Module java.base
Package java.security

Class Provider

All Implemented Interfaces:
Serializable, Cloneable, Map<Object,​Object>
Direct Known Subclasses:
AuthProvider

public abstract class Provider
extends Properties
This class represents a "provider" for the Java Security API, where a provider implements some or all parts of Java Security. Services that a provider may implement include:
  • Algorithms (such as DSA, RSA, or SHA-256).
  • Key generation, conversion, and management facilities (such as for algorithm-specific keys).

Some provider implementations may encounter unrecoverable internal errors during their operation, for example a failure to communicate with a security token. A ProviderException should be used to indicate such errors.

Please note that a provider can be used to implement any security service in Java that uses a pluggable architecture with a choice of implementations that fit underneath.

The service type Provider is reserved for use by the security framework. Services of this type cannot be added, removed, or modified by applications. The following attributes are automatically placed in each Provider object:

Attributes Automatically Placed in a Provider Object
NameValue
Provider.id name String.valueOf(provider.getName())
Provider.id version String.valueOf(provider.getVersionStr())
Provider.id info String.valueOf(provider.getInfo())
Provider.id className provider.getClass().getName()

Each provider has a name and a version string. A provider normally identifies itself with a file named java.security.Provider in the resource directory META-INF/services. Security providers are looked up via the ServiceLoader mechanism using the application class loader.

Providers may be configured such that they are automatically installed and made available at runtime via the Security.getProviders() method. The mechanism for configuring and installing security providers is implementation-specific.

Implementation Note:
The JDK implementation supports static registration of the security providers via the conf/security/java.security file in the Java installation directory. These providers are automatically installed by the JDK runtime, see The Provider Class in the Java Cryptography Architecture (JCA) Reference Guide for information about how a particular type of provider, the cryptographic service provider, works and is installed.
Since:
1.1
See Also:
Serialized Form
  • Constructor Details

    • Provider

      @Deprecated(since="9") protected Provider​(String name, double version, String info)
      Deprecated.
      Constructs a provider with the specified name, version number, and information. Calling this constructor is equivalent to call the Provider(String, String, String) with name name, Double.toString(version), and info.
      Parameters:
      name - the provider name.
      version - the provider version number.
      info - a description of the provider and its services.
    • Provider

      protected Provider​(String name, String versionStr, String info)
      Constructs a provider with the specified name, version string, and information.

      The version string contains a version number optionally followed by other information separated by one of the characters of '+', '-'. The format for the version number is:

           ^[0-9]+(\.[0-9]+)*
       

      In order to return the version number in a double, when there are more than two components (separated by '.' as defined above), only the first two components are retained. The resulting string is then passed to Double.valueOf(String) to generate version number, i.e. getVersion().

      If the conversion failed, value 0 will be used.

      Parameters:
      name - the provider name.
      versionStr - the provider version string.
      info - a description of the provider and its services.
      Since:
      9
  • Method Details

    • configure

      public Provider configure​(String configArg)
      Apply the supplied configuration argument to this provider instance and return the configured provider. Note that if this provider cannot be configured in-place, a new provider will be created and returned. Therefore, callers should always use the returned provider.
      Implementation Requirements:
      The default implementation throws UnsupportedOperationException. Subclasses should override this method only if a configuration argument is supported.
      Parameters:
      configArg - the configuration information for configuring this provider.
      Returns:
      a provider configured with the supplied configuration argument.
      Throws:
      UnsupportedOperationException - if a configuration argument is not supported.
      NullPointerException - if the supplied configuration argument is null.
      InvalidParameterException - if the supplied configuration argument is invalid.
      Since:
      9
    • isConfigured

      public boolean isConfigured()
      Check if this provider instance has been configured.
      Implementation Requirements:
      The default implementation returns true. Subclasses should override this method if the provider instance requires an explicit configure call after being constructed.
      Returns:
      true if no further configuration is needed, false otherwise.
      Since:
      9
    • getName

      public String getName()
      Returns the name of this provider.
      Returns:
      the name of this provider.
    • getVersion

      @Deprecated(since="9") public double getVersion()
      Deprecated.
      use getVersionStr() instead.
      Returns the version number for this provider.
      Returns:
      the version number for this provider.
    • getVersionStr

      public String getVersionStr()
      Returns the version string for this provider.
      Returns:
      the version string for this provider.
      Since:
      9
    • getInfo

      public String getInfo()
      Returns a human-readable description of the provider and its services. This may return an HTML page, with relevant links.
      Returns:
      a description of the provider and its services.
    • toString

      public String toString()
      Returns a string with the name and the version string of this provider.
      Overrides:
      toString in class Hashtable<Object,​Object>
      Returns:
      the string with the name and the version string for this provider.
    • clear

      public void clear()
      Clears this provider so that it no longer contains the properties used to look up facilities implemented by the provider.

      If a security manager is enabled, its checkSecurityAccess method is called with the string "clearProviderProperties."+name (where name is the provider name) to see if it's ok to clear this provider.

      Specified by:
      clear in interface Map<Object,​Object>
      Overrides:
      clear in class Hashtable<Object,​Object>
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to clear this provider
      Since:
      1.2
    • load

      public void load​(InputStream inStream) throws IOException
      Reads a property list (key and element pairs) from the input stream.
      Overrides:
      load in class Properties
      Parameters:
      inStream - the input stream.
      Throws:
      IOException - if an error occurred when reading from the input stream.
      See Also:
      Properties.load(java.io.Reader)
    • putAll

      public void putAll​(Map<?,​?> t)
      Copies all of the mappings from the specified Map to this provider. These mappings will replace any properties that this provider had for any of the keys currently in the specified Map.
      Specified by:
      putAll in interface Map<Object,​Object>
      Overrides:
      putAll in class Hashtable<Object,​Object>
      Parameters:
      t - mappings to be stored in this map
      Since:
      1.2
    • entrySet

      public Set<Map.Entry<Object,​Object>> entrySet()
      Returns an unmodifiable Set view of the property entries contained in this Provider.
      Specified by:
      entrySet in interface Map<Object,​Object>
      Overrides:
      entrySet in class Hashtable<Object,​Object>
      Returns:
      a set view of the mappings contained in this map
      Since:
      1.2
      See Also:
      Map.Entry
    • keySet

      public Set<Object> keySet()
      Returns an unmodifiable Set view of the property keys contained in this provider.
      Specified by:
      keySet in interface Map<Object,​Object>
      Overrides:
      keySet in class Hashtable<Object,​Object>
      Returns:
      a set view of the keys contained in this map
      Since:
      1.2
    • values

      public Collection<Object> values()
      Returns an unmodifiable Collection view of the property values contained in this provider.
      Specified by:
      values in interface Map<Object,​Object>
      Overrides:
      values in class Hashtable<Object,​Object>
      Returns:
      a collection view of the values contained in this map
      Since:
      1.2
    • put

      public Object put​(Object key, Object value)
      Sets the key property to have the specified value.

      If a security manager is enabled, its checkSecurityAccess method is called with the string "putProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values.

      Specified by:
      put in interface Map<Object,​Object>
      Overrides:
      put in class Hashtable<Object,​Object>
      Parameters:
      key - the hashtable key
      value - the value
      Returns:
      the previous value of the specified key in this hashtable, or null if it did not have one
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values.
      Since:
      1.2
      See Also:
      Object.equals(Object), Hashtable.get(Object)
    • putIfAbsent

      public Object putIfAbsent​(Object key, Object value)
      If the specified key is not already associated with a value (or is mapped to null) associates it with the given value and returns null, else returns the current value.

      If a security manager is enabled, its checkSecurityAccess method is called with the string "putProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values.

      Parameters:
      key - key with which the specified value is to be associated
      value - value to be associated with the specified key
      Returns:
      the previous value associated with the specified key, or null if there was no mapping for the key. (A null return can also indicate that the map previously associated null with the key, if the implementation supports null values.)
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values.
      Since:
      1.8
    • remove

      public Object remove​(Object key)
      Removes the key property (and its corresponding value).

      If a security manager is enabled, its checkSecurityAccess method is called with the string "removeProviderProperty."+name, where name is the provider name, to see if it's ok to remove this provider's properties.

      Specified by:
      remove in interface Map<Object,​Object>
      Overrides:
      remove in class Hashtable<Object,​Object>
      Parameters:
      key - the key that needs to be removed
      Returns:
      the value to which the key had been mapped in this hashtable, or null if the key did not have a mapping
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to remove this provider's properties.
      Since:
      1.2
    • remove

      public boolean remove​(Object key, Object value)
      Removes the entry for the specified key only if it is currently mapped to the specified value.

      If a security manager is enabled, its checkSecurityAccess method is called with the string "removeProviderProperty."+name, where name is the provider name, to see if it's ok to remove this provider's properties.

      Parameters:
      key - key with which the specified value is associated
      value - value expected to be associated with the specified key
      Returns:
      true if the value was removed
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to remove this provider's properties.
      Since:
      1.8
    • replace

      public boolean replace​(Object key, Object oldValue, Object newValue)
      Replaces the entry for the specified key only if currently mapped to the specified value.

      If a security manager is enabled, its checkSecurityAccess method is called with the string "putProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values.

      Parameters:
      key - key with which the specified value is associated
      oldValue - value expected to be associated with the specified key
      newValue - value to be associated with the specified key
      Returns:
      true if the value was replaced
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values.
      Since:
      1.8
    • replace

      public Object replace​(Object key, Object value)
      Replaces the entry for the specified key only if it is currently mapped to some value.

      If a security manager is enabled, its checkSecurityAccess method is called with the string "putProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values.

      Parameters:
      key - key with which the specified value is associated
      value - value to be associated with the specified key
      Returns:
      the previous value associated with the specified key, or null if there was no mapping for the key. (A null return can also indicate that the map previously associated null with the key, if the implementation supports null values.)
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values.
      Since:
      1.8
    • replaceAll

      public void replaceAll​(BiFunction<? super Object,​? super Object,​? extends Object> function)
      Replaces each entry's value with the result of invoking the given function on that entry, in the order entries are returned by an entry set iterator, until all entries have been processed or the function throws an exception.

      If a security manager is enabled, its checkSecurityAccess method is called with the string "putProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values.

      Parameters:
      function - the function to apply to each entry
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values.
      Since:
      1.8
    • compute

      public Object compute​(Object key, BiFunction<? super Object,​? super Object,​? extends Object> remappingFunction)
      Attempts to compute a mapping for the specified key and its current mapped value (or null if there is no current mapping).

      If a security manager is enabled, its checkSecurityAccess method is called with the strings "putProviderProperty."+name and "removeProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values and remove this provider's properties.

      Specified by:
      compute in interface Map<Object,​Object>
      Overrides:
      compute in class Hashtable<Object,​Object>
      Parameters:
      key - key with which the specified value is to be associated
      remappingFunction - the remapping function to compute a value
      Returns:
      the new value associated with the specified key, or null if none
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values or remove properties.
      Since:
      1.8
    • computeIfAbsent

      public Object computeIfAbsent​(Object key, Function<? super Object,​? extends Object> mappingFunction)
      If the specified key is not already associated with a value (or is mapped to null), attempts to compute its value using the given mapping function and enters it into this map unless null.

      If a security manager is enabled, its checkSecurityAccess method is called with the strings "putProviderProperty."+name and "removeProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values and remove this provider's properties.

      Specified by:
      computeIfAbsent in interface Map<Object,​Object>
      Overrides:
      computeIfAbsent in class Hashtable<Object,​Object>
      Parameters:
      key - key with which the specified value is to be associated
      mappingFunction - the mapping function to compute a value
      Returns:
      the current (existing or computed) value associated with the specified key, or null if the computed value is null
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values and remove properties.
      Since:
      1.8
    • computeIfPresent

      public Object computeIfPresent​(Object key, BiFunction<? super Object,​? super Object,​? extends Object> remappingFunction)
      If the value for the specified key is present and non-null, attempts to compute a new mapping given the key and its current mapped value.

      If a security manager is enabled, its checkSecurityAccess method is called with the strings "putProviderProperty."+name and "removeProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values and remove this provider's properties.

      Specified by:
      computeIfPresent in interface Map<Object,​Object>
      Overrides:
      computeIfPresent in class Hashtable<Object,​Object>
      Parameters:
      key - key with which the specified value is to be associated
      remappingFunction - the remapping function to compute a value
      Returns:
      the new value associated with the specified key, or null if none
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values or remove properties.
      Since:
      1.8
    • merge

      public Object merge​(Object key, Object value, BiFunction<? super Object,​? super Object,​? extends Object> remappingFunction)
      If the specified key is not already associated with a value or is associated with null, associates it with the given value. Otherwise, replaces the value with the results of the given remapping function, or removes if the result is null. This method may be of use when combining multiple mapped values for a key.

      If a security manager is enabled, its checkSecurityAccess method is called with the strings "putProviderProperty."+name and "removeProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values and remove this provider's properties.

      Specified by:
      merge in interface Map<Object,​Object>
      Overrides:
      merge in class Hashtable<Object,​Object>
      Parameters:
      key - key with which the resulting value is to be associated
      value - the non-null value to be merged with the existing value associated with the key or, if no existing value or a null value is associated with the key, to be associated with the key
      remappingFunction - the remapping function to recompute a value if present
      Returns:
      the new value associated with the specified key, or null if no value is associated with the key
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values or remove properties.
      Since:
      1.8
    • getOrDefault

      public Object getOrDefault​(Object key, Object defaultValue)
      Description copied from interface: Map
      Returns the value to which the specified key is mapped, or defaultValue if this map contains no mapping for the key.
      Parameters:
      key - the key whose associated value is to be returned
      defaultValue - the default mapping of the key
      Returns:
      the value to which the specified key is mapped, or defaultValue if this map contains no mapping for the key
      Since:
      1.8
    • forEach

      public void forEach​(BiConsumer<? super Object,​? super Object> action)
      Description copied from interface: Map
      Performs the given action for each entry in this map until all entries have been processed or the action throws an exception. Unless otherwise specified by the implementing class, actions are performed in the order of entry set iteration (if an iteration order is specified.) Exceptions thrown by the action are relayed to the caller.
      Parameters:
      action - The action to be performed for each entry
      Since:
      1.8
    • getService

      public Provider.Service getService​(String type, String algorithm)
      Get the service describing this Provider's implementation of the specified type of this algorithm or alias. If no such implementation exists, this method returns null. If there are two matching services, one added to this provider using putService() and one added via put(), the service added via putService() is returned.
      Parameters:
      type - the type of service requested (for example, MessageDigest)
      algorithm - the case insensitive algorithm name (or alternate alias) of the service requested (for example, SHA-1)
      Returns:
      the service describing this Provider's matching service or null if no such service exists
      Throws:
      NullPointerException - if type or algorithm is null
      Since:
      1.5
    • getServices

      public Set<Provider.Service> getServices()
      Get an unmodifiable Set of all services supported by this Provider.
      Returns:
      an unmodifiable Set of all services supported by this Provider
      Since:
      1.5
    • putService

      protected void putService​(Provider.Service s)
      Add a service. If a service of the same type with the same algorithm name exists and it was added using putService(), it is replaced by the new service. This method also places information about this service in the provider's Hashtable values in the format described in the Java Cryptography Architecture (JCA) Reference Guide.

      Also, if there is a security manager, its checkSecurityAccess method is called with the string "putProviderProperty."+name, where name is the provider name, to see if it's ok to set this provider's property values. If the default implementation of checkSecurityAccess is used (that is, that method is not overridden), then this results in a call to the security manager's checkPermission method with a SecurityPermission("putProviderProperty."+name) permission.

      Parameters:
      s - the Service to add
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to set property values.
      NullPointerException - if s is null
      Since:
      1.5
    • removeService

      protected void removeService​(Provider.Service s)
      Remove a service previously added using putService(). The specified service is removed from this provider. It will no longer be returned by getService() and its information will be removed from this provider's Hashtable.

      Also, if there is a security manager, its checkSecurityAccess method is called with the string "removeProviderProperty."+name, where name is the provider name, to see if it's ok to remove this provider's properties. If the default implementation of checkSecurityAccess is used (that is, that method is not overridden), then this results in a call to the security manager's checkPermission method with a SecurityPermission("removeProviderProperty."+name) permission.

      Parameters:
      s - the Service to be removed
      Throws:
      SecurityException - if a security manager exists and its SecurityManager.checkSecurityAccess(java.lang.String) method denies access to remove this provider's properties.
      NullPointerException - if s is null
      Since:
      1.5