1 /* 2 * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.jca; 27 28 import java.util.*; 29 30 import java.security.*; 31 import java.security.Provider.Service; 32 33 /** 34 * List of Providers. Used to represent the provider preferences. 35 * 36 * The system starts out with a ProviderList that only has the classNames 37 * of the Providers. Providers are loaded on demand only when needed. 38 * 39 * For compatibility reasons, Providers that could not be loaded are ignored 40 * and internally presented as the instance EMPTY_PROVIDER. However, those 41 * objects cannot be presented to applications. Call the convert() method 42 * to force all Providers to be loaded and to obtain a ProviderList with 43 * invalid entries removed. All this is handled by the Security class. 44 * 45 * Note that all indices used by this class are 0-based per general Java 46 * convention. These must be converted to the 1-based indices used by the 47 * Security class externally when needed. 48 * 49 * Instances of this class are immutable. This eliminates the need for 50 * cloning and synchronization in consumers. The add() and remove() style 51 * methods are static in order to avoid confusion about the immutability. 52 * 53 * @author Andreas Sterbenz 54 * @since 1.5 55 */ 56 public final class ProviderList { 57 58 final static sun.security.util.Debug debug = 59 sun.security.util.Debug.getInstance("jca", "ProviderList"); 60 61 private final static ProviderConfig[] PC0 = new ProviderConfig[0]; 62 63 private final static Provider[] P0 = new Provider[0]; 64 65 // constant for an ProviderList with no elements 66 static final ProviderList EMPTY = new ProviderList(PC0, true); 67 68 // dummy provider object to use during initialization 69 // used to avoid explicit null checks in various places 70 private static final Provider EMPTY_PROVIDER = 71 new Provider("##Empty##", 1.0d, "initialization in progress") { 72 // override getService() to return null slightly faster 73 public Service getService(String type, String algorithm) { 74 return null; 75 } 76 }; 77 78 // construct a ProviderList from the security properties 79 // (static provider configuration in the java.security file) fromSecurityProperties()80 static ProviderList fromSecurityProperties() { 81 // doPrivileged() because of Security.getProperty() 82 return AccessController.doPrivileged( 83 new PrivilegedAction<ProviderList>() { 84 public ProviderList run() { 85 return new ProviderList(); 86 } 87 }); 88 } 89 90 public static ProviderList add(ProviderList providerList, Provider p) { 91 return insertAt(providerList, p, -1); 92 } 93 94 public static ProviderList insertAt(ProviderList providerList, Provider p, 95 int position) { 96 if (providerList.getProvider(p.getName()) != null) { 97 return providerList; 98 } 99 List<ProviderConfig> list = new ArrayList<> 100 (Arrays.asList(providerList.configs)); 101 int n = list.size(); 102 if ((position < 0) || (position > n)) { 103 position = n; 104 } 105 list.add(position, new ProviderConfig(p)); 106 return new ProviderList(list.toArray(PC0), true); 107 } 108 109 public static ProviderList remove(ProviderList providerList, String name) { 110 // make sure provider exists 111 if (providerList.getProvider(name) == null) { 112 return providerList; 113 } 114 // copy all except matching to new list 115 ProviderConfig[] configs = new ProviderConfig[providerList.size() - 1]; 116 int j = 0; 117 for (ProviderConfig config : providerList.configs) { 118 if (config.getProvider().getName().equals(name) == false) { 119 configs[j++] = config; 120 } 121 } 122 return new ProviderList(configs, true); 123 } 124 125 // Create a new ProviderList from the specified Providers. 126 // This method is for use by SunJSSE. 127 public static ProviderList newList(Provider ... providers) { 128 ProviderConfig[] configs = new ProviderConfig[providers.length]; 129 for (int i = 0; i < providers.length; i++) { 130 configs[i] = new ProviderConfig(providers[i]); 131 } 132 return new ProviderList(configs, true); 133 } 134 135 // configuration of the providers 136 private final ProviderConfig[] configs; 137 138 // flag indicating whether all configs have been loaded successfully 139 private volatile boolean allLoaded; 140 141 // List returned by providers() 142 private final List<Provider> userList = new AbstractList<Provider>() { 143 public int size() { 144 return configs.length; 145 } 146 public Provider get(int index) { 147 return getProvider(index); 148 } 149 }; 150 151 /** 152 * Create a new ProviderList from an array of configs 153 */ 154 private ProviderList(ProviderConfig[] configs, boolean allLoaded) { 155 this.configs = configs; 156 this.allLoaded = allLoaded; 157 } 158 159 /** 160 * Return a new ProviderList parsed from the java.security Properties. 161 */ 162 private ProviderList() { 163 List<ProviderConfig> configList = new ArrayList<>(); 164 for (int i = 1; true; i++) { 165 String entry = Security.getProperty("security.provider." + i); 166 if (entry == null) { 167 break; 168 } 169 entry = entry.trim(); 170 if (entry.length() == 0) { 171 System.err.println("invalid entry for " + 172 "security.provider." + i); 173 break; 174 } 175 int k = entry.indexOf(' '); 176 ProviderConfig config; 177 if (k == -1) { 178 config = new ProviderConfig(entry); 179 } else { 180 String className = entry.substring(0, k); 181 String argument = entry.substring(k + 1).trim(); 182 config = new ProviderConfig(className, argument); 183 } 184 185 // Get rid of duplicate providers. 186 if (configList.contains(config) == false) { 187 configList.add(config); 188 } 189 } 190 configs = configList.toArray(PC0); 191 if (debug != null) { 192 debug.println("provider configuration: " + configList); 193 } 194 } 195 196 /** 197 * Construct a special ProviderList for JAR verification. It consists 198 * of the providers specified via jarClassNames, which must be on the 199 * bootclasspath and cannot be in signed JAR files. This is to avoid 200 * possible recursion and deadlock during verification. 201 */ 202 ProviderList getJarList(String[] jarClassNames) { 203 List<ProviderConfig> newConfigs = new ArrayList<>(); 204 for (String className : jarClassNames) { 205 ProviderConfig newConfig = new ProviderConfig(className); 206 for (ProviderConfig config : configs) { 207 // if the equivalent object is present in this provider list, 208 // use the old object rather than the new object. 209 // this ensures that when the provider is loaded in the 210 // new thread local list, it will also become available 211 // in this provider list 212 if (config.equals(newConfig)) { 213 newConfig = config; 214 break; 215 } 216 } 217 newConfigs.add(newConfig); 218 } 219 ProviderConfig[] configArray = newConfigs.toArray(PC0); 220 return new ProviderList(configArray, false); 221 } 222 223 public int size() { 224 return configs.length; 225 } 226 227 /** 228 * Return the Provider at the specified index. Returns EMPTY_PROVIDER 229 * if the provider could not be loaded at this time. 230 */ 231 Provider getProvider(int index) { 232 Provider p = configs[index].getProvider(); 233 return (p != null) ? p : EMPTY_PROVIDER; 234 } 235 236 /** 237 * Return an unmodifiable List of all Providers in this List. The 238 * individual Providers are loaded on demand. Elements that could not 239 * be initialized are replaced with EMPTY_PROVIDER. 240 */ 241 public List<Provider> providers() { 242 return userList; 243 } 244 245 private ProviderConfig getProviderConfig(String name) { 246 int index = getIndex(name); 247 return (index != -1) ? configs[index] : null; 248 } 249 250 // return the Provider with the specified name or null 251 public Provider getProvider(String name) { 252 ProviderConfig config = getProviderConfig(name); 253 return (config == null) ? null : config.getProvider(); 254 } 255 256 /** 257 * Return the index at which the provider with the specified name is 258 * installed or -1 if it is not present in this ProviderList. 259 */ 260 public int getIndex(String name) { 261 for (int i = 0; i < configs.length; i++) { 262 Provider p = getProvider(i); 263 if (p.getName().equals(name)) { 264 return i; 265 } 266 } 267 return -1; 268 } 269 270 // attempt to load all Providers not already loaded 271 private int loadAll() { 272 if (allLoaded) { 273 return configs.length; 274 } 275 if (debug != null) { 276 debug.println("Loading all providers"); 277 new Exception("Call trace").printStackTrace(); 278 } 279 int n = 0; 280 for (int i = 0; i < configs.length; i++) { 281 Provider p = configs[i].getProvider(); 282 if (p != null) { 283 n++; 284 } 285 } 286 if (n == configs.length) { 287 allLoaded = true; 288 } 289 return n; 290 } 291 292 /** 293 * Try to load all Providers and return the ProviderList. If one or 294 * more Providers could not be loaded, a new ProviderList with those 295 * entries removed is returned. Otherwise, the method returns this. 296 */ 297 ProviderList removeInvalid() { 298 int n = loadAll(); 299 if (n == configs.length) { 300 return this; 301 } 302 ProviderConfig[] newConfigs = new ProviderConfig[n]; 303 for (int i = 0, j = 0; i < configs.length; i++) { 304 ProviderConfig config = configs[i]; 305 if (config.isLoaded()) { 306 newConfigs[j++] = config; 307 } 308 } 309 return new ProviderList(newConfigs, true); 310 } 311 312 // return the providers as an array 313 public Provider[] toArray() { 314 return providers().toArray(P0); 315 } 316 317 // return a String representation of this ProviderList 318 public String toString() { 319 return Arrays.asList(configs).toString(); 320 } 321 322 /** 323 * Return a Service describing an implementation of the specified 324 * algorithm from the Provider with the highest precedence that 325 * supports that algorithm. Return null if no Provider supports this 326 * algorithm. 327 */ 328 public Service getService(String type, String name) { 329 for (int i = 0; i < configs.length; i++) { 330 Provider p = getProvider(i); 331 Service s = p.getService(type, name); 332 if (s != null) { 333 return s; 334 } 335 } 336 return null; 337 } 338 339 /** 340 * Return a List containing all the Services describing implementations 341 * of the specified algorithms in precedence order. If no implementation 342 * exists, this method returns an empty List. 343 * 344 * The elements of this list are determined lazily on demand. 345 * 346 * The List returned is NOT thread safe. 347 */ 348 public List<Service> getServices(String type, String algorithm) { 349 return new ServiceList(type, algorithm); 350 } 351 352 /** 353 * This method exists for compatibility with JCE only. It will be removed 354 * once JCE has been changed to use the replacement method. 355 * @deprecated use getServices(List<ServiceId>) instead 356 */ 357 @Deprecated 358 public List<Service> getServices(String type, List<String> algorithms) { 359 List<ServiceId> ids = new ArrayList<>(); 360 for (String alg : algorithms) { 361 ids.add(new ServiceId(type, alg)); 362 } 363 return getServices(ids); 364 } 365 366 public List<Service> getServices(List<ServiceId> ids) { 367 return new ServiceList(ids); 368 } 369 370 /** 371 * Inner class for a List of Services. Custom List implementation in 372 * order to delay Provider initialization and lookup. 373 * Not thread safe. 374 */ 375 private final class ServiceList extends AbstractList<Service> { 376 377 // type and algorithm for simple lookup 378 // avoid allocating/traversing the ServiceId list for these lookups 379 private final String type; 380 private final String algorithm; 381 382 // list of ids for parallel lookup 383 // if ids is non-null, type and algorithm are null 384 private final List<ServiceId> ids; 385 386 // first service we have found 387 // it is stored in a separate variable so that we can avoid 388 // allocating the services list if we do not need the second service. 389 // this is the case if we don't failover (failovers are typically rare) 390 private Service firstService; 391 392 // list of the services we have found so far 393 private List<Service> services; 394 395 // index into config[] of the next provider we need to query 396 private int providerIndex; 397 398 ServiceList(String type, String algorithm) { 399 this.type = type; 400 this.algorithm = algorithm; 401 this.ids = null; 402 } 403 404 ServiceList(List<ServiceId> ids) { 405 this.type = null; 406 this.algorithm = null; 407 this.ids = ids; 408 } 409 410 private void addService(Service s) { 411 if (firstService == null) { 412 firstService = s; 413 } else { 414 if (services == null) { 415 services = new ArrayList<Service>(4); 416 services.add(firstService); 417 } 418 services.add(s); 419 } 420 } 421 422 private Service tryGet(int index) { 423 while (true) { 424 if ((index == 0) && (firstService != null)) { 425 return firstService; 426 } else if ((services != null) && (services.size() > index)) { 427 return services.get(index); 428 } 429 if (providerIndex >= configs.length) { 430 return null; 431 } 432 // check all algorithms in this provider before moving on 433 Provider p = getProvider(providerIndex++); 434 if (type != null) { 435 // simple lookup 436 Service s = p.getService(type, algorithm); 437 if (s != null) { 438 addService(s); 439 } 440 } else { 441 // parallel lookup 442 for (ServiceId id : ids) { 443 Service s = p.getService(id.type, id.algorithm); 444 if (s != null) { 445 addService(s); 446 } 447 } 448 } 449 } 450 } 451 452 public Service get(int index) { 453 Service s = tryGet(index); 454 if (s == null) { 455 throw new IndexOutOfBoundsException(); 456 } 457 return s; 458 } 459 460 public int size() { 461 int n; 462 if (services != null) { 463 n = services.size(); 464 } else { 465 n = (firstService != null) ? 1 : 0; 466 } 467 while (tryGet(n) != null) { 468 n++; 469 } 470 return n; 471 } 472 473 // override isEmpty() and iterator() to not call size() 474 // this avoids loading + checking all Providers 475 476 public boolean isEmpty() { 477 return (tryGet(0) == null); 478 } 479 480 public Iterator<Service> iterator() { 481 return new Iterator<Service>() { 482 int index; 483 484 public boolean hasNext() { 485 return tryGet(index) != null; 486 } 487 488 public Service next() { 489 Service s = tryGet(index); 490 if (s == null) { 491 throw new NoSuchElementException(); 492 } 493 index++; 494 return s; 495 } 496 497 public void remove() { 498 throw new UnsupportedOperationException(); 499 } 500 }; 501 } 502 } 503 504 } 505