security.java

《移动Agent技术》一书的所有章节源代码。

/*
 * @(#)Security.java	1.58 98/07/01
 *
 * Copyright 1995-1998 by Sun Microsystems, Inc.,
 * 901 San Antonio Road, Palo Alto, California, 94303, U.S.A.
 * All rights reserved.
 * 
 * This software is the confidential and proprietary information
 * of Sun Microsystems, Inc. ("Confidential Information").  You
 * shall not disclose such Confidential Information and shall use
 * it only in accordance with the terms of the license agreement
 * you entered into with Sun.
 */
 
package java.security;

import java.util.*;
import java.io.*;
/**
 * <p>This class centralizes all security properties and common security
 * methods. One of its primary uses is to manage providers.
 *
 * @version 1.54 97/02/06
 * @author Benjamin Renaud */
public final class Security {

    /* Are we debugging? -- for developers */
    static boolean debug = false;

    /* Are we displaying errors? -- for users */
    static boolean error = true;

    /* The java.security properties */
    private static Properties props; 

    /* Where we cache provider properties */
    private static Properties propCache;

    /* A vector of providers, in order of priority */
    private static Vector providers;

    static {
	initialize();
    }
    
    private static void initialize() {
	props = new Properties();
	propCache = new Properties();
	providers = new Vector();

	File propFile = securityPropFile("java.security");
	if (!propFile.exists()) {
	    System.err.println("security properties not found. using defaults.");
	    initializeStatic();
	} else {
	    try {
		FileInputStream fis = new FileInputStream(propFile);
		InputStream is = new BufferedInputStream(fis);
		props.load(is);
		is.close();
	    } catch (IOException e) {
		error("could not load security properties file from " + propFile +
		      ". using defaults.");
		initializeStatic();
	    }
	}
	loadProviders();
    }

    /* 
     * Initialize to default values, if <java.home>/lib/java.security
     * is not found.
     */
    private static void initializeStatic() {
	props.put("security.provider.1", "sun.security.provider.Sun");
	props.put("system.scope","sun.security.provider.IdentityDatabase");
    }

    /**
     * Don't let anyone instantiate this. 
     */
    private Security() {
    }

    /**
     * Loops through provider declarations, which are expected to be
     * of the form:
     *
     * security.provider.1=sun.security.provider.Sun
     * security.provider.2=sun.security.jsafe.Jsafe
     * etc.
     *
     * The order determines the default search order when looking for 
     * an algorithm.
     */
    private static void loadProviders() {

	int i = 1;

	while(true) {

	    String name = props.getProperty("security.provider." + i++);
	    if (name == null) {
		break;

	    } else {
		Provider prov = Provider.loadProvider(name);
		if (prov != null) {
		    /* This must manipulate the datastructure
		       directly, because going through addProviders
		       causes a security check to happen, which
		       sometimes will cause the security
		       initialization to fail with bad
		       consequences. */
		    providers.addElement(prov);
		}
	    }
	}
    }

    static File securityPropFile(String filename) {
	// maybe check for a system property which will specify where to
	// look. Someday.
	String sep = File.separator;
	return new File(System.getProperty("java.home") + sep + "lib" + sep + 
			"security" + sep + filename);
    }

    /**
     * Looks up providers, and returns the property mapping the key,
     * if any. The order in which the providers are looked up is the
     * provider-preference order, as specificed in the security
     * properties file.
     */
    static String getProviderProperty(String key) {
	
	String prop = propCache.getProperty(key);
	if (prop != null) {
	    return prop;
	}

	for (int i = 0; i < providers.size(); i++) {
	    Provider prov = (Provider)providers.elementAt(i);
	    
	    prop = prov.getProperty(key);
	    if (prop != null) {
		propCache.put(key, prop);
		return prop;
	    }
	}
	return prop;
    }

    /**
     * We always map names to standard names
     */
    static String getStandardName(String alias, String engineType) {
	return getProviderProperty("Alg.Alias." + engineType + "." + alias);
    }

    /** 
     * Gets a specified property for an algorithm. The algorithm name
     * should be a standard name. See Appendix A in the <a href=
     * "../guide/security/CryptoSpec.html#AppA">
     * Java Cryptography Architecture API Specification &amp; Reference </a> 
     * for information about standard algorithm names.
     * One possible use is by specialized algorithm parsers, which may map 
     * classes to algorithms which they understand (much like Key parsers 
     * do).
     *
     * @param algName the algorithm name.
     *
     * @param propName the name of the property to get.
     * 
     * @return the value of the specified property.  
     */
    public static String getAlgorithmProperty(String algName,
					      String propName) {
	return getProviderProperty("Alg." + propName + "." + algName);
    }

    /** 
     * Given an algorithm name, returns the name of PublicKey class
     * capable of handling keys for that algorithm. The algorithm name
     * should be a standard name. See Appendix A in the <a href=
     * "../guide/security/CryptoSpec.html#AppA">
     * Java Cryptography Architecture API Specification &amp; Reference </a> 
     * for information about standard algorithm names.
     *
     * @param algName the standard algorithm name for which to get
     * a public key class name.
     */
    static String getPublicKeyClassName(String algName, String format) {

	String stdName = getStandardName(algName, "Key");

	if (stdName == null) {
	    stdName = algName;
	}

	String formatAndAlg = "PublicKey." + format + "." + stdName;
	return getProviderProperty(formatAndAlg);
    }


    /** Given an algorithm name, returns the name of PrivateKey class
     * capable of handling keys for that algorithm. The algorithm name
     * should be a standard name. See Appendix A in the <a href=
     * "../guide/security/CryptoSpec.html#AppA">
     * Java Cryptography Architecture API Specification &amp; Reference </a> 
     * for information about standard algorithm names.
     */
    static String getPrivateKeyClassName(String algName, String format) {

	String stdName = getStandardName(algName, "Key");

	if (stdName == null) {
	    stdName = algName;
	}

	return getProviderProperty("PrivateKey." + format + "." + stdName);
    }

    static String getEngineClassName(String algName,
				     String engineType)
    throws NoSuchAlgorithmException {
	/* First get the standard name */
	String stdName = getStandardName(algName, engineType);
	
	if (stdName == null) {
	    stdName = algName;
	}

	Class impl = null;

	Enumeration enum = providers.elements();

	String classname = getProviderProperty(engineType + "." + stdName);

	if (classname != null) {
	    return classname;
	}

	throw new NoSuchAlgorithmException("algorithm " + algName + 
					   " not available.");
    }

    /** Given an algorithm name, returns the name of Signature class
     * capable of handling keys for that algorithm. The algorithm name
     * should be a standard name. See Appendix A in the <a href=
     * "../guide/security/CryptoSpec.html#AppA">
     * Java Cryptography Architecture API Specification &amp; Reference </a> 
     * for information about standard algorithm names.
     */
    private static String getEngineClassName(String algName, String provider, 
					     String engineType) 
    throws NoSuchAlgorithmException, NoSuchProviderException {

	if (provider == null) {
	    return getEngineClassName(algName, engineType);
	}

	/* First get the standard name */
	String stdName = getStandardName(algName, engineType);
	
	if (stdName == null) {
	    stdName = algName;
	}

	Provider prov = getProvider(provider);
	if (prov == null) {
	    throw new NoSuchProviderException("no such provider: " +