Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/src/java.base/share/classes/java/security/KeyPairGenerator.java
41152 views
1
/*

2
 * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25


26
package java.security;

27


28
import java.util.*;

29


30
import java.security.spec.AlgorithmParameterSpec;

31


32
import java.security.Provider.Service;

33


34
import sun.security.jca.*;

35
import sun.security.jca.GetInstance.Instance;

36
import sun.security.util.Debug;

37


38
/**

39
 * The KeyPairGenerator class is used to generate pairs of

40
 * public and private keys. Key pair generators are constructed using the

41
 * {@code getInstance} factory methods (static methods that

42
 * return instances of a given class).

43
 *

44
 * <p>A Key pair generator for a particular algorithm creates a public/private

45
 * key pair that can be used with this algorithm. It also associates

46
 * algorithm-specific parameters with each of the generated keys.

47
 *

48
 * <p>There are two ways to generate a key pair: in an algorithm-independent

49
 * manner, and in an algorithm-specific manner.

50
 * The only difference between the two is the initialization of the object:

51
 *

52
 * <ul>

53
 * <li><b>Algorithm-Independent Initialization</b>

54
 * <p>All key pair generators share the concepts of a keysize and a

55
 * source of randomness. The keysize is interpreted differently for different

56
 * algorithms (e.g., in the case of the <i>DSA</i> algorithm, the keysize

57
 * corresponds to the length of the modulus).

58
 * There is an

59
 * {@link #initialize(int, java.security.SecureRandom) initialize}

60
 * method in this KeyPairGenerator class that takes these two universally

61
 * shared types of arguments. There is also one that takes just a

62
 * {@code keysize} argument, and uses the {@code SecureRandom}

63
 * implementation of the highest-priority installed provider as the source

64
 * of randomness. (If none of the installed providers supply an implementation

65
 * of {@code SecureRandom}, a system-provided source of randomness is

66
 * used.)

67
 *

68
 * <p>Since no other parameters are specified when you call the above

69
 * algorithm-independent {@code initialize} methods, it is up to the

70
 * provider what to do about the algorithm-specific parameters (if any) to be

71
 * associated with each of the keys.

72
 *

73
 * <p>If the algorithm is the <i>DSA</i> algorithm, and the keysize (modulus

74
 * size) is 512, 768, 1024, or 2048, then the <i>Sun</i> provider uses a set of

75
 * precomputed values for the {@code p}, {@code q}, and

76
 * {@code g} parameters. If the modulus size is not one of the above

77
 * values, the <i>Sun</i> provider creates a new set of parameters. Other

78
 * providers might have precomputed parameter sets for more than just the

79
 * modulus sizes mentioned above. Still others might not have a list of

80
 * precomputed parameters at all and instead always create new parameter sets.

81
 *

82
 * <li><b>Algorithm-Specific Initialization</b>

83
 * <p>For situations where a set of algorithm-specific parameters already

84
 * exists (e.g., so-called <i>community parameters</i> in DSA), there are two

85
 * {@link #initialize(java.security.spec.AlgorithmParameterSpec)

86
 * initialize} methods that have an {@code AlgorithmParameterSpec}

87
 * argument. One also has a {@code SecureRandom} argument, while

88
 * the other uses the {@code SecureRandom}

89
 * implementation of the highest-priority installed provider as the source

90
 * of randomness. (If none of the installed providers supply an implementation

91
 * of {@code SecureRandom}, a system-provided source of randomness is

92
 * used.)

93
 * </ul>

94
 *

95
 * <p>In case the client does not explicitly initialize the KeyPairGenerator

96
 * (via a call to an {@code initialize} method), each provider must

97
 * supply (and document) a default initialization.

98
 * See the Keysize Restriction sections of the

99
 * {@extLink security_guide_jdk_providers JDK Providers}

100
 * document for information on the KeyPairGenerator defaults used by

101
 * JDK providers.

102
 * However, note that defaults may vary across different providers.

103
 * Additionally, the default value for a provider may change in a future

104
 * version. Therefore, it is recommended to explicitly initialize the

105
 * KeyPairGenerator instead of relying on provider-specific defaults.

106
 *

107
 * <p>Note that this class is abstract and extends from

108
 * {@code KeyPairGeneratorSpi} for historical reasons.

109
 * Application developers should only take notice of the methods defined in

110
 * this {@code KeyPairGenerator} class; all the methods in

111
 * the superclass are intended for cryptographic service providers who wish to

112
 * supply their own implementations of key pair generators.

113
 *

114
 * <p> Every implementation of the Java platform is required to support the

115
 * following standard {@code KeyPairGenerator} algorithms and keysizes in

116
 * parentheses:

117
 * <ul>

118
 * <li>{@code DiffieHellman} (1024, 2048, 4096)</li>

119
 * <li>{@code DSA} (1024, 2048)</li>

120
 * <li>{@code RSA} (1024, 2048, 4096)</li>

121
 * </ul>

122
 * These algorithms are described in the <a href=

123
 * "{@docRoot}/../specs/security/standard-names.html#keypairgenerator-algorithms">

124
 * KeyPairGenerator section</a> of the

125
 * Java Security Standard Algorithm Names Specification.

126
 * Consult the release documentation for your implementation to see if any

127
 * other algorithms are supported.

128
 *

129
 * @author Benjamin Renaud

130
 * @since 1.1

131
 *

132
 * @see java.security.spec.AlgorithmParameterSpec

133
 */

134


135
public abstract class KeyPairGenerator extends KeyPairGeneratorSpi {

136


137
    private static final Debug pdebug =

138
                        Debug.getInstance("provider", "Provider");

139
    private static final boolean skipDebug =

140
        Debug.isOn("engine=") && !Debug.isOn("keypairgenerator");

141


142
    private final String algorithm;

143


144
    // The provider

145
    Provider provider;

146


147
    /**

148
     * Creates a KeyPairGenerator object for the specified algorithm.

149
     *

150
     * @param algorithm the standard string name of the algorithm.

151
     * See the KeyPairGenerator section in the <a href=

152
     * "{@docRoot}/../specs/security/standard-names.html#keypairgenerator-algorithms">

153
     * Java Security Standard Algorithm Names Specification</a>

154
     * for information about standard algorithm names.

155
     */

156
    protected KeyPairGenerator(String algorithm) {

157
        this.algorithm = algorithm;

158
    }

159


160
    /**

161
     * Returns the standard name of the algorithm for this key pair generator.

162
     * See the KeyPairGenerator section in the <a href=

163
     * "{@docRoot}/../specs/security/standard-names.html#keypairgenerator-algorithms">

164
     * Java Security Standard Algorithm Names Specification</a>

165
     * for information about standard algorithm names.

166
     *

167
     * @return the standard string name of the algorithm.

168
     */

169
    public String getAlgorithm() {

170
        return this.algorithm;

171
    }

172


173
    private static KeyPairGenerator getInstance(Instance instance,

174
            String algorithm) {

175
        KeyPairGenerator kpg;

176
        if (instance.impl instanceof KeyPairGenerator) {

177
            kpg = (KeyPairGenerator)instance.impl;

178
        } else {

179
            KeyPairGeneratorSpi spi = (KeyPairGeneratorSpi)instance.impl;

180
            kpg = new Delegate(spi, algorithm);

181
        }

182
        kpg.provider = instance.provider;

183


184
        if (!skipDebug && pdebug != null) {

185
            pdebug.println("KeyPairGenerator." + algorithm +

186
                " algorithm from: " + kpg.provider.getName());

187
        }

188


189
        return kpg;

190
    }

191


192
    /**

193
     * Returns a KeyPairGenerator object that generates public/private

194
     * key pairs for the specified algorithm.

195
     *

196
     * <p> This method traverses the list of registered security Providers,

197
     * starting with the most preferred Provider.

198
     * A new KeyPairGenerator object encapsulating the

199
     * KeyPairGeneratorSpi implementation from the first

200
     * Provider that supports the specified algorithm is returned.

201
     *

202
     * <p> Note that the list of registered providers may be retrieved via

203
     * the {@link Security#getProviders() Security.getProviders()} method.

204
     *

205
     * @implNote

206
     * The JDK Reference Implementation additionally uses the

207
     * {@code jdk.security.provider.preferred}

208
     * {@link Security#getProperty(String) Security} property to determine

209
     * the preferred provider order for the specified algorithm. This

210
     * may be different than the order of providers returned by

211
     * {@link Security#getProviders() Security.getProviders()}.

212
     *

213
     * @param algorithm the standard string name of the algorithm.

214
     * See the KeyPairGenerator section in the <a href=

215
     * "{@docRoot}/../specs/security/standard-names.html#keypairgenerator-algorithms">

216
     * Java Security Standard Algorithm Names Specification</a>

217
     * for information about standard algorithm names.

218
     *

219
     * @return the new {@code KeyPairGenerator} object

220
     *

221
     * @throws NoSuchAlgorithmException if no {@code Provider} supports a

222
     *         {@code KeyPairGeneratorSpi} implementation for the

223
     *         specified algorithm

224
     *

225
     * @throws NullPointerException if {@code algorithm} is {@code null}

226
     *

227
     * @see Provider

228
     */

229
    public static KeyPairGenerator getInstance(String algorithm)

230
            throws NoSuchAlgorithmException {

231
        Objects.requireNonNull(algorithm, "null algorithm name");

232
        List<Service> list =

233
                GetInstance.getServices("KeyPairGenerator", algorithm);

234
        Iterator<Service> t = list.iterator();

235
        if (t.hasNext() == false) {

236
            throw new NoSuchAlgorithmException

237
                (algorithm + " KeyPairGenerator not available");

238
        }

239
        // find a working Spi or KeyPairGenerator subclass

240
        NoSuchAlgorithmException failure = null;

241
        do {

242
            Service s = t.next();

243
            try {

244
                Instance instance =

245
                    GetInstance.getInstance(s, KeyPairGeneratorSpi.class);

246
                if (instance.impl instanceof KeyPairGenerator) {

247
                    return getInstance(instance, algorithm);

248
                } else {

249
                    return new Delegate(instance, t, algorithm);

250
                }

251
            } catch (NoSuchAlgorithmException e) {

252
                if (failure == null) {

253
                    failure = e;

254
                }

255
            }

256
        } while (t.hasNext());

257
        throw failure;

258
    }

259


260
    /**

261
     * Returns a KeyPairGenerator object that generates public/private

262
     * key pairs for the specified algorithm.

263
     *

264
     * <p> A new KeyPairGenerator object encapsulating the

265
     * KeyPairGeneratorSpi implementation from the specified provider

266
     * is returned.  The specified provider must be registered

267
     * in the security provider list.

268
     *

269
     * <p> Note that the list of registered providers may be retrieved via

270
     * the {@link Security#getProviders() Security.getProviders()} method.

271
     *

272
     * @param algorithm the standard string name of the algorithm.

273
     * See the KeyPairGenerator section in the <a href=

274
     * "{@docRoot}/../specs/security/standard-names.html#keypairgenerator-algorithms">

275
     * Java Security Standard Algorithm Names Specification</a>

276
     * for information about standard algorithm names.

277
     *

278
     * @param provider the string name of the provider.

279
     *

280
     * @return the new {@code KeyPairGenerator} object

281
     *

282
     * @throws IllegalArgumentException if the provider name is {@code null}

283
     *         or empty

284
     *

285
     * @throws NoSuchAlgorithmException if a {@code KeyPairGeneratorSpi}

286
     *         implementation for the specified algorithm is not

287
     *         available from the specified provider

288
     *

289
     * @throws NoSuchProviderException if the specified provider is not

290
     *         registered in the security provider list

291
     *

292
     * @throws NullPointerException if {@code algorithm} is {@code null}

293
     *

294
     * @see Provider

295
     */

296
    public static KeyPairGenerator getInstance(String algorithm,

297
            String provider)

298
            throws NoSuchAlgorithmException, NoSuchProviderException {

299
        Objects.requireNonNull(algorithm, "null algorithm name");

300
        Instance instance = GetInstance.getInstance("KeyPairGenerator",

301
                KeyPairGeneratorSpi.class, algorithm, provider);

302
        return getInstance(instance, algorithm);

303
    }

304


305
    /**

306
     * Returns a KeyPairGenerator object that generates public/private

307
     * key pairs for the specified algorithm.

308
     *

309
     * <p> A new KeyPairGenerator object encapsulating the

310
     * KeyPairGeneratorSpi implementation from the specified Provider

311
     * object is returned.  Note that the specified Provider object

312
     * does not have to be registered in the provider list.

313
     *

314
     * @param algorithm the standard string name of the algorithm.

315
     * See the KeyPairGenerator section in the <a href=

316
     * "{@docRoot}/../specs/security/standard-names.html#keypairgenerator-algorithms">

317
     * Java Security Standard Algorithm Names Specification</a>

318
     * for information about standard algorithm names.

319
     *

320
     * @param provider the provider.

321
     *

322
     * @return the new {@code KeyPairGenerator} object

323
     *

324
     * @throws IllegalArgumentException if the specified provider is

325
     *         {@code null}

326
     *

327
     * @throws NoSuchAlgorithmException if a {@code KeyPairGeneratorSpi}

328
     *         implementation for the specified algorithm is not available

329
     *         from the specified {@code Provider} object

330
     *

331
     * @throws NullPointerException if {@code algorithm} is {@code null}

332
     *

333
     * @see Provider

334
     *

335
     * @since 1.4

336
     */

337
    public static KeyPairGenerator getInstance(String algorithm,

338
            Provider provider) throws NoSuchAlgorithmException {

339
        Objects.requireNonNull(algorithm, "null algorithm name");

340
        Instance instance = GetInstance.getInstance("KeyPairGenerator",

341
                KeyPairGeneratorSpi.class, algorithm, provider);

342
        return getInstance(instance, algorithm);

343
    }

344


345
    /**

346
     * Returns the provider of this key pair generator object.

347
     *

348
     * @return the provider of this key pair generator object

349
     */

350
    public final Provider getProvider() {

351
        disableFailover();

352
        return this.provider;

353
    }

354


355
    void disableFailover() {

356
        // empty, overridden in Delegate

357
    }

358


359
    /**

360
     * Initializes the key pair generator for a certain keysize using

361
     * a default parameter set and the {@code SecureRandom}

362
     * implementation of the highest-priority installed provider as the source

363
     * of randomness.

364
     * (If none of the installed providers supply an implementation of

365
     * {@code SecureRandom}, a system-provided source of randomness is

366
     * used.)

367
     *

368
     * @param keysize the keysize. This is an

369
     * algorithm-specific metric, such as modulus length, specified in

370
     * number of bits.

371
     *

372
     * @throws    InvalidParameterException if the {@code keysize} is not

373
     * supported by this KeyPairGenerator object.

374
     */

375
    public void initialize(int keysize) {

376
        initialize(keysize, JCAUtil.getDefSecureRandom());

377
    }

378


379
    /**

380
     * Initializes the key pair generator for a certain keysize with

381
     * the given source of randomness (and a default parameter set).

382
     *

383
     * @param keysize the keysize. This is an

384
     * algorithm-specific metric, such as modulus length, specified in

385
     * number of bits.

386
     * @param random the source of randomness.

387
     *

388
     * @throws    InvalidParameterException if the {@code keysize} is not

389
     * supported by this KeyPairGenerator object.

390
     *

391
     * @since 1.2

392
     */

393
    public void initialize(int keysize, SecureRandom random) {

394
        // This does nothing, because either

395
        // 1. the implementation object returned by getInstance() is an

396
        //    instance of KeyPairGenerator which has its own

397
        //    initialize(keysize, random) method, so the application would

398
        //    be calling that method directly, or

399
        // 2. the implementation returned by getInstance() is an instance

400
        //    of Delegate, in which case initialize(keysize, random) is

401
        //    overridden to call the corresponding SPI method.

402
        // (This is a special case, because the API and SPI method have the

403
        // same name.)

404
    }

405


406
    /**

407
     * Initializes the key pair generator using the specified parameter

408
     * set and the {@code SecureRandom}

409
     * implementation of the highest-priority installed provider as the source

410
     * of randomness.

411
     * (If none of the installed providers supply an implementation of

412
     * {@code SecureRandom}, a system-provided source of randomness is

413
     * used.)

414
     *

415
     * <p>This concrete method has been added to this previously-defined

416
     * abstract class.

417
     * This method calls the KeyPairGeneratorSpi

418
     * {@link KeyPairGeneratorSpi#initialize(

419
     * java.security.spec.AlgorithmParameterSpec,

420
     * java.security.SecureRandom) initialize} method,

421
     * passing it {@code params} and a source of randomness (obtained

422
     * from the highest-priority installed provider or system-provided if none

423
     * of the installed providers supply one).

424
     * That {@code initialize} method always throws an

425
     * UnsupportedOperationException if it is not overridden by the provider.

426
     *

427
     * @param params the parameter set used to generate the keys.

428
     *

429
     * @throws    InvalidAlgorithmParameterException if the given parameters

430
     * are inappropriate for this key pair generator.

431
     *

432
     * @since 1.2

433
     */

434
    public void initialize(AlgorithmParameterSpec params)

435
            throws InvalidAlgorithmParameterException {

436
        initialize(params, JCAUtil.getDefSecureRandom());

437
    }

438


439
    /**

440
     * Initializes the key pair generator with the given parameter

441
     * set and source of randomness.

442
     *

443
     * <p>This concrete method has been added to this previously-defined

444
     * abstract class.

445
     * This method calls the KeyPairGeneratorSpi {@link

446
     * KeyPairGeneratorSpi#initialize(

447
     * java.security.spec.AlgorithmParameterSpec,

448
     * java.security.SecureRandom) initialize} method,

449
     * passing it {@code params} and {@code random}.

450
     * That {@code initialize}

451
     * method always throws an

452
     * UnsupportedOperationException if it is not overridden by the provider.

453
     *

454
     * @param params the parameter set used to generate the keys.

455
     * @param random the source of randomness.

456
     *

457
     * @throws    InvalidAlgorithmParameterException if the given parameters

458
     * are inappropriate for this key pair generator.

459
     *

460
     * @since 1.2

461
     */

462
    public void initialize(AlgorithmParameterSpec params,

463
                           SecureRandom random)

464
        throws InvalidAlgorithmParameterException

465
    {

466
        // This does nothing, because either

467
        // 1. the implementation object returned by getInstance() is an

468
        //    instance of KeyPairGenerator which has its own

469
        //    initialize(params, random) method, so the application would

470
        //    be calling that method directly, or

471
        // 2. the implementation returned by getInstance() is an instance

472
        //    of Delegate, in which case initialize(params, random) is

473
        //    overridden to call the corresponding SPI method.

474
        // (This is a special case, because the API and SPI method have the

475
        // same name.)

476
    }

477


478
    /**

479
     * Generates a key pair.

480
     *

481
     * <p>If this KeyPairGenerator has not been initialized explicitly,

482
     * provider-specific defaults will be used for the size and other

483
     * (algorithm-specific) values of the generated keys.

484
     *

485
     * <p>This will generate a new key pair every time it is called.

486
     *

487
     * <p>This method is functionally equivalent to

488
     * {@link #generateKeyPair() generateKeyPair}.

489
     *

490
     * @return the generated key pair

491
     *

492
     * @since 1.2

493
     */

494
    public final KeyPair genKeyPair() {

495
        return generateKeyPair();

496
    }

497


498
    /**

499
     * Generates a key pair.

500
     *

501
     * <p>If this KeyPairGenerator has not been initialized explicitly,

502
     * provider-specific defaults will be used for the size and other

503
     * (algorithm-specific) values of the generated keys.

504
     *

505
     * <p>This will generate a new key pair every time it is called.

506
     *

507
     * <p>This method is functionally equivalent to

508
     * {@link #genKeyPair() genKeyPair}.

509
     *

510
     * @return the generated key pair

511
     */

512
    public KeyPair generateKeyPair() {

513
        // This does nothing (except returning null), because either:

514
        //

515
        // 1. the implementation object returned by getInstance() is an

516
        //    instance of KeyPairGenerator which has its own implementation

517
        //    of generateKeyPair (overriding this one), so the application

518
        //    would be calling that method directly, or

519
        //

520
        // 2. the implementation returned by getInstance() is an instance

521
        //    of Delegate, in which case generateKeyPair is

522
        //    overridden to invoke the corresponding SPI method.

523
        //

524
        // (This is a special case, because in JDK 1.1.x the generateKeyPair

525
        // method was used both as an API and a SPI method.)

526
        return null;

527
    }

528


529


530
    /*

531
     * The following class allows providers to extend from KeyPairGeneratorSpi

532
     * rather than from KeyPairGenerator. It represents a KeyPairGenerator

533
     * with an encapsulated, provider-supplied SPI object (of type

534
     * KeyPairGeneratorSpi).

535
     * If the provider implementation is an instance of KeyPairGeneratorSpi,

536
     * the getInstance() methods above return an instance of this class, with

537
     * the SPI object encapsulated.

538
     *

539
     * Note: All SPI methods from the original KeyPairGenerator class have been

540
     * moved up the hierarchy into a new class (KeyPairGeneratorSpi), which has

541
     * been interposed in the hierarchy between the API (KeyPairGenerator)

542
     * and its original parent (Object).

543
     */

544


545
    //

546
    // error failover notes:

547
    //

548
    //  . we failover if the implementation throws an error during init

549
    //    by retrying the init on other providers

550
    //

551
    //  . we also failover if the init succeeded but the subsequent call

552
    //    to generateKeyPair() fails. In order for this to work, we need

553
    //    to remember the parameters to the last successful call to init

554
    //    and initialize() the next spi using them.

555
    //

556
    //  . although not specified, KeyPairGenerators could be thread safe,

557
    //    so we make sure we do not interfere with that

558
    //

559
    //  . failover is not available, if:

560
    //    . getInstance(algorithm, provider) was used

561
    //    . a provider extends KeyPairGenerator rather than

562
    //      KeyPairGeneratorSpi (JDK 1.1 style)

563
    //    . once getProvider() is called

564
    //

565


566
    private static final class Delegate extends KeyPairGenerator {

567


568
        // The provider implementation (delegate)

569
        private volatile KeyPairGeneratorSpi spi;

570


571
        private final Object lock = new Object();

572


573
        private Iterator<Service> serviceIterator;

574


575
        private static final int I_NONE   = 1;

576
        private static final int I_SIZE   = 2;

577
        private static final int I_PARAMS = 3;

578


579
        private int initType;

580
        private int initKeySize;

581
        private AlgorithmParameterSpec initParams;

582
        private SecureRandom initRandom;

583


584
        // constructor

585
        Delegate(KeyPairGeneratorSpi spi, String algorithm) {

586
            super(algorithm);

587
            this.spi = spi;

588
        }

589


590
        Delegate(Instance instance, Iterator<Service> serviceIterator,

591
                String algorithm) {

592
            super(algorithm);

593
            spi = (KeyPairGeneratorSpi)instance.impl;

594
            provider = instance.provider;

595
            this.serviceIterator = serviceIterator;

596
            initType = I_NONE;

597


598
            if (!skipDebug && pdebug != null) {

599
                pdebug.println("KeyPairGenerator." + algorithm +

600
                    " algorithm from: " + provider.getName());

601
            }

602
        }

603


604
        /**

605
         * Update the active spi of this class and return the next

606
         * implementation for failover. If no more implemenations are

607
         * available, this method returns null. However, the active spi of

608
         * this class is never set to null.

609
         */

610
        private KeyPairGeneratorSpi nextSpi(KeyPairGeneratorSpi oldSpi,

611
                boolean reinit) {

612
            synchronized (lock) {

613
                // somebody else did a failover concurrently

614
                // try that spi now

615
                if ((oldSpi != null) && (oldSpi != spi)) {

616
                    return spi;

617
                }

618
                if (serviceIterator == null) {

619
                    return null;

620
                }

621
                while (serviceIterator.hasNext()) {

622
                    Service s = serviceIterator.next();

623
                    try {

624
                        Object inst = s.newInstance(null);

625
                        // ignore non-spis

626
                        if (!(inst instanceof KeyPairGeneratorSpi spi)) {

627
                            continue;

628
                        }

629
                        if (inst instanceof KeyPairGenerator) {

630
                            continue;

631
                        }

632
                        if (reinit) {

633
                            if (initType == I_SIZE) {

634
                                spi.initialize(initKeySize, initRandom);

635
                            } else if (initType == I_PARAMS) {

636
                                spi.initialize(initParams, initRandom);

637
                            } else if (initType != I_NONE) {

638
                                throw new AssertionError

639
                                    ("KeyPairGenerator initType: " + initType);

640
                            }

641
                        }

642
                        provider = s.getProvider();

643
                        this.spi = spi;

644
                        return spi;

645
                    } catch (Exception e) {

646
                        // ignore

647
                    }

648
                }

649
                disableFailover();

650
                return null;

651
            }

652
        }

653


654
        void disableFailover() {

655
            serviceIterator = null;

656
            initType = 0;

657
            initParams = null;

658
            initRandom = null;

659
        }

660


661
        // engine method

662
        public void initialize(int keysize, SecureRandom random) {

663
            if (serviceIterator == null) {

664
                spi.initialize(keysize, random);

665
                return;

666
            }

667
            RuntimeException failure = null;

668
            KeyPairGeneratorSpi mySpi = spi;

669
            do {

670
                try {

671
                    mySpi.initialize(keysize, random);

672
                    initType = I_SIZE;

673
                    initKeySize = keysize;

674
                    initParams = null;

675
                    initRandom = random;

676
                    return;

677
                } catch (RuntimeException e) {

678
                    if (failure == null) {

679
                        failure = e;

680
                    }

681
                    mySpi = nextSpi(mySpi, false);

682
                }

683
            } while (mySpi != null);

684
            throw failure;

685
        }

686


687
        // engine method

688
        public void initialize(AlgorithmParameterSpec params,

689
                SecureRandom random) throws InvalidAlgorithmParameterException {

690
            if (serviceIterator == null) {

691
                spi.initialize(params, random);

692
                return;

693
            }

694
            Exception failure = null;

695
            KeyPairGeneratorSpi mySpi = spi;

696
            do {

697
                try {

698
                    mySpi.initialize(params, random);

699
                    initType = I_PARAMS;

700
                    initKeySize = 0;

701
                    initParams = params;

702
                    initRandom = random;

703
                    return;

704
                } catch (Exception e) {

705
                    if (failure == null) {

706
                        failure = e;

707
                    }

708
                    mySpi = nextSpi(mySpi, false);

709
                }

710
            } while (mySpi != null);

711
            if (failure instanceof RuntimeException) {

712
                throw (RuntimeException)failure;

713
            }

714
            // must be an InvalidAlgorithmParameterException

715
            throw (InvalidAlgorithmParameterException)failure;

716
        }

717


718
        // engine method

719
        public KeyPair generateKeyPair() {

720
            if (serviceIterator == null) {

721
                return spi.generateKeyPair();

722
            }

723
            RuntimeException failure = null;

724
            KeyPairGeneratorSpi mySpi = spi;

725
            do {

726
                try {

727
                    return mySpi.generateKeyPair();

728
                } catch (RuntimeException e) {

729
                    if (failure == null) {

730
                        failure = e;

731
                    }

732
                    mySpi = nextSpi(mySpi, true);

733
                }

734
            } while (mySpi != null);

735
            throw failure;

736
        }

737
    }

738


739
}

740


741