Package org.apache.sshd.common.util.security

Interface SecurityProviderRegistrar

    • Field Detail

      • CONFIG_PROP_BASE

        static final java.lang.String CONFIG_PROP_BASE
        Base name for configuration properties related to security providers
        See Also:
        Constant Field Values

      • ENABLED_PROPERTY

        static final java.lang.String ENABLED_PROPERTY
        Property used to configure whether the provider is enabled regardless of whether it is supported.
        See Also:
        isEnabled(), Constant Field Values

      • NAMED_PROVIDER_PROPERTY

        static final java.lang.String NAMED_PROVIDER_PROPERTY
        Property used to configure whether to use the provider's name rather than its Provider instance
        See Also:
        isNamedProviderUsed(), Constant Field Values

      • ALL_OPTIONS_WILDCARD

        static final java.lang.String ALL_OPTIONS_WILDCARD
        See Also:
        Constant Field Values

    • Method Detail

      • getBasePropertyName

        default java.lang.String getBasePropertyName()

      • getConfigurationPropertyName

        default java.lang.String getConfigurationPropertyName​(java.lang.String name)

      • getProperties

        default java.util.Map<java.lang.String,​java.lang.Object> getProperties()
        Description copied from interface: PropertyResolver

        A map of properties that can be used to configure the SSH server or client. This map will never be changed by either the server or client and is not supposed to be changed at runtime (changes are not bound to have any effect on a running client or server), though it may affect the creation of sessions later as these values are usually not cached.

        Note: the type of the mapped property should match the expected configuration value type - Long, Integer, Boolean, String, etc.... If it doesn't, the toString() result of the mapped value is used to convert it to the required type. E.g., if the mapped value is the string "1234" and the expected value is a long then it will be parsed into one. Also, if the mapped value is an Integer but a long is expected, then it will be converted into one.

        Specified by:
        getProperties in interface PropertyResolver
        Returns:
        a valid Map containing configuration values, never null. Note: may be immutable.

      • isCipherSupported

        default boolean isCipherSupported​(java.lang.String transformation)
        Parameters:
        transformation - The requested Cipher transformation
        Returns:
        true if this security provider supports the transformation
        See Also:
        isSecurityEntitySupported(Class, String)

      • isKeyFactorySupported

        default boolean isKeyFactorySupported​(java.lang.String algorithm)
        Parameters:
        algorithm - The KeyFactory algorithm
        Returns:
        true if this security provider supports the algorithm
        See Also:
        isSecurityEntitySupported(Class, String)

      • isMessageDigestSupported

        default boolean isMessageDigestSupported​(java.lang.String algorithm)
        Parameters:
        algorithm - The MessageDigest algorithm
        Returns:
        true if this security provider supports the algorithm
        See Also:
        isSecurityEntitySupported(Class, String)

      • isKeyPairGeneratorSupported

        default boolean isKeyPairGeneratorSupported​(java.lang.String algorithm)
        Parameters:
        algorithm - The KeyPairGenerator algorithm
        Returns:
        true if this security provider supports the algorithm
        See Also:
        isSecurityEntitySupported(Class, String)

      • isKeyAgreementSupported

        default boolean isKeyAgreementSupported​(java.lang.String algorithm)
        Parameters:
        algorithm - The KeyAgreement algorithm
        Returns:
        true if this security provider supports the algorithm
        See Also:
        isSecurityEntitySupported(Class, String)

      • isMacSupported

        default boolean isMacSupported​(java.lang.String algorithm)
        Parameters:
        algorithm - The Mac algorithm
        Returns:
        true if this security provider supports the algorithm
        See Also:
        isSecurityEntitySupported(Class, String)

      • isSignatureSupported

        default boolean isSignatureSupported​(java.lang.String algorithm)
        Parameters:
        algorithm - The Signature algorithm
        Returns:
        true if this security provider supports the algorithm
        See Also:
        isSecurityEntitySupported(Class, String)

      • isCertificateFactorySupported

        default boolean isCertificateFactorySupported​(java.lang.String type)
        Parameters:
        type - The CertificateFactory type
        Returns:
        true if this security provider supports the algorithm
        See Also:
        isSecurityEntitySupported(Class, String)

      • getEdDSASupport

        default java.util.Optional<EdDSASupport<?,​?>> getEdDSASupport()
        Returns:
        the EdDSA support implementation associated with the security provider (if applicable)

      • getDefaultSecurityEntitySupportValue

        default java.lang.String getDefaultSecurityEntitySupportValue​(java.lang.Class<?> entityType)
        Parameters:
        entityType - The requested entity type - its simple name serves to build the configuration property name.
        Returns:
        Configuration value to use if no specific configuration provided - default=empty
        See Also:
        isSecurityEntitySupported(Class, String)

      • isSecurityEntitySupported

        default boolean isSecurityEntitySupported​(java.lang.Class<?> entityType,
                                          java.lang.String name)

      • isAllOptionsValue

        static boolean isAllOptionsValue​(java.lang.String v)
        Parameters:
        v - Value to be examined
        Returns:
        true if the value equals (case insensitive) to either ALL_OPTIONS_VALUE or ALL_OPTIONS_WILDCARD

      • isSecurityEntitySupported

        static boolean isSecurityEntitySupported​(SecurityProviderRegistrar registrar,
                                         java.lang.Class<?> entityType,
                                         java.lang.String name,
                                         java.lang.String defaultValue)
        Checks whether the requested entity type algorithm/name is listed as supported by the registrar's configuration
        Parameters:
        registrar - The SecurityProviderRegistrar
        entityType - The requested entity type - its simple name serves to build the configuration property name.
        name - The requested algorithm/name - Note: if the requested entity is a Cipher then the argument is assumed to be a possible "/" separated transformation and parsed as such in order to retrieve the pure cipher name
        defaultValue - Configuration value to use if no specific configuration provided
        Returns:
        true registrar is supported and the value is listed (case insensitive) or * the property is one of the "all" markers
        See Also:
        OptionalFeature.isSupported(), isAllOptionsValue(String)

      • isSecurityEntitySupported

        static boolean isSecurityEntitySupported​(PropertyResolver resolver,
                                         java.lang.String propName,
                                         java.lang.Class<?> entityType,
                                         java.lang.String name,
                                         java.lang.String defaultValue)

      • getEffectiveSecurityEntityName

        static java.lang.String getEffectiveSecurityEntityName​(java.lang.Class<?> entityType,
                                                       java.lang.String name)
        Determines the "pure" security entity name - e.g., for Ciphers it strips the trailing transformation specification in order to extract the base cipher name - e.g., "AES/CBC/NoPadding" => "AES"
        Parameters:
        entityType - The security entity type - ignored if null
        name - The effective name - ignored if null/empty
        Returns:
        The resolved name