mirror of
https://github.com/openjdk/jdk.git
synced 2025-08-27 06:45:07 +02:00
8345060: Remove Security Manager dependencies from java.security.KeyStore and Identity APIs and implementations
Reviewed-by: hchao, alanb, weijun
This commit is contained in:
Sean Mullan
parent
1ca764454b
commit
30b8bbe255
11 changed files with 96 additions and 231 deletions
|
|
@ -987,9 +987,7 @@ public class KeyStore {
|
|||
* @see java.security.Security security properties
|
||||
*/
|
||||
public static final String getDefaultType() {
|
||||
@SuppressWarnings("removal")
|
||||
String kstype = AccessController.doPrivileged((PrivilegedAction<String>) () ->
|
||||
Security.getProperty(KEYSTORE_TYPE));
|
||||
String kstype = Security.getProperty(KEYSTORE_TYPE);
|
||||
if (kstype == null) {
|
||||
kstype = "pkcs12";
|
||||
}
|
||||
|
|
@ -1993,9 +1991,7 @@ public class KeyStore {
|
|||
("File does not exist or it does not refer " +
|
||||
"to a normal file: " + file);
|
||||
}
|
||||
@SuppressWarnings("removal")
|
||||
var acc = AccessController.getContext();
|
||||
return new FileBuilder(type, provider, file, protection, acc);
|
||||
return new FileBuilder(type, provider, file, protection);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -2048,24 +2044,19 @@ public class KeyStore {
|
|||
private final File file;
|
||||
private final ProtectionParameter protection;
|
||||
private ProtectionParameter keyProtection;
|
||||
@SuppressWarnings("removal")
|
||||
private final AccessControlContext context;
|
||||
|
||||
private KeyStore keyStore;
|
||||
|
||||
private Throwable oldException;
|
||||
|
||||
FileBuilder(String type, Provider provider, File file,
|
||||
ProtectionParameter protection,
|
||||
@SuppressWarnings("removal") AccessControlContext context) {
|
||||
ProtectionParameter protection) {
|
||||
this.type = type;
|
||||
this.provider = provider;
|
||||
this.file = file;
|
||||
this.protection = protection;
|
||||
this.context = context;
|
||||
}
|
||||
|
||||
@SuppressWarnings("removal")
|
||||
public synchronized KeyStore getKeyStore() throws KeyStoreException
|
||||
{
|
||||
if (keyStore != null) {
|
||||
|
|
@ -2076,19 +2067,18 @@ public class KeyStore {
|
|||
("Previous KeyStore instantiation failed",
|
||||
oldException);
|
||||
}
|
||||
PrivilegedExceptionAction<KeyStore> action =
|
||||
new PrivilegedExceptionAction<KeyStore>() {
|
||||
public KeyStore run() throws Exception {
|
||||
if (!(protection instanceof CallbackHandlerProtection)) {
|
||||
return run0();
|
||||
}
|
||||
try {
|
||||
if (!(protection instanceof CallbackHandlerProtection)) {
|
||||
keyStore = getKeyStore0();
|
||||
} else {
|
||||
// when using a CallbackHandler,
|
||||
// reprompt if the password is wrong
|
||||
int tries = 0;
|
||||
while (true) {
|
||||
tries++;
|
||||
try {
|
||||
return run0();
|
||||
keyStore = getKeyStore0();
|
||||
break;
|
||||
} catch (IOException e) {
|
||||
if ((tries < MAX_CALLBACK_TRIES)
|
||||
&& (e.getCause() instanceof UnrecoverableKeyException)) {
|
||||
|
|
@ -2098,58 +2088,53 @@ public class KeyStore {
|
|||
}
|
||||
}
|
||||
}
|
||||
public KeyStore run0() throws Exception {
|
||||
KeyStore ks;
|
||||
char[] password;
|
||||
|
||||
// Acquire keystore password
|
||||
if (protection instanceof PasswordProtection) {
|
||||
password =
|
||||
((PasswordProtection)protection).getPassword();
|
||||
keyProtection = protection;
|
||||
} else {
|
||||
CallbackHandler handler =
|
||||
((CallbackHandlerProtection)protection)
|
||||
.getCallbackHandler();
|
||||
PasswordCallback callback = new PasswordCallback
|
||||
("Password for keystore " + file.getName(),
|
||||
false);
|
||||
handler.handle(new Callback[] {callback});
|
||||
password = callback.getPassword();
|
||||
if (password == null) {
|
||||
throw new KeyStoreException("No password" +
|
||||
" provided");
|
||||
}
|
||||
callback.clearPassword();
|
||||
keyProtection = new PasswordProtection(password);
|
||||
}
|
||||
|
||||
if (type.isEmpty()) {
|
||||
// Instantiate keystore and load keystore data
|
||||
ks = KeyStore.getInstance(file, password);
|
||||
} else {
|
||||
// Instantiate keystore
|
||||
if (provider == null) {
|
||||
ks = KeyStore.getInstance(type);
|
||||
} else {
|
||||
ks = KeyStore.getInstance(type, provider);
|
||||
}
|
||||
// Load keystore data
|
||||
try (InputStream in = new FileInputStream(file)) {
|
||||
ks.load(in, password);
|
||||
}
|
||||
}
|
||||
return ks;
|
||||
}
|
||||
};
|
||||
try {
|
||||
keyStore = AccessController.doPrivileged(action, context);
|
||||
return keyStore;
|
||||
} catch (PrivilegedActionException e) {
|
||||
oldException = e.getCause();
|
||||
} catch (Exception e) {
|
||||
oldException = e;
|
||||
throw new KeyStoreException
|
||||
("KeyStore instantiation failed", oldException);
|
||||
}
|
||||
return keyStore;
|
||||
}
|
||||
|
||||
private KeyStore getKeyStore0() throws Exception {
|
||||
KeyStore ks;
|
||||
char[] password;
|
||||
|
||||
// Acquire keystore password
|
||||
if (protection instanceof PasswordProtection) {
|
||||
password = ((PasswordProtection)protection).getPassword();
|
||||
keyProtection = protection;
|
||||
} else {
|
||||
CallbackHandler handler =
|
||||
((CallbackHandlerProtection)protection)
|
||||
.getCallbackHandler();
|
||||
PasswordCallback callback = new PasswordCallback
|
||||
("Password for keystore " + file.getName(), false);
|
||||
handler.handle(new Callback[] {callback});
|
||||
password = callback.getPassword();
|
||||
if (password == null) {
|
||||
throw new KeyStoreException("No password" + " provided");
|
||||
}
|
||||
callback.clearPassword();
|
||||
keyProtection = new PasswordProtection(password);
|
||||
}
|
||||
|
||||
if (type.isEmpty()) {
|
||||
// Instantiate keystore and load keystore data
|
||||
ks = KeyStore.getInstance(file, password);
|
||||
} else {
|
||||
// Instantiate keystore
|
||||
if (provider == null) {
|
||||
ks = KeyStore.getInstance(type);
|
||||
} else {
|
||||
ks = KeyStore.getInstance(type, provider);
|
||||
}
|
||||
// Load keystore data
|
||||
try (InputStream in = new FileInputStream(file)) {
|
||||
ks.load(in, password);
|
||||
}
|
||||
}
|
||||
return ks;
|
||||
}
|
||||
|
||||
public synchronized ProtectionParameter
|
||||
|
|
@ -2195,16 +2180,18 @@ public class KeyStore {
|
|||
if ((type == null) || (protection == null)) {
|
||||
throw new NullPointerException();
|
||||
}
|
||||
@SuppressWarnings("removal")
|
||||
final AccessControlContext context = AccessController.getContext();
|
||||
return new Builder() {
|
||||
private volatile boolean getCalled;
|
||||
private IOException oldException;
|
||||
|
||||
private final PrivilegedExceptionAction<KeyStore> action
|
||||
= new PrivilegedExceptionAction<>() {
|
||||
|
||||
public KeyStore run() throws Exception {
|
||||
public synchronized KeyStore getKeyStore()
|
||||
throws KeyStoreException {
|
||||
if (oldException != null) {
|
||||
throw new KeyStoreException
|
||||
("Previous KeyStore instantiation failed",
|
||||
oldException);
|
||||
}
|
||||
try {
|
||||
KeyStore ks;
|
||||
if (provider == null) {
|
||||
ks = KeyStore.getInstance(type);
|
||||
|
|
@ -2237,23 +2224,9 @@ public class KeyStore {
|
|||
}
|
||||
getCalled = true;
|
||||
return ks;
|
||||
}
|
||||
};
|
||||
|
||||
@SuppressWarnings("removal")
|
||||
public synchronized KeyStore getKeyStore()
|
||||
throws KeyStoreException {
|
||||
if (oldException != null) {
|
||||
} catch (Exception e) {
|
||||
throw new KeyStoreException
|
||||
("Previous KeyStore instantiation failed",
|
||||
oldException);
|
||||
}
|
||||
try {
|
||||
return AccessController.doPrivileged(action, context);
|
||||
} catch (PrivilegedActionException e) {
|
||||
Throwable cause = e.getCause();
|
||||
throw new KeyStoreException
|
||||
("KeyStore instantiation failed", cause);
|
||||
("KeyStore instantiation failed", e);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue