50 return null; |
53 return null; |
51 } |
54 } |
52 }); |
55 }); |
53 } |
56 } |
54 |
57 |
|
58 private static final class ProviderService extends Provider.Service { |
|
59 ProviderService(Provider p, String type, String algo, String cn) { |
|
60 super(p, type, algo, cn, null, null); |
|
61 } |
|
62 |
|
63 ProviderService(Provider p, String type, String algo, String cn, |
|
64 String[] aliases, HashMap<String, String> attrs) { |
|
65 super(p, type, algo, cn, |
|
66 (aliases == null? null : Arrays.asList(aliases)), attrs); |
|
67 } |
|
68 |
|
69 @Override |
|
70 public Object newInstance(Object ctrParamObj) |
|
71 throws NoSuchAlgorithmException { |
|
72 String type = getType(); |
|
73 if (ctrParamObj != null) { |
|
74 throw new InvalidParameterException |
|
75 ("constructorParameter not used with " + type + |
|
76 " engines"); |
|
77 } |
|
78 String algo = getAlgorithm(); |
|
79 try { |
|
80 if (type.equals("SecureRandom")) { |
|
81 if (algo.equals("Windows-PRNG")) { |
|
82 return new PRNG(); |
|
83 } |
|
84 } else if (type.equals("KeyStore")) { |
|
85 if (algo.equals("Windows-MY")) { |
|
86 return new KeyStore.MY(); |
|
87 } else if (algo.equals("Windows-ROOT")) { |
|
88 return new KeyStore.ROOT(); |
|
89 } |
|
90 } else if (type.equals("Signature")) { |
|
91 if (algo.equals("NONEwithRSA")) { |
|
92 return new RSASignature.Raw(); |
|
93 } else if (algo.equals("SHA1withRSA")) { |
|
94 return new RSASignature.SHA1(); |
|
95 } else if (algo.equals("SHA256withRSA")) { |
|
96 return new RSASignature.SHA256(); |
|
97 } else if (algo.equals("SHA384withRSA")) { |
|
98 return new RSASignature.SHA384(); |
|
99 } else if (algo.equals("SHA512withRSA")) { |
|
100 return new RSASignature.SHA512(); |
|
101 } else if (algo.equals("MD5withRSA")) { |
|
102 return new RSASignature.MD5(); |
|
103 } else if (algo.equals("MD2withRSA")) { |
|
104 return new RSASignature.MD2(); |
|
105 } |
|
106 } else if (type.equals("KeyPairGenerator")) { |
|
107 if (algo.equals("RSA")) { |
|
108 return new RSAKeyPairGenerator(); |
|
109 } |
|
110 } else if (type.equals("Cipher")) { |
|
111 if (algo.equals("RSA") || |
|
112 algo.equals("RSA/ECB/PKCS1Padding")) { |
|
113 return new RSACipher(); |
|
114 } |
|
115 } |
|
116 } catch (Exception ex) { |
|
117 throw new NoSuchAlgorithmException |
|
118 ("Error constructing " + type + " for " + |
|
119 algo + " using SunMSCAPI", ex); |
|
120 } |
|
121 throw new ProviderException("No impl for " + algo + |
|
122 " " + type); |
|
123 } |
|
124 } |
|
125 |
55 public SunMSCAPI() { |
126 public SunMSCAPI() { |
56 super("SunMSCAPI", 1.9d, INFO); |
127 super("SunMSCAPI", 1.9d, INFO); |
57 |
128 |
58 // if there is no security manager installed, put directly into |
129 final Provider p = this; |
59 // the provider. Otherwise, create a temporary map and use a |
130 AccessController.doPrivileged(new PrivilegedAction<Void>() { |
60 // doPrivileged() call at the end to transfer the contents |
131 public Void run() { |
61 final Map<Object, Object> map = |
132 /* |
62 (System.getSecurityManager() == null) |
133 * Secure random |
63 ? this : new HashMap<Object, Object>(); |
134 */ |
64 |
135 putService(new ProviderService(p, "SecureRandom", |
65 /* |
136 "Windows-PRNG", "sun.security.mscapi.PRNG")); |
66 * Secure random |
137 |
67 */ |
138 /* |
68 map.put("SecureRandom.Windows-PRNG", "sun.security.mscapi.PRNG"); |
139 * Key store |
69 |
140 */ |
70 /* |
141 putService(new ProviderService(p, "KeyStore", |
71 * Key store |
142 "Windows-MY", "sun.security.mscapi.KeyStore$MY")); |
72 */ |
143 putService(new ProviderService(p, "KeyStore", |
73 map.put("KeyStore.Windows-MY", "sun.security.mscapi.KeyStore$MY"); |
144 "Windows-ROOT", "sun.security.mscapi.KeyStore$ROOT")); |
74 map.put("KeyStore.Windows-ROOT", "sun.security.mscapi.KeyStore$ROOT"); |
145 |
75 |
146 /* |
76 /* |
147 * Signature engines |
77 * Signature engines |
148 */ |
78 */ |
149 HashMap<String, String> attrs = new HashMap<>(1); |
79 // NONEwithRSA must be supplied with a pre-computed message digest. |
150 attrs.put("SupportedKeyClasses", "sun.security.mscapi.Key"); |
80 // Only the following digest algorithms are supported: MD5, SHA-1, |
151 |
81 // SHA-256, SHA-384, SHA-512 and a special-purpose digest |
152 // NONEwithRSA must be supplied with a pre-computed message digest. |
82 // algorithm which is a concatenation of SHA-1 and MD5 digests. |
153 // Only the following digest algorithms are supported: MD5, SHA-1, |
83 map.put("Signature.NONEwithRSA", |
154 // SHA-256, SHA-384, SHA-512 and a special-purpose digest |
84 "sun.security.mscapi.RSASignature$Raw"); |
155 // algorithm which is a concatenation of SHA-1 and MD5 digests. |
85 map.put("Signature.SHA1withRSA", |
156 putService(new ProviderService(p, "Signature", |
86 "sun.security.mscapi.RSASignature$SHA1"); |
157 "NONEwithRSA", "sun.security.mscapi.RSASignature$Raw", |
87 map.put("Signature.SHA256withRSA", |
158 null, attrs)); |
88 "sun.security.mscapi.RSASignature$SHA256"); |
159 putService(new ProviderService(p, "Signature", |
89 map.put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA"); |
160 "SHA1withRSA", "sun.security.mscapi.RSASignature$SHA1", |
90 map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA"); |
161 null, attrs)); |
91 map.put("Signature.SHA384withRSA", |
162 putService(new ProviderService(p, "Signature", |
92 "sun.security.mscapi.RSASignature$SHA384"); |
163 "SHA256withRSA", "sun.security.mscapi.RSASignature$SHA256", |
93 map.put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA"); |
164 new String[] { "1.2.840.113549.1.1.11", "OID.1.2.840.113549.1.1.11" }, |
94 map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA"); |
165 attrs)); |
95 |
166 putService(new ProviderService(p, "Signature", |
96 map.put("Signature.SHA512withRSA", |
167 "SHA384withRSA", "sun.security.mscapi.RSASignature$SHA384", |
97 "sun.security.mscapi.RSASignature$SHA512"); |
168 new String[] { "1.2.840.113549.1.1.12", "OID.1.2.840.113549.1.1.12" }, |
98 map.put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA"); |
169 attrs)); |
99 map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA"); |
170 putService(new ProviderService(p, "Signature", |
100 |
171 "SHA512withRSA", "sun.security.mscapi.RSASignature$SHA512", |
101 map.put("Signature.MD5withRSA", |
172 new String[] { "1.2.840.113549.1.1.13", "OID.1.2.840.113549.1.1.13" }, |
102 "sun.security.mscapi.RSASignature$MD5"); |
173 attrs)); |
103 map.put("Signature.MD2withRSA", |
174 putService(new ProviderService(p, "Signature", |
104 "sun.security.mscapi.RSASignature$MD2"); |
175 "MD5withRSA", "sun.security.mscapi.RSASignature$MD5", |
105 |
176 null, attrs)); |
106 // supported key classes |
177 putService(new ProviderService(p, "Signature", |
107 map.put("Signature.NONEwithRSA SupportedKeyClasses", |
178 "MD2withRSA", "sun.security.mscapi.RSASignature$MD2", |
108 "sun.security.mscapi.Key"); |
179 null, attrs)); |
109 map.put("Signature.SHA1withRSA SupportedKeyClasses", |
180 |
110 "sun.security.mscapi.Key"); |
181 /* |
111 map.put("Signature.SHA256withRSA SupportedKeyClasses", |
182 * Key Pair Generator engines |
112 "sun.security.mscapi.Key"); |
183 */ |
113 map.put("Signature.SHA384withRSA SupportedKeyClasses", |
184 attrs.clear(); |
114 "sun.security.mscapi.Key"); |
185 attrs.put("KeySize", "1024"); |
115 map.put("Signature.SHA512withRSA SupportedKeyClasses", |
186 putService(new ProviderService(p, "KeyPairGenerator", |
116 "sun.security.mscapi.Key"); |
187 "RSA", "sun.security.mscapi.RSAKeyPairGenerator", |
117 map.put("Signature.MD5withRSA SupportedKeyClasses", |
188 null, attrs)); |
118 "sun.security.mscapi.Key"); |
189 |
119 map.put("Signature.MD2withRSA SupportedKeyClasses", |
190 /* |
120 "sun.security.mscapi.Key"); |
191 * Cipher engines |
121 |
192 */ |
122 /* |
193 attrs.clear(); |
123 * Key Pair Generator engines |
194 attrs.put("SupportedModes", "ECB"); |
124 */ |
195 attrs.put("SupportedPaddings", "PKCS1PADDING"); |
125 map.put("KeyPairGenerator.RSA", |
196 attrs.put("SupportedKeyClasses", "sun.security.mscapi.Key"); |
126 "sun.security.mscapi.RSAKeyPairGenerator"); |
197 putService(new ProviderService(p, "Cipher", |
127 map.put("KeyPairGenerator.RSA KeySize", "1024"); |
198 "RSA", "sun.security.mscapi.RSACipher", |
128 |
199 null, attrs)); |
129 /* |
200 putService(new ProviderService(p, "Cipher", |
130 * Cipher engines |
201 "RSA/ECB/PKCS1Padding", "sun.security.mscapi.RSACipher", |
131 */ |
202 null, attrs)); |
132 map.put("Cipher.RSA", "sun.security.mscapi.RSACipher"); |
|
133 map.put("Cipher.RSA/ECB/PKCS1Padding", |
|
134 "sun.security.mscapi.RSACipher"); |
|
135 map.put("Cipher.RSA SupportedModes", "ECB"); |
|
136 map.put("Cipher.RSA SupportedPaddings", "PKCS1PADDING"); |
|
137 map.put("Cipher.RSA SupportedKeyClasses", "sun.security.mscapi.Key"); |
|
138 |
|
139 if (map != this) { |
|
140 final Provider provider = this; |
|
141 PrivilegedAction<Void> putAllAction = () -> { |
|
142 provider.putAll(map); |
|
143 return null; |
203 return null; |
144 }; |
204 } |
145 AccessController.doPrivileged(putAllAction); |
205 }); |
146 } |
|
147 } |
206 } |
148 } |
207 } |