📄 security.java
字号:
*/ public static String getProperty(String key) { // XXX To prevent infinite recursion when the SecurityManager calls us, // don't do a security check if the caller is trusted (by virtue of having // been loaded by the bootstrap class loader). SecurityManager sm = System.getSecurityManager(); if (sm != null && VMStackWalker.getCallingClassLoader() != null) sm.checkSecurityAccess("getProperty." + key); return secprops.getProperty(key); } /** * Sets or changes a designated Security property to a designated value. * * @param key * the name of the property to set. * @param datum * the new value of the property. * @throws SecurityException * if a {@link SecurityManager} is installed and it disallows this * operation. * @see #getProperty(String) * @see SecurityPermission */ public static void setProperty(String key, String datum) { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkSecurityAccess("setProperty." + key); if (datum == null) secprops.remove(key); else secprops.put(key, datum); } /** * For a given <i>service</i> (e.g. Signature, MessageDigest, etc...) this * method returns the {@link Set} of all available algorithm names (instances * of {@link String}, from all currently installed {@link Provider}s. * * @param serviceName * the case-insensitive name of a service (e.g. Signature, * MessageDigest, etc). * @return a {@link Set} of {@link String}s containing the names of all * algorithm names provided by all of the currently installed * {@link Provider}s. * @since 1.4 */ public static Set getAlgorithms(String serviceName) { HashSet result = new HashSet(); if (serviceName == null || serviceName.length() == 0) return result; serviceName = serviceName.trim(); if (serviceName.length() == 0) return result; serviceName = serviceName.toUpperCase()+"."; Provider[] providers = getProviders(); int ndx; for (int i = 0; i < providers.length; i++) for (Enumeration e = providers[i].propertyNames(); e.hasMoreElements(); ) { String service = ((String) e.nextElement()).trim(); if (service.toUpperCase().startsWith(serviceName)) { service = service.substring(serviceName.length()).trim(); ndx = service.indexOf(' '); // get rid of attributes if (ndx != -1) service = service.substring(0, ndx); result.add(service); } } return Collections.unmodifiableSet(result); } /** * Returns an array of currently installed {@link Provider}s, ordered * according to their installation preference order, which satisfy a given * <i>selection</i> criterion. * * <p>This implementation recognizes a <i>selection</i> criterion written in * one of two following forms:</p> * * <ul> * <li><crypto_service>.<algorithm_or_type>: Where * <i>crypto_service</i> is a case-insensitive string, similar to what has * been described in the {@link #getAlgorithms(String)} method, and * <i>algorithm_or_type</i> is a known case-insensitive name of an * Algorithm, or one of its aliases. * * <p>For example, "CertificateFactory.X.509" would return all the installed * {@link Provider}s which provide a <i>CertificateFactory</i> * implementation of <i>X.509</i>.</p></li> * * <li><crypto_service>.<algorithm_or_type> <attribute_name>:<value>: * Where <i>crypto_service</i> is a case-insensitive string, similar to what * has been described in the {@link #getAlgorithms(String)} method, * <i>algorithm_or_type</i> is a case-insensitive known name of an Algorithm * or one of its aliases, <i>attribute_name</i> is a case-insensitive * property name with no whitespace characters, and no dots, in-between, and * <i>value</i> is a {@link String} with no whitespace characters in-between. * * <p>For example, "Signature.Sha1WithDSS KeySize:1024" would return all the * installed {@link Provider}s which declared their ability to provide * <i>Signature</i> services, using the <i>Sha1WithDSS</i> algorithm with * key sizes of <i>1024</i>.</p></li> * </ul> * * @param filter * the <i>selection</i> criterion for selecting among the installed * {@link Provider}s. * @return all the installed {@link Provider}s which satisfy the <i>selection</i> * criterion. Returns <code>null</code> if no installed * {@link Provider}s were found which satisfy the <i>selection</i> * criterion. Returns ALL installed {@link Provider}s if * <code>filter</code> is <code>null</code> or is an empty string. * @throws InvalidParameterException * if an exception occurs while parsing the <code>filter</code>. * @see #getProviders(Map) */ public static Provider[] getProviders(String filter) { if (providers == null || providers.isEmpty()) return null; if (filter == null || filter.length() == 0) return getProviders(); HashMap map = new HashMap(1); int i = filter.indexOf(':'); if (i == -1) // <service>.<algorithm> map.put(filter, ""); else // <service>.<algorithm> <attribute>:<value> map.put(filter.substring(0, i), filter.substring(i+1)); return getProviders(map); } /** * Returns an array of currently installed {@link Provider}s which satisfy a * set of <i>selection</i> criteria. * * <p>The <i>selection</i> criteria are defined in a {@link Map} where each * element specifies a <i>selection</i> querry. The <i>Keys</i> in this * {@link Map} must be in one of the two following forms:</p> * * <ul> * <li><crypto_service>.<algorithm_or_type>: Where * <i>crypto_service</i> is a case-insensitive string, similar to what has * been described in the {@link #getAlgorithms(String)} method, and * <i>algorithm_or_type</i> is a case-insensitive known name of an * Algorithm, or one of its aliases. The <i>value</i> of the entry in the * {@link Map} for such a <i>Key</i> MUST be the empty string. * {@link Provider}s which provide an implementation for the designated * <i>service algorithm</i> are included in the result.</li> * * <li><crypto_service>.<algorithm_or_type> <attribute_name>: * Where <i>crypto_service</i> is a case-insensitive string, similar to what * has been described in the {@link #getAlgorithms(String)} method, * <i>algorithm_or_type</i> is a case-insensitive known name of an Algorithm * or one of its aliases, and <i>attribute_name</i> is a case-insensitive * property name with no whitespace characters, and no dots, in-between. The * <i>value</i> of the entry in this {@link Map} for such a <i>Key</i> MUST * NOT be <code>null</code> or an empty string. {@link Provider}s which * declare the designated <i>attribute_name</i> and <i>value</i> for the * designated <i>service algorithm</i> are included in the result.</li> * </ul> * * @param filter * a {@link Map} of <i>selection querries</i>. * @return all currently installed {@link Provider}s which satisfy ALL the * <i>selection</i> criteria defined in <code>filter</code>. * Returns ALL installed {@link Provider}s if <code>filter</code> * is <code>null</code> or empty. * @throws InvalidParameterException * if an exception is encountered while parsing the syntax of the * {@link Map}'s <i>keys</i>. * @see #getProviders(String) */ public static Provider[] getProviders(Map filter) { if (providers == null || providers.isEmpty()) return null; if (filter == null) return getProviders(); Set querries = filter.keySet(); if (querries == null || querries.isEmpty()) return getProviders(); LinkedHashSet result = new LinkedHashSet(providers); // assume all int dot, ws; String querry, service, algorithm, attribute, value; LinkedHashSet serviceProviders = new LinkedHashSet(); // preserve insertion order for (Iterator i = querries.iterator(); i.hasNext(); ) { querry = (String) i.next(); if (querry == null) // all providers continue; querry = querry.trim(); if (querry.length() == 0) // all providers continue; dot = querry.indexOf('.'); if (dot == -1) // syntax error throw new InvalidParameterException( "missing dot in '" + String.valueOf(querry)+"'"); value = (String) filter.get(querry); // deconstruct querry into [service, algorithm, attribute] if (value == null || value.trim().length() == 0) // <service>.<algorithm> { value = null; attribute = null; service = querry.substring(0, dot).trim(); algorithm = querry.substring(dot+1).trim(); } else // <service>.<algorithm> <attribute> { ws = querry.indexOf(' '); if (ws == -1) throw new InvalidParameterException( "value (" + String.valueOf(value) + ") is not empty, but querry (" + String.valueOf(querry) + ") is missing at least one space character"); value = value.trim(); attribute = querry.substring(ws+1).trim(); // was the dot in the attribute? if (attribute.indexOf('.') != -1) throw new InvalidParameterException( "attribute_name (" + String.valueOf(attribute) + ") in querry (" + String.valueOf(querry) + ") contains a dot"); querry = querry.substring(0, ws).trim(); service = querry.substring(0, dot).trim(); algorithm = querry.substring(dot+1).trim(); } // service and algorithm must not be empty if (service.length() == 0) throw new InvalidParameterException( "<crypto_service> in querry (" + String.valueOf(querry) + ") is empty"); if (algorithm.length() == 0) throw new InvalidParameterException( "<algorithm_or_type> in querry (" + String.valueOf(querry) + ") is empty"); selectProviders(service, algorithm, attribute, value, result, serviceProviders); result.retainAll(serviceProviders); // eval next retaining found providers if (result.isEmpty()) // no point continuing break; } if (result.isEmpty()) return null; return (Provider[]) result.toArray(new Provider[result.size()]); } private static void selectProviders(String svc, String algo, String attr, String val, LinkedHashSet providerSet, LinkedHashSet result) { result.clear(); // ensure we start with an empty result set for (Iterator i = providerSet.iterator(); i.hasNext(); ) { Provider p = (Provider) i.next(); if (provides(p, svc, algo, attr, val)) result.add(p); } } private static boolean provides(Provider p, String svc, String algo, String attr, String val) { Iterator it; String serviceDotAlgorithm = null; String key = null; String realVal; boolean found = false; // if <svc>.<algo> <attr> is in the set then so is <svc>.<algo> // but it may be stored under an alias <algo>. resolve outer: for (int r = 0; r < 3; r++) // guard against circularity { serviceDotAlgorithm = (svc+"."+String.valueOf(algo)).trim(); for (it = p.keySet().iterator(); it.hasNext(); ) { key = (String) it.next(); if (key.equalsIgnoreCase(serviceDotAlgorithm)) // eureka { found = true; break outer; } // it may be there but as an alias if (key.equalsIgnoreCase(ALG_ALIAS + serviceDotAlgorithm)) { algo = p.getProperty(key); continue outer; } // else continue inner } } if (!found) return false; // found a candidate for the querry. do we have an attr to match? if (val == null) // <service>.<algorithm> querry return true; // <service>.<algorithm> <attribute>; find the key entry that match String realAttr; int limit = serviceDotAlgorithm.length() + 1; for (it = p.keySet().iterator(); it.hasNext(); ) { key = (String) it.next(); if (key.length() <= limit) continue; if (key.substring(0, limit).equalsIgnoreCase(serviceDotAlgorithm+" ")) { realAttr = key.substring(limit).trim(); if (! realAttr.equalsIgnoreCase(attr)) continue; // eveything matches so far. do the value realVal = p.getProperty(key); if (realVal == null) return false; realVal = realVal.trim(); // is it a string value? if (val.equalsIgnoreCase(realVal)) return true; // assume value is a number. cehck for greater-than-or-equal return (new Integer(val).intValue() >= new Integer(realVal).intValue()); } } return false; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -