use of java.security.Provider.Service in project jdk8u_jdk by JetBrains.
the class GetInstance method getInstance.
/*
* For all the getInstance() methods below:
* @param type the type of engine (e.g. MessageDigest)
* @param clazz the Spi class that the implementation must subclass
* (e.g. MessageDigestSpi.class) or null if no superclass check
* is required
* @param algorithm the name of the algorithm (or alias), e.g. MD5
* @param provider the provider (String or Provider object)
* @param param the parameter to pass to the Spi constructor
* (for CertStores)
*
* There are overloaded methods for all the permutations.
*/
public static Instance getInstance(String type, Class<?> clazz, String algorithm) throws NoSuchAlgorithmException {
// in the almost all cases, the first service will work
// avoid taking long path if so
ProviderList list = Providers.getProviderList();
Service firstService = list.getService(type, algorithm);
if (firstService == null) {
throw new NoSuchAlgorithmException(algorithm + " " + type + " not available");
}
NoSuchAlgorithmException failure;
try {
return getInstance(firstService, clazz);
} catch (NoSuchAlgorithmException e) {
failure = e;
}
// fail over to the next
for (Service s : list.getServices(type, algorithm)) {
if (s == firstService) {
// do not retry initial failed service
continue;
}
try {
return getInstance(s, clazz);
} catch (NoSuchAlgorithmException e) {
failure = e;
}
}
throw failure;
}
use of java.security.Provider.Service in project jdk8u_jdk by JetBrains.
the class GetInstance method getService.
public static Service getService(String type, String algorithm) throws NoSuchAlgorithmException {
ProviderList list = Providers.getProviderList();
Service s = list.getService(type, algorithm);
if (s == null) {
throw new NoSuchAlgorithmException(algorithm + " " + type + " not available");
}
return s;
}
use of java.security.Provider.Service in project jdk8u_jdk by JetBrains.
the class Cipher method getInstance.
/**
* Returns a <code>Cipher</code> object that implements the specified
* transformation.
*
* <p> This method traverses the list of registered security Providers,
* starting with the most preferred Provider.
* A new Cipher object encapsulating the
* CipherSpi implementation from the first
* Provider that supports the specified algorithm is returned.
*
* <p> Note that the list of registered providers may be retrieved via
* the {@link Security#getProviders() Security.getProviders()} method.
*
* @param transformation the name of the transformation, e.g.,
* <i>DES/CBC/PKCS5Padding</i>.
* See the Cipher section in the <a href=
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Cipher">
* Java Cryptography Architecture Standard Algorithm Name Documentation</a>
* for information about standard transformation names.
*
* @return a cipher that implements the requested transformation.
*
* @exception NoSuchAlgorithmException if <code>transformation</code>
* is null, empty, in an invalid format,
* or if no Provider supports a CipherSpi implementation for the
* specified algorithm.
*
* @exception NoSuchPaddingException if <code>transformation</code>
* contains a padding scheme that is not available.
*
* @see java.security.Provider
*/
public static final Cipher getInstance(String transformation) throws NoSuchAlgorithmException, NoSuchPaddingException {
List<Transform> transforms = getTransforms(transformation);
List<ServiceId> cipherServices = new ArrayList<>(transforms.size());
for (Transform transform : transforms) {
cipherServices.add(new ServiceId("Cipher", transform.transform));
}
List<Service> services = GetInstance.getServices(cipherServices);
// make sure there is at least one service from a signed provider
// and that it can use the specified mode and padding
Iterator<Service> t = services.iterator();
Exception failure = null;
while (t.hasNext()) {
Service s = t.next();
if (JceSecurity.canUseProvider(s.getProvider()) == false) {
continue;
}
Transform tr = getTransform(s, transforms);
if (tr == null) {
// should never happen
continue;
}
int canuse = tr.supportsModePadding(s);
if (canuse == S_NO) {
// does not support mode or padding we need, ignore
continue;
}
if (canuse == S_YES) {
return new Cipher(null, s, t, transformation, transforms);
} else {
// S_MAYBE, try out if it works
try {
CipherSpi spi = (CipherSpi) s.newInstance(null);
tr.setModePadding(spi);
return new Cipher(spi, s, t, transformation, transforms);
} catch (Exception e) {
failure = e;
}
}
}
throw new NoSuchAlgorithmException("Cannot find any provider supporting " + transformation, failure);
}
use of java.security.Provider.Service in project jdk8u_jdk by JetBrains.
the class Cipher method getInstance.
/**
* Returns a <code>Cipher</code> object that implements the specified
* transformation.
*
* <p> A new Cipher object encapsulating the
* CipherSpi implementation from the specified Provider
* object is returned. Note that the specified Provider object
* does not have to be registered in the provider list.
*
* @param transformation the name of the transformation,
* e.g., <i>DES/CBC/PKCS5Padding</i>.
* See the Cipher section in the <a href=
* "{@docRoot}/../technotes/guides/security/StandardNames.html#Cipher">
* Java Cryptography Architecture Standard Algorithm Name Documentation</a>
* for information about standard transformation names.
*
* @param provider the provider.
*
* @return a cipher that implements the requested transformation.
*
* @exception NoSuchAlgorithmException if <code>transformation</code>
* is null, empty, in an invalid format,
* or if a CipherSpi implementation for the specified algorithm
* is not available from the specified Provider object.
*
* @exception NoSuchPaddingException if <code>transformation</code>
* contains a padding scheme that is not available.
*
* @exception IllegalArgumentException if the <code>provider</code>
* is null.
*
* @see java.security.Provider
*/
public static final Cipher getInstance(String transformation, Provider provider) throws NoSuchAlgorithmException, NoSuchPaddingException {
if (provider == null) {
throw new IllegalArgumentException("Missing provider");
}
Exception failure = null;
List<Transform> transforms = getTransforms(transformation);
boolean providerChecked = false;
String paddingError = null;
for (Transform tr : transforms) {
Service s = provider.getService("Cipher", tr.transform);
if (s == null) {
continue;
}
if (providerChecked == false) {
// for compatibility, first do the lookup and then verify
// the provider. this makes the difference between a NSAE
// and a SecurityException if the
// provider does not support the algorithm.
Exception ve = JceSecurity.getVerificationResult(provider);
if (ve != null) {
String msg = "JCE cannot authenticate the provider " + provider.getName();
throw new SecurityException(msg, ve);
}
providerChecked = true;
}
if (tr.supportsMode(s) == S_NO) {
continue;
}
if (tr.supportsPadding(s) == S_NO) {
paddingError = tr.pad;
continue;
}
try {
CipherSpi spi = (CipherSpi) s.newInstance(null);
tr.setModePadding(spi);
Cipher cipher = new Cipher(spi, transformation);
cipher.provider = s.getProvider();
cipher.initCryptoPermission();
return cipher;
} catch (Exception e) {
failure = e;
}
}
// throw NoSuchPaddingException if the problem is with padding
if (failure instanceof NoSuchPaddingException) {
throw (NoSuchPaddingException) failure;
}
if (paddingError != null) {
throw new NoSuchPaddingException("Padding not supported: " + paddingError);
}
throw new NoSuchAlgorithmException("No such algorithm: " + transformation, failure);
}
use of java.security.Provider.Service in project jdk8u_jdk by JetBrains.
the class Cipher method chooseProvider.
private void chooseProvider(int initType, int opmode, Key key, AlgorithmParameterSpec paramSpec, AlgorithmParameters params, SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException {
synchronized (lock) {
if (spi != null) {
implInit(spi, initType, opmode, key, paramSpec, params, random);
return;
}
Exception lastException = null;
while ((firstService != null) || serviceIterator.hasNext()) {
Service s;
CipherSpi thisSpi;
if (firstService != null) {
s = firstService;
thisSpi = firstSpi;
firstService = null;
firstSpi = null;
} else {
s = serviceIterator.next();
thisSpi = null;
}
// if provider says it does not support this key, ignore it
if (s.supportsParameter(key) == false) {
continue;
}
if (JceSecurity.canUseProvider(s.getProvider()) == false) {
continue;
}
Transform tr = getTransform(s, transforms);
if (tr == null) {
// should never happen
continue;
}
if (tr.supportsModePadding(s) == S_NO) {
continue;
}
try {
if (thisSpi == null) {
thisSpi = (CipherSpi) s.newInstance(null);
}
tr.setModePadding(thisSpi);
initCryptoPermission();
implInit(thisSpi, initType, opmode, key, paramSpec, params, random);
provider = s.getProvider();
this.spi = thisSpi;
firstService = null;
serviceIterator = null;
transforms = null;
return;
} catch (Exception e) {
// SecurityException from crypto permission check
if (lastException == null) {
lastException = e;
}
}
}
// no working provider found, fail
if (lastException instanceof InvalidKeyException) {
throw (InvalidKeyException) lastException;
}
if (lastException instanceof InvalidAlgorithmParameterException) {
throw (InvalidAlgorithmParameterException) lastException;
}
if (lastException instanceof RuntimeException) {
throw (RuntimeException) lastException;
}
String kName = (key != null) ? key.getClass().getName() : "(null)";
throw new InvalidKeyException("No installed provider supports this key: " + kName, lastException);
}
}
Aggregations