8008171: Refactor KeyStore.DomainLoadStoreParameter as a standalone class

Reviewed-by: mullan, weijun

src/share/classes/java/security/DomainLoadStoreParameter.java

+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.  Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package java.security;
+
+import java.net.URI;
+import java.util.*;
+import static java.security.KeyStore.*;
+
+/**
+ * Configuration data that specifies the keystores in a keystore domain.
+ * A keystore domain is a collection of keystores that are presented as a
+ * single logical keystore. The configuration data is used during
+ * {@code KeyStore}
+ * {@link KeyStore#load(KeyStore.LoadStoreParameter) load} and
+ * {@link KeyStore#store(KeyStore.LoadStoreParameter) store} operations.
+ * <p>
+ * The following syntax is supported for configuration data:
+ * <pre>{@code
+ *     domain <domainName> [<property> ...] {
+ *         keystore <keystoreName> [<property> ...] ;
+ *         ...
+ *     };
+ *     ...
+ * }</pre>
+ * where {@code domainName} and {@code keystoreName} are identifiers
+ * and {@code property} is a key/value pairing. The key and value are
+ * separated by an 'equals' symbol and the value is enclosed in double
+ * quotes. A property value may be either a printable string or a binary
+ * string of colon-separated pairs of hexadecimal digits. Multi-valued
+ * properties are represented as a comma-separated list of values,
+ * enclosed in square brackets.
+ * See {@link Arrays#toString(java.lang.Object[])}.
+ * <p>
+ * To ensure that keystore entries are uniquely identified, each
+ * entry's alias is prefixed by its {@code keystoreName} followed
+ * by the entry name separator and each {@code keystoreName} must be
+ * unique within its domain. Entry name prefixes are omitted when
+ * storing a keystore.
+ * <p>
+ * Properties are context-sensitive: properties that apply to
+ * all the keystores in a domain are located in the domain clause,
+ * and properties that apply only to a specific keystore are located
+ * in that keystore's clause.
+ * Unless otherwise specified, a property in a keystore clause overrides
+ * a property of the same name in the domain clause. All property names
+ * are case-insensitive. The following properties are supported:
+ * <dl>
+ * <dt> {@code keystoreType="<type>"} </dt>
+ *     <dd> The keystore type. </dd>
+ * <dt> {@code keystoreURI="<url>"} </dt>
+ *     <dd> The keystore location. </dd>
+ * <dt> {@code keystoreProviderName="<name>"} </dt>
+ *     <dd> The name of the keystore's JCE provider. </dd>
+ * <dt> {@code keystorePasswordEnv="<environment-variable>"} </dt>
+ *     <dd> The environment variable that stores a keystore password.
+ *          Alternatively, passwords may be supplied to the constructor
+ *          method in a {@code Map<String, ProtectionParameter>}. </dd>
+ * <dt> {@code entryNameSeparator="<separator>"} </dt>
+ *     <dd> The separator between a keystore name prefix and an entry name.
+ *          When specified, it applies to all the entries in a domain.
+ *          Its default value is a space. </dd>
+ * </dl>
+ * <p>
+ * For example, configuration data for a simple keystore domain
+ * comprising three keystores is shown below:
+ * <pre>
+ *
+ * domain app1 {
+ *     keystore app1-truststore
+ *         keystoreURI="file:///app1/etc/truststore.jks";
+ *
+ *     keystore system-truststore
+ *         keystoreURI="${java.home}/lib/security/cacerts";
+ *
+ *     keystore app1-keystore
+ *         keystoreType="PKCS12"
+ *         keystoreURI="file:///app1/etc/keystore.p12";
+ * };
+ *
+ * </pre>
+ * @since 1.8
+ */
+public final class DomainLoadStoreParameter implements LoadStoreParameter {
+
+    private final URI configuration;
+    private final Map<String,ProtectionParameter> protectionParams;
+
+    /**
+     * Constructs a DomainLoadStoreParameter for a keystore domain with
+     * the parameters used to protect keystore data.
+     *
+     * @param configuration identifier for the domain configuration data.
+     *     The name of the target domain should be specified in the
+     *     {@code java.net.URI} fragment component when it is necessary
+     *     to distinguish between several domain configurations at the
+     *     same location.
+     *
+     * @param protectionParams the map from keystore name to the parameter
+     *     used to protect keystore data.
+     *     A {@code java.util.Collections.EMPTY_MAP} should be used
+     *     when protection parameters are not required or when they have
+     *     been specified by properties in the domain configuration data.
+     *     It is cloned to prevent subsequent modification.
+     *
+     * @exception NullPointerException if {@code configuration} or
+     *     {@code protectionParams} is {@code null}
+     */
+    public DomainLoadStoreParameter(URI configuration,
+        Map<String,ProtectionParameter> protectionParams) {
+        if (configuration == null || protectionParams == null) {
+            throw new NullPointerException("invalid null input");
+        }
+        this.configuration = configuration;
+        this.protectionParams =
+            Collections.unmodifiableMap(new HashMap<>(protectionParams));
+    }
+
+    /**
+     * Gets the identifier for the domain configuration data.
+     *
+     * @return the identifier for the configuration data
+     */
+    public URI getConfiguration() {
+        return configuration;
+    }
+
+    /**
+     * Gets the keystore protection parameters for keystores in this
+     * domain.
+     *
+     * @return an unmodifiable map of keystore names to protection
+     *     parameters
+     */
+    public Map<String,ProtectionParameter> getProtectionParams() {
+        return protectionParams;
+    }
+
+    /**
+     * Gets the keystore protection parameters for this domain.
+     * Keystore domains do not support a protection parameter.
+     *
+     * @return always returns {@code null}
+     */
+    @Override
+    public KeyStore.ProtectionParameter getProtectionParameter() {
+        return null;
+    }
+}

src/share/classes/java/security/KeyStore.java

@@ -218,148 +218,6 @@ public class KeyStore {
         public ProtectionParameter getProtectionParameter();
     }
 
-    /**
-     * Configuration data that specifies the keystores in a keystore domain.
-     * A keystore domain is a collection of keystores that are presented as a
-     * single logical keystore. The configuration data is used during
-     * {@code KeyStore}
-     * {@link #load(KeyStore.LoadStoreParameter) load} and
-     * {@link #store(KeyStore.LoadStoreParameter) store} operations.
-     * <p>
-     * The following syntax is supported for configuration data:
-     * <pre>{@code
-     *     domain <domainName> [<property> ...] {
-     *         keystore <keystoreName> [<property> ...] ;
-     *         ...
-     *     };
-     *     ...
-     * }</pre>
-     * where {@code domainName} and {@code keystoreName} are identifiers
-     * and {@code property} is a key/value pairing. The key and value are
-     * separated by an 'equals' symbol and the value is enclosed in double
-     * quotes. A property value may be either a printable string or a binary
-     * string of colon-separated pairs of hexadecimal digits. Multi-valued
-     * properties are represented as a comma-separated list of values,
-     * enclosed in square brackets.
-     * See {@link Arrays#toString(java.lang.Object[])}.
-     * <p>
-     * To ensure that keystore entries are uniquely identified, each
-     * entry's alias is prefixed by its {@code keystoreName} followed
-     * by the entry name separator and each {@code keystoreName} must be
-     * unique within its domain. Entry name prefixes are omitted when
-     * storing a keystore.
-     * <p>
-     * Properties are context-sensitive: properties that apply to
-     * all the keystores in a domain are located in the domain clause,
-     * and properties that apply only to a specific keystore are located
-     * in that keystore's clause.
-     * Unless otherwise specified, a property in a keystore clause overrides
-     * a property of the same name in the domain clause. All property names
-     * are case-insensitive. The following properties are supported:
-     * <dl>
-     * <dt> {@code keystoreType="<type>"} </dt>
-     *     <dd> The keystore type. </dd>
-     * <dt> {@code keystoreURI="<url>"} </dt>
-     *     <dd> The keystore location. </dd>
-     * <dt> {@code keystoreProviderName="<name>"} </dt>
-     *     <dd> The name of the keystore's JCE provider. </dd>
-     * <dt> {@code keystorePasswordEnv="<environment-variable>"} </dt>
-     *     <dd> The environment variable that stores a keystore password.
-     *          Alternatively, passwords may be supplied to the constructor
-     *          method in a {@code Map<String, ProtectionParameter>}. </dd>
-     * <dt> {@code entryNameSeparator="<separator>"} </dt>
-     *     <dd> The separator between a keystore name prefix and an entry name.
-     *          When specified, it applies to all the entries in a domain.
-     *          Its default value is a space. </dd>
-     * </dl>
-     * <p>
-     * For example, configuration data for a simple keystore domain
-     * comprising three keystores is shown below:
-     * <pre>
-     *
-     * domain app1 {
-     *     keystore app1-truststore
-     *         keystoreURI="file:///app1/etc/truststore.jks"
-     *
-     *     keystore system-truststore
-     *         keystoreURI="${java.home}/lib/security/cacerts"
-     *
-     *     keystore app1-keystore
-     *         keystoreType="PKCS12"
-     *         keystoreURI="file:///app1/etc/keystore.p12"
-     * };
-     *
-     * </pre>
-     * @since 1.8
-     */
-    public static final class DomainLoadStoreParameter
-        implements LoadStoreParameter {
-
-        private final URI configuration;
-        private final Map<String,ProtectionParameter> protectionParams;
-
-        /**
-         * Constructs a DomainLoadStoreParameter for a keystore domain with
-         * the parameters used to protect keystore data.
-         *
-         * @param configuration identifier for the domain configuration data.
-         *     The name of the target domain should be specified in the
-         *     {@code java.net.URI} fragment component when it is necessary
-         *     to distinguish between several domain configurations at the
-         *     same location.
-         *
-         * @param protectionParams the map from keystore name to the parameter
-         *     used to protect keystore data.
-         *     A {@code java.util.Collections.EMPTY_MAP} should be used
-         *     when protection parameters are not required or when they have
-         *     been specified by properties in the domain configuration data.
-         *     It is cloned to prevent subsequent modification.
-         *
-         * @exception NullPointerException if {@code configuration} or
-         *     {@code protectionParams} is {@code null}
-         */
-        public DomainLoadStoreParameter(URI configuration,
-            Map<String,ProtectionParameter> protectionParams) {
-            if (configuration == null || protectionParams == null) {
-                throw new NullPointerException("invalid null input");
-            }
-            this.configuration = configuration;
-            this.protectionParams =
-                Collections.unmodifiableMap(new HashMap<>(protectionParams));
-        }
-
-        /**
-         * Gets the identifier for the domain configuration data.
-         *
-         * @return the identifier for the configuration data
-         */
-        public URI getConfiguration() {
-            return configuration;
-        }
-
-        /**
-         * Gets the keystore protection parameters for keystores in this
-         * domain.
-         *
-         * @return an unmodifiable map of keystore names to protection
-         *     parameters
-         */
-        public Map<String,ProtectionParameter> getProtectionParams() {
-            return protectionParams;
-        }
-
-        /**
-         * Gets the keystore protection parameters for this domain.
-         * Keystore domains do not support a protection parameter.
-         *
-         * @return always returns {@code null}
-         */
-        @Override
-        public KeyStore.ProtectionParameter getProtectionParameter() {
-            return null;
-        }
-    }
-
     /**
      * A marker interface for keystore protection parameters.
      *

src/share/classes/sun/security/provider/DomainKeyStore.java

@@ -41,7 +41,7 @@ import sun.security.util.PolicyUtil;
  * This class provides the domain keystore type identified as "DKS".
  * DKS presents a collection of separate keystores as a single logical keystore.
  * The collection of keystores is specified in a domain configuration file which
- * is passed to DKS in a {@link KeyStore.DomainLoadStoreParameter}.
+ * is passed to DKS in a {@link DomainLoadStoreParameter}.
  * <p>
  * The following properties are supported:
  * <dl>
@@ -622,17 +622,16 @@ abstract class DomainKeyStore extends KeyStoreSpi {
         }
 
         throw new UnsupportedOperationException(
-            "This keystore must be stored using a " +
-            "KeyStore.DomainLoadStoreParameter");
+            "This keystore must be stored using a DomainLoadStoreParameter");
     }
 
     @Override
     public void engineStore(KeyStore.LoadStoreParameter param)
         throws IOException, NoSuchAlgorithmException, CertificateException
     {
-        if (param instanceof KeyStore.DomainLoadStoreParameter) {
-            KeyStore.DomainLoadStoreParameter domainParameter =
-                (KeyStore.DomainLoadStoreParameter) param;
+        if (param instanceof DomainLoadStoreParameter) {
+            DomainLoadStoreParameter domainParameter =
+                (DomainLoadStoreParameter) param;
             List<KeyStoreBuilderComponents> builders = getBuilders(
                 domainParameter.getConfiguration(),
                     domainParameter.getProtectionParams());
@@ -645,7 +644,7 @@ abstract class DomainKeyStore extends KeyStoreSpi {
                     if (!(pp instanceof KeyStore.PasswordProtection)) {
                         throw new KeyStoreException(
                             new IllegalArgumentException("ProtectionParameter" +
-                                " must be a KeyStore.PasswordPartection"));
+                                " must be a KeyStore.PasswordProtection"));
                     }
                     char[] password =
                         ((KeyStore.PasswordProtection) builder.protection)
@@ -663,7 +662,7 @@ abstract class DomainKeyStore extends KeyStoreSpi {
         } else {
             throw new UnsupportedOperationException(
                 "This keystore must be stored using a " +
-                "KeyStore.DomainLoadStoreParameter");
+                "DomainLoadStoreParameter");
         }
     }
 
@@ -710,7 +709,7 @@ abstract class DomainKeyStore extends KeyStoreSpi {
         } catch (Exception e) {
             throw new UnsupportedOperationException(
                 "This keystore must be loaded using a " +
-                "KeyStore.DomainLoadStoreParameter");
+                "DomainLoadStoreParameter");
         }
     }
 
@@ -718,9 +717,9 @@ abstract class DomainKeyStore extends KeyStoreSpi {
     public void engineLoad(KeyStore.LoadStoreParameter param)
         throws IOException, NoSuchAlgorithmException, CertificateException
     {
-        if (param instanceof KeyStore.DomainLoadStoreParameter) {
-            KeyStore.DomainLoadStoreParameter domainParameter =
-                (KeyStore.DomainLoadStoreParameter) param;
+        if (param instanceof DomainLoadStoreParameter) {
+            DomainLoadStoreParameter domainParameter =
+                (DomainLoadStoreParameter) param;
             List<KeyStoreBuilderComponents> builders = getBuilders(
                 domainParameter.getConfiguration(),
                     domainParameter.getProtectionParams());
@@ -748,7 +747,7 @@ abstract class DomainKeyStore extends KeyStoreSpi {
         } else {
             throw new UnsupportedOperationException(
                 "This keystore must be loaded using a " +
-                "KeyStore.DomainLoadStoreParameter");
+                "DomainLoadStoreParameter");
         }
     }
 

test/sun/security/provider/KeyStore/DKSTest.java

@@ -81,8 +81,7 @@ public class DKSTest {
         int expected;
         KeyStore keystore = KeyStore.getInstance("DKS");
         // load entries
-        keystore.load(
-            new KeyStore.DomainLoadStoreParameter(config, PASSWORDS));
+        keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
         cacertsCount = expected = keystore.size();
         System.out.println("\nLoading domain keystore: " + config + "\t[" +
             expected + " entries]");
@@ -95,8 +94,7 @@ public class DKSTest {
         expected = cacertsCount + 1;
         keystore = KeyStore.getInstance("DKS");
         // load entries
-        keystore.load(
-            new KeyStore.DomainLoadStoreParameter(config, PASSWORDS));
+        keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
         System.out.println("\nLoading domain keystore: " + config + "\t[" +
             expected + " entries]");
         checkEntries(keystore, expected);
@@ -109,7 +107,7 @@ public class DKSTest {
         keystore = KeyStore.getInstance("DKS");
         // load entries
         keystore.load(
-            new KeyStore.DomainLoadStoreParameter(config,
+            new DomainLoadStoreParameter(config,
                 Collections.<String, KeyStore.ProtectionParameter>emptyMap()));
         System.out.println("\nLoading domain keystore: " + config + "\t[" +
             expected + " entries]");
@@ -129,8 +127,7 @@ public class DKSTest {
         expected = 0;
         keystore = KeyStore.getInstance("DKS");
         // load entries
-        keystore.load(
-            new KeyStore.DomainLoadStoreParameter(config, PASSWORDS));
+        keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
         System.out.println("\nLoading domain keystore: " + config + "\t[" +
             expected + " entries]");
         checkEntries(keystore, expected);
@@ -142,8 +139,7 @@ public class DKSTest {
         expected = 2 + 1 + 1 + 1;
         keystore = KeyStore.getInstance("DKS");
         // load entries
-        keystore.load(
-            new KeyStore.DomainLoadStoreParameter(config, PASSWORDS));
+        keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
         System.out.println("\nLoading domain keystore: " + config + "\t[" +
             expected + " entries]");
         checkEntries(keystore, expected);
@@ -158,12 +154,10 @@ public class DKSTest {
         config = new URI(CONFIG + "#keystores_tmp");
         System.out.println("Storing domain keystore: " + config + "\t[" +
             expected + " entries]");
-        keystore.store(
-            new KeyStore.DomainLoadStoreParameter(config, PASSWORDS));
+        keystore.store(new DomainLoadStoreParameter(config, PASSWORDS));
         keystore = KeyStore.getInstance("DKS");
         // reload entries
-        keystore.load(
-            new KeyStore.DomainLoadStoreParameter(config, PASSWORDS));
+        keystore.load(new DomainLoadStoreParameter(config, PASSWORDS));
         System.out.println("Reloading domain keystore: " + config + "\t[" +
             expected + " entries]");
         checkEntries(keystore, expected);