/* Security.java --- Java base security class implementation
- Copyright (C) 1999, 2001, 2002, 2003, Free Software Foundation, Inc.
+ Copyright (C) 1999, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
This file is part of GNU Classpath.
obligated to do so. If you do not wish to do so, delete this
exception statement from your version. */
+
package java.security;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
+import gnu.java.security.action.GetPropertyAction;
+
+import gnu.classpath.Configuration;
+
import java.io.IOException;
+import java.io.InputStream;
import java.net.URL;
-import java.security.Provider;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
* This class centralizes all security properties and common security methods.
* One of its primary uses is to manage providers.
*
- * @author Mark Benvenuto <ivymccough@worldnet.att.net>
+ * @author Mark Benvenuto (ivymccough@worldnet.att.net)
*/
-public final class Security extends Object
+public final class Security
{
private static final String ALG_ALIAS = "Alg.Alias.";
private static Vector providers = new Vector();
private static Properties secprops = new Properties();
+
static
- {
- String base = System.getProperty("gnu.classpath.home.url");
- String vendor = System.getProperty("gnu.classpath.vm.shortname");
-
- // Try VM specific security file
- boolean loaded = loadProviders(base, vendor);
+ {
+ GetPropertyAction getProp = new GetPropertyAction("gnu.classpath.home.url");
+ String base = (String) AccessController.doPrivileged(getProp);
+ getProp = new GetPropertyAction("gnu.classpath.vm.shortname");
+ String vendor = (String) AccessController.doPrivileged(getProp);
+
+ // Try VM specific security file
+ boolean loaded = loadProviders (base, vendor);
- // Append classpath standard provider if possible
- if (!loadProviders(base, "classpath") && !loaded && providers.size() == 0)
- {
- // No providers found and both security files failed to load properly.
- System.err.println
- ("WARNING: could not properly read security provider files:");
- System.err.println
- (" " + base + "/security/" + vendor + ".security");
- System.err.println
- (" " + base + "/security/" + "classpath" + ".security");
- System.err.println
- (" Falling back to standard GNU security provider");
- providers.addElement(new gnu.java.security.provider.Gnu());
- }
- }
-
+ // Append classpath standard provider if possible
+ if (!loadProviders (base, "classpath")
+ && !loaded
+ && providers.size() == 0)
+ {
+ if (Configuration.DEBUG)
+ {
+ /* No providers found and both security files failed to
+ * load properly. Give a warning in case of DEBUG is
+ * enabled. Could be done with java.util.logging later.
+ */
+ System.err.println
+ ("WARNING: could not properly read security provider files:");
+ System.err.println
+ (" " + base + "/security/" + vendor
+ + ".security");
+ System.err.println
+ (" " + base + "/security/" + "classpath"
+ + ".security");
+ System.err.println
+ (" Falling back to standard GNU security provider");
+ }
+ providers.addElement (new gnu.java.security.provider.Gnu());
+ }
+ }
// This class can't be instantiated.
- private Security ()
+ private Security()
{
}
result = false;
}
- return false;
+ return result;
}
/**
int max = providers.size ();
for (int i = 0; i < max; i++)
{
- if (((Provider) providers.elementAt(i)).getName() == provider.getName())
+ if (((Provider) providers.elementAt(i)).getName().equals(provider.getName()))
return -1;
}
int max = providers.size ();
for (int i = 0; i < max; i++)
{
- if (((Provider) providers.elementAt(i)).getName() == name)
+ if (((Provider) providers.elementAt(i)).getName().equals(name))
{
providers.remove(i);
break;
*/
public static Provider[] getProviders()
{
- Provider array[] = new Provider[providers.size ()];
+ Provider[] array = new Provider[providers.size ()];
providers.copyInto (array);
return array;
}
for (int i = 0; i < max; i++)
{
p = (Provider) providers.elementAt(i);
- if (p.getName() == name)
+ if (p.getName().equals(name))
return p;
}
return null;
* MessageDigest, Cipher, Mac, KeyStore). Returns an empty Set if there is no
* provider that supports the specified service. For a complete list of Java
* cryptographic services, please see the Java Cryptography Architecture API
- * Specification & Reference. Note: the returned set is immutable.
+ * Specification & Reference. Note: the returned set is immutable.
*
* @param serviceName the name of the Java cryptographic service (e.g.,
* Signature, MessageDigest, Cipher, Mac, KeyStore). Note: this parameter is
* formats:</p>
*
* <ul>
- * <li><p><crypto_service>.<algorithm_or_type></p>
+ * <li><p><crypto_service>.<algorithm_or_type></p>
* <p>The cryptographic service name must not contain any dots.</p>
* <p>A provider satisfies the specified selection criterion iff the
* provider implements the specified algorithm or type for the specified
* provider that supplied a CertificateFactory implementation for X.509
* certificates.</p></li>
*
- * <li><p><crypto_service>.<algorithm_or_type> <attribute_name>:<attribute_value></p>
+ * <li><p><crypto_service>.<algorithm_or_type> <attribute_name>:<attribute_value></p>
* <p>The cryptographic service name must not contain any dots. There must
- * be one or more space charaters between the the <algorithm_or_type>
- * and the <attribute_name>.</p>
+ * be one or more space charaters between the the <algorithm_or_type>
+ * and the <attribute_name>.</p>
* <p>A provider satisfies this selection criterion iff the provider
* implements the specified algorithm or type for the specified
* cryptographic service and its implementation meets the constraint
* of the following two formats:</p>
*
* <ul>
- * <li><p><crypto_service>.<algorithm_or_type></p>
+ * <li><p><crypto_service>.<algorithm_or_type></p>
* <p>The cryptographic service name must not contain any dots.</p>
* <p>The value associated with the key must be an empty string.</p>
* <p>A provider satisfies this selection criterion iff the provider
* implements the specified algorithm or type for the specified
* cryptographic service.</p></li>
*
- * <li><p><crypto_service>.<algorithm_or_type> <attribute_name></p>
+ * <li><p><crypto_service>.<algorithm_or_type> <attribute_name></p>
* <p>The cryptographic service name must not contain any dots. There must
- * be one or more space charaters between the <algorithm_or_type> and
- * the <attribute_name>.</p>
+ * be one or more space charaters between the <algorithm_or_type> and
+ * the <attribute_name>.</p>
* <p>The value associated with the key must be a non-empty string. A
* provider satisfies this selection criterion iff the provider implements
* the specified algorithm or type for the specified cryptographic service
outer: for (int r = 0; r < 3; r++) // guard against circularity
{
serviceDotAlgorithm = (svc+"."+String.valueOf(algo)).trim();
- inner: for (it = p.keySet().iterator(); it.hasNext(); )
+ for (it = p.keySet().iterator(); it.hasNext(); )
{
key = (String) it.next();
if (key.equalsIgnoreCase(serviceDotAlgorithm)) // eureka