String algorithm,
String type,
Provider provider)
|
(package private) static Object[] |
getImpl(String algorithm,
String type,
Provider provider,
Object params)
|
(package private) static Object[] |
getImpl(String algorithm,
String type,
String provider)
|
(package private) static Object[] |
getImpl(String algorithm,
String type,
String provider,
Object params)
|
static String |
getProperty(String key)
Enabled: Gets a security property value. |
static Provider |
getProvider(String name)
Enabled: Returns the provider installed with the specified name, if any. |
private static java.security.Security.ProviderProperty |
getProviderProperty(String key)
Looks up providers, and returns the property (and its associated provider) mapping the key, if any. |
private static String |
getProviderProperty(String key,
Provider provider)
Returns the property (if any) mapping the key for the given provider. |
static Provider[] |
getProviders()
Enabled: Returns an array containing all the installed providers. |
static Provider[] |
getProviders(Map filter)
Enabled: Returns an array containing all installed providers that satisfy the specified selection criteria, or null if no such providers have been installed. |
static Provider[] |
getProviders(String filter)
Enabled: Returns an array containing all installed providers that satisfy the specified selection criterion, or null if no such providers have been installed. |
private static LinkedHashSet |
getProvidersNotUsingCache(String serviceName,
String algName,
String attrName,
String filterValue,
LinkedHashSet candidates,
Provider[] allProviders)
|
private static String |
getStandardName(String alias,
String engineType,
Provider prov)
We always map names to standard names |
private static void |
initialize()
|
private static void |
initializeStatic()
|
static int |
insertProviderAt(Provider provider,
int position)
Enabled: Adds a new provider, at a specified position. |
private static void |
invalidateSMCache(String key)
|
private static boolean |
isConstraintSatisfied(String attribute,
String value,
String prop)
|
private static boolean |
isCriterionSatisfied(Provider prov,
String serviceName,
String algName,
String attrName,
String filterValue)
|
private static boolean |
isStandardAttr(String attribute)
|
private static void |
loadOneMoreProvider()
Try our best to load one more statically registered provider. |
private static void |
reloadProviders()
|
static void |
removeProvider(String name)
Enabled: Removes the provider with the specified name. |
private static File |
securityPropFile(String filename)
|
static void |
setProperty(String key,
String datum)
Enabled: Sets a security property value. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
private static boolean reloadProviders
static final boolean debug
private static final sun.security.util.Debug sdebug
static final boolean error
private static Properties props
private static Vector providers
private static Hashtable providerPropertiesCache
private static Hashtable engineCache
private static Hashtable searchResultsCache
private static Hashtable providerLoads
private static int numOfStaticProviders
private static Vector providerMasterClassNames
private static int indexStaticProviders
private static boolean resetProviderIndex
| Constructor Detail |
private Security()
| Method Detail |
private static void initialize()
private static void initializeStatic()
private static void countProviders()
private static void reloadProviders()
private static void loadOneMoreProvider()
private static File securityPropFile(String filename)
private static java.security.Security.ProviderProperty getProviderProperty(String key)
private static String getProviderProperty(String key,
Provider provider)
private static String getStandardName(String alias,
String engineType,
Provider prov)
public static String getAlgorithmProperty(String algName,
String propName)
AlgorithmParameters and KeyFactory engine
classes (introduced in the Java 2 platform) instead.
algName - the algorithm name.propName - the name of the property to get.
private static java.security.Security.ProviderProperty getEngineClassName(String algName,
String engineType)
throws NoSuchAlgorithmException
NoSuchAlgorithmException
private static java.security.Security.ProviderProperty getEngineClassName(String algName,
String provider,
String engineType)
throws NoSuchAlgorithmException,
NoSuchProviderException
NoSuchAlgorithmException
NoSuchProviderException
private static java.security.Security.ProviderProperty getEngineClassName(String algName,
Provider provider,
String engineType)
throws NoSuchAlgorithmException
NoSuchAlgorithmException
public static int insertProviderAt(Provider provider,
int position)
If the given provider is installed at the requested position,
the provider that used to be at that position, and all providers
with a position greater than position, are shifted up
one position (towards the end of the list of installed providers).
A provider cannot be added if it is already installed.
First, if there is a security manager, its
checkSecurityAccess
method is called with the string
"insertProvider."+provider.getName()
to see if it's ok to add a new provider.
If the default implementation of checkSecurityAccess
is used (i.e., that method is not overriden), then this will result in
a call to the security manager's checkPermission method
with a
SecurityPermission("insertProvider."+provider.getName())
permission.
provider - the provider to be added.position - the preference position that the caller would
like for this provider.
SecurityException - if a security manager exists and its java.lang.SecurityManager#checkSecurityAccessgetProvider(java.lang.String),
removeProvider(java.lang.String),
java.security.SecurityPermissionpublic static int addProvider(Provider provider)
First, if there is a security manager, its
checkSecurityAccess
method is called with the string
"insertProvider."+provider.getName()
to see if it's ok to add a new provider.
If the default implementation of checkSecurityAccess
is used (i.e., that method is not overriden), then this will result in
a call to the security manager's checkPermission method
with a
SecurityPermission("insertProvider."+provider.getName())
permission.
provider - the provider to be added.
SecurityException - if a security manager exists and its java.lang.SecurityManager#checkSecurityAccessgetProvider(java.lang.String),
removeProvider(java.lang.String),
java.security.SecurityPermissionpublic static void removeProvider(String name)
When the specified provider is removed, all providers located at a position greater than where the specified provider was are shifted down one position (towards the head of the list of installed providers).
This method returns silently if the provider is not installed.
First, if there is a security manager, its
checkSecurityAccess
method is called with the string "removeProvider."+name
to see if it's ok to remove the provider.
If the default implementation of checkSecurityAccess
is used (i.e., that method is not overriden), then this will result in
a call to the security manager's checkPermission method
with a SecurityPermission("removeProvider."+name)
permission.
name - the name of the provider to remove.
SecurityException - if a security manager exists and its java.lang.SecurityManager#checkSecurityAccessgetProvider(java.lang.String),
addProvider(java.security.Provider)public static Provider[] getProviders()
public static Provider getProvider(String name)
name - the name of the provider to get.
removeProvider(java.lang.String),
addProvider(java.security.Provider)public static Provider[] getProviders(String filter)
A cryptographic service is always associated with a particular algorithm or type. For example, a digital signature service is always associated with a particular algorithm (e.g., DSA), and a CertificateFactory service is always associated with a particular certificate type (e.g., X.509).
The selection criterion must be specified in one of the following two formats:
The cryptographic service name must not contain any dots.
A provider satisfies the specified selection criterion iff the provider implements the specified algorithm or type for the specified cryptographic service.
For example, "CertificateFactory.X.509" would be satisfied by any provider that supplied a CertificateFactory implementation for X.509 certificates.
The cryptographic service name must not contain any dots. There must be one or more space charaters between the the <algorithm_or_type> and the <attribute_name>.
A provider satisfies this selection criterion iff the provider implements the specified algorithm or type for the specified cryptographic service and its implementation meets the constraint expressed by the specified attribute name/value pair.
For example, "Signature.SHA1withDSA KeySize:1024" would be satisfied by any provider that implemented the SHA1withDSA signature algorithm with a keysize of 1024 (or larger).
See Appendix A in the Java Cryptogaphy Architecture API Specification & Reference for information about standard cryptographic service names, standard algorithm names and standard attribute names.
filter - the criterion for selecting
providers. The filter is case-insensitive.
InvalidParameterException - if the filter is not in the required formatgetProviders(java.util.Map)public static Provider[] getProviders(Map filter)
The selection criteria are represented by a map. Each map entry represents a selection criterion. A provider is selected iff it satisfies all selection criteria. The key for any entry in such a map must be in one of the following two formats:
The cryptographic service name must not contain any dots.
The value associated with the key must be an empty string.
A provider satisfies this selection criterion iff the provider implements the specified algorithm or type for the specified cryptographic service.
The cryptographic service name must not contain any dots. There must be one or more space charaters between the <algorithm_or_type> and the <attribute_name>.
The value associated with the key must be a non-empty string. A provider satisfies this selection criterion iff the provider implements the specified algorithm or type for the specified cryptographic service and its implementation meets the constraint expressed by the specified attribute name/value pair.
See Appendix A in the Java Cryptogaphy Architecture API Specification & Reference for information about standard cryptographic service names, standard algorithm names and standard attribute names.
filter - the criteria for selecting
providers. The filter is case-insensitive.
InvalidParameterException - if the filter is not in the required formatgetProviders(java.lang.String)
private static boolean checkSuperclass(Class subclass,
Class superclass)
static Object[] getImpl(String algorithm,
String type,
String provider)
throws NoSuchAlgorithmException,
NoSuchProviderException
NoSuchAlgorithmException
NoSuchProviderException
static Object[] getImpl(String algorithm,
String type,
String provider,
Object params)
throws NoSuchAlgorithmException,
NoSuchProviderException,
InvalidAlgorithmParameterException
NoSuchAlgorithmException
NoSuchProviderException
InvalidAlgorithmParameterException
static Object[] getImpl(String algorithm,
String type,
Provider provider)
throws NoSuchAlgorithmException
NoSuchAlgorithmException
static Object[] getImpl(String algorithm,
String type,
Provider provider,
Object params)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException
NoSuchAlgorithmException
InvalidAlgorithmParameterException
private static Object[] doGetImpl(String algorithm,
String type,
java.security.Security.ProviderProperty pp)
throws NoSuchAlgorithmException
NoSuchAlgorithmException
private static Object[] doGetImpl(String algorithm,
String type,
java.security.Security.ProviderProperty pp,
Object params)
throws NoSuchAlgorithmException,
InvalidAlgorithmParameterException
NoSuchAlgorithmException
InvalidAlgorithmParameterExceptionpublic static String getProperty(String key)
First, if there is a security manager, its
checkPermission method is called with a
java.security.SecurityPermission("getProperty."+key)
permission to see if it's ok to retrieve the specified
security property value..
key - the key of the property being retrieved.
SecurityException - if a security manager exists and its java.lang.SecurityManager#checkPermissionsetProperty(java.lang.String, java.lang.String),
java.security.SecurityPermission
public static void setProperty(String key,
String datum)
First, if there is a security manager, its
checkPermission method is called with a
java.security.SecurityPermission("setProperty."+key)
permission to see if it's ok to set the specified
security property value.
key - the name of the property to be set.datum - the value of the property to be set.
SecurityException - if a security manager exists and its java.lang.SecurityManager#checkPermissiongetProperty(java.lang.String),
java.security.SecurityPermissionprivate static void invalidateSMCache(String key)
private static void check(String directive)
static void error(String msg)
static void error(String msg,
Throwable t)
static void debug(String msg)
static void debug(String msg,
Throwable t)
private static LinkedHashSet getAllQualifyingCandidates(String filterKey,
String filterValue,
Provider[] allProviders)
private static LinkedHashSet getProvidersNotUsingCache(String serviceName,
String algName,
String attrName,
String filterValue,
LinkedHashSet candidates,
Provider[] allProviders)
private static boolean isCriterionSatisfied(Provider prov,
String serviceName,
String algName,
String attrName,
String filterValue)
private static boolean isStandardAttr(String attribute)
private static boolean isConstraintSatisfied(String attribute,
String value,
String prop)
static String[] getFilterComponents(String filterKey,
String filterValue)
public static Set getAlgorithms(String serviceName)
serviceName - the name of the Java cryptographic
service (e.g., Signature, MessageDigest, Cipher, Mac, KeyStore).
Note: this parameter is case-insensitive.
|
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||||
