Interface SecurityProviderRegistrar
-
- All Superinterfaces:
NamedResource,OptionalFeature,PropertyResolver,SecurityProviderChoice
- All Known Implementing Classes:
AbstractSecurityProviderRegistrar,BouncyCastleSecurityProviderRegistrar,EdDSASecurityProviderRegistrar
public interface SecurityProviderRegistrar extends SecurityProviderChoice, OptionalFeature, PropertyResolver
- Author:
- Apache MINA SSHD Project
-
-
Field Summary
Fields Modifier and Type Field Description static StringALL_OPTIONS_VALUEstatic StringALL_OPTIONS_WILDCARDstatic StringCONFIG_PROP_BASEBase name for configuration properties related to security providersstatic StringENABLED_PROPERTYProperty used to configure whether the provider is enabled regardless of whether it is supported.static StringNAMED_PROVIDER_PROPERTYProperty used to configure whether to use the provider's name rather than itsProviderinstancestatic StringNO_OPTIONS_VALUEstatic List<Class<?>>SECURITY_ENTITIESAll the entities that are used in calls toisSecurityEntitySupported(Class, String)-
Fields inherited from interface org.apache.sshd.common.NamedResource
BY_NAME_COMPARATOR, NAME_EXTRACTOR
-
Fields inherited from interface org.apache.sshd.common.OptionalFeature
FALSE, TRUE
-
Fields inherited from interface org.apache.sshd.common.PropertyResolver
EMPTY
-
Fields inherited from interface org.apache.sshd.common.util.security.SecurityProviderChoice
EMPTY
-
-
Method Summary
All Methods Static Methods Instance Methods Default Methods Modifier and Type Method Description static SecurityProviderRegistrarfindSecurityProviderRegistrarBySecurityEntity(Predicate<? super SecurityProviderRegistrar> entitySelector, Collection<? extends SecurityProviderRegistrar> registrars)default StringgetBasePropertyName()default StringgetConfigurationPropertyName(String name)default StringgetDefaultSecurityEntitySupportValue(Class<?> entityType)static StringgetEffectiveSecurityEntityName(Class<?> entityType, String name)Determines the "pure" security entity name - e.g., forCiphers it strips the trailing transformation specification in order to extract the base cipher name - e.g., "AES/CBC/NoPadding" => "AES"default PropertyResolvergetParentPropertyResolver()default Map<String,Object>getProperties()A map of properties that can be used to configure the SSH server or client.static booleanisAllOptionsValue(String v)default booleanisCertificateFactorySupported(String type)default booleanisCipherSupported(String transformation)default booleanisEnabled()default booleanisKeyAgreementSupported(String algorithm)default booleanisKeyFactorySupported(String algorithm)default booleanisKeyPairGeneratorSupported(String algorithm)default booleanisMacSupported(String algorithm)default booleanisMessageDigestSupported(String algorithm)default booleanisNamedProviderUsed()default booleanisSecurityEntitySupported(Class<?> entityType, String name)static booleanisSecurityEntitySupported(PropertyResolver resolver, String propName, Class<?> entityType, String name, String defaultValue)static booleanisSecurityEntitySupported(SecurityProviderRegistrar registrar, Class<?> entityType, String name, String defaultValue)Checks whether the requested entity type algorithm/name is listed as supported by the registrar's configurationdefault booleanisSignatureSupported(String algorithm)static booleanregisterSecurityProvider(SecurityProviderRegistrar registrar)Attempts to register the security provider represented by the registrar if not already registered.-
Methods inherited from interface org.apache.sshd.common.NamedResource
getName
-
Methods inherited from interface org.apache.sshd.common.OptionalFeature
isSupported
-
Methods inherited from interface org.apache.sshd.common.PropertyResolver
getBoolean, getBooleanProperty, getCharset, getInteger, getIntProperty, getLong, getLongProperty, getObject, getString, getStringProperty, isEmpty
-
Methods inherited from interface org.apache.sshd.common.util.security.SecurityProviderChoice
getSecurityProvider
-
-
-
-
Field Detail
-
CONFIG_PROP_BASE
static final String CONFIG_PROP_BASE
Base name for configuration properties related to security providers- See Also:
- Constant Field Values
-
ENABLED_PROPERTY
static final String ENABLED_PROPERTY
Property used to configure whether the provider is enabled regardless of whether it is supported.- See Also:
isEnabled(), Constant Field Values
-
NAMED_PROVIDER_PROPERTY
static final String NAMED_PROVIDER_PROPERTY
Property used to configure whether to use the provider's name rather than itsProviderinstance- See Also:
isNamedProviderUsed(), Constant Field Values
-
ALL_OPTIONS_VALUE
static final String ALL_OPTIONS_VALUE
- See Also:
- Constant Field Values
-
ALL_OPTIONS_WILDCARD
static final String ALL_OPTIONS_WILDCARD
- See Also:
- Constant Field Values
-
NO_OPTIONS_VALUE
static final String NO_OPTIONS_VALUE
- See Also:
- Constant Field Values
-
SECURITY_ENTITIES
static final List<Class<?>> SECURITY_ENTITIES
All the entities that are used in calls toisSecurityEntitySupported(Class, String)
-
-
Method Detail
-
getBasePropertyName
default String getBasePropertyName()
-
isEnabled
default boolean isEnabled()
- Returns:
trueif the provider is enabled regardless of whether it is supported - default=true. Note: checks if the provider has been programmatically disabled viaSecurityUtils.setAPrioriDisabledProvider(String, boolean)- See Also:
ENABLED_PROPERTY
-
getParentPropertyResolver
default PropertyResolver getParentPropertyResolver()
- Specified by:
getParentPropertyResolverin interfacePropertyResolver- Returns:
- The parent resolver that can be used to query for missing properties -
nullif no parent
-
getProperties
default Map<String,Object> getProperties()
Description copied from interface:PropertyResolverA map of properties that can be used to configure the SSH server or client. This map will never be changed by either the server or client and is not supposed to be changed at runtime (changes are not bound to have any effect on a running client or server), though it may affect the creation of sessions later as these values are usually not cached.
Note: the type of the mapped property should match the expected configuration value type -
Long, Integer, Boolean, String, etc.... If it doesn't, thetoString()result of the mapped value is used to convert it to the required type. E.g., if the mapped value is the string "1234" and the expected value is alongthen it will be parsed into one. Also, if the mapped value is anIntegerbut alongis expected, then it will be converted into one.- Specified by:
getPropertiesin interfacePropertyResolver- Returns:
- a valid
Mapcontaining configuration values, nevernull. Note: may be immutable.
-
isCipherSupported
default boolean isCipherSupported(String transformation)
- Parameters:
transformation- The requestedCiphertransformation- Returns:
trueif this security provider supports the transformation- See Also:
isSecurityEntitySupported(Class, String)
-
isKeyFactorySupported
default boolean isKeyFactorySupported(String algorithm)
- Parameters:
algorithm- TheKeyFactoryalgorithm- Returns:
trueif this security provider supports the algorithm- See Also:
isSecurityEntitySupported(Class, String)
-
isMessageDigestSupported
default boolean isMessageDigestSupported(String algorithm)
- Parameters:
algorithm- TheMessageDigestalgorithm- Returns:
trueif this security provider supports the algorithm- See Also:
isSecurityEntitySupported(Class, String)
-
isKeyPairGeneratorSupported
default boolean isKeyPairGeneratorSupported(String algorithm)
- Parameters:
algorithm- TheKeyPairGeneratoralgorithm- Returns:
trueif this security provider supports the algorithm- See Also:
isSecurityEntitySupported(Class, String)
-
isKeyAgreementSupported
default boolean isKeyAgreementSupported(String algorithm)
- Parameters:
algorithm- TheKeyAgreementalgorithm- Returns:
trueif this security provider supports the algorithm- See Also:
isSecurityEntitySupported(Class, String)
-
isMacSupported
default boolean isMacSupported(String algorithm)
- Parameters:
algorithm- TheMacalgorithm- Returns:
trueif this security provider supports the algorithm- See Also:
isSecurityEntitySupported(Class, String)
-
isSignatureSupported
default boolean isSignatureSupported(String algorithm)
- Parameters:
algorithm- TheSignaturealgorithm- Returns:
trueif this security provider supports the algorithm- See Also:
isSecurityEntitySupported(Class, String)
-
isCertificateFactorySupported
default boolean isCertificateFactorySupported(String type)
- Parameters:
type- TheCertificateFactorytype- Returns:
trueif this security provider supports the algorithm- See Also:
isSecurityEntitySupported(Class, String)
-
getDefaultSecurityEntitySupportValue
default String getDefaultSecurityEntitySupportValue(Class<?> entityType)
- Parameters:
entityType- The requested entity type - its simple name serves to build the configuration property name.- Returns:
- Configuration value to use if no specific configuration provided - default=empty
- See Also:
isSecurityEntitySupported(Class, String)
-
isSecurityEntitySupported
default boolean isSecurityEntitySupported(Class<?> entityType, String name)
-
isNamedProviderUsed
default boolean isNamedProviderUsed()
- Specified by:
isNamedProviderUsedin interfaceSecurityProviderChoice- Returns:
trueif to use the provider's name rather than itsProviderinstance - default=true- See Also:
NAMED_PROVIDER_PROPERTY,SecurityProviderChoice.getSecurityProvider(),registerSecurityProvider(SecurityProviderRegistrar)
-
isAllOptionsValue
static boolean isAllOptionsValue(String v)
- Parameters:
v- Value to be examined- Returns:
trueif the value equals (case insensitive) to eitherALL_OPTIONS_VALUEorALL_OPTIONS_WILDCARD
-
isSecurityEntitySupported
static boolean isSecurityEntitySupported(SecurityProviderRegistrar registrar, Class<?> entityType, String name, String defaultValue)
Checks whether the requested entity type algorithm/name is listed as supported by the registrar's configuration- Parameters:
registrar- TheSecurityProviderRegistrarentityType- The requested entity type - its simple name serves to build the configuration property name.name- The requested algorithm/name - Note: if the requested entity is aCipherthen the argument is assumed to be a possible "/" separated transformation and parsed as such in order to retrieve the pure cipher namedefaultValue- Configuration value to use if no specific configuration provided- Returns:
trueregistrar is supported and the value is listed (case insensitive) or * the property is one of the "all" markers- See Also:
OptionalFeature.isSupported(),isAllOptionsValue(String)
-
isSecurityEntitySupported
static boolean isSecurityEntitySupported(PropertyResolver resolver, String propName, Class<?> entityType, String name, String defaultValue)
-
getEffectiveSecurityEntityName
static String getEffectiveSecurityEntityName(Class<?> entityType, String name)
Determines the "pure" security entity name - e.g., forCiphers it strips the trailing transformation specification in order to extract the base cipher name - e.g., "AES/CBC/NoPadding" => "AES"- Parameters:
entityType- The security entity type - ignored ifnullname- The effective name - ignored ifnull/empty- Returns:
- The resolved name
-
registerSecurityProvider
static boolean registerSecurityProvider(SecurityProviderRegistrar registrar)
Attempts to register the security provider represented by the registrar if not already registered. Note: ifisNamedProviderUsed()istruethen the generated provider will be added to the system's list of known providers.- Parameters:
registrar- TheSecurityProviderRegistrar- Returns:
trueif no provider was previously registered- See Also:
Security.getProvider(String),SecurityProviderChoice.getSecurityProvider(),Security.addProvider(Provider)
-
findSecurityProviderRegistrarBySecurityEntity
static SecurityProviderRegistrar findSecurityProviderRegistrarBySecurityEntity(Predicate<? super SecurityProviderRegistrar> entitySelector, Collection<? extends SecurityProviderRegistrar> registrars)
-
-