diff --git a/src/share/classes/java/security/KeyStore.java b/src/share/classes/java/security/KeyStore.java --- a/src/share/classes/java/security/KeyStore.java +++ b/src/share/classes/java/security/KeyStore.java @@ -179,6 +179,7 @@ public class KeyStore { + private static KeyStore keyStoreInstance = null; private static final Debug pdebug = Debug.getInstance("provider", "Provider"); private static final boolean skipDebug = @@ -841,12 +842,15 @@ * * @see Provider */ - public static KeyStore getInstance(String type) + public static synchronized KeyStore getInstance(String type) throws KeyStoreException { try { - Object[] objs = Security.getImpl(type, "KeyStore", (String)null); - return new KeyStore((KeyStoreSpi)objs[0], (Provider)objs[1], type); + if(keyStoreInstance == null){ + Object[] objs = Security.getImpl(type, "KeyStore", (String)null); + keyStoreInstance = new KeyStore((KeyStoreSpi)objs[0], (Provider)objs[1], type); + } + return keyStoreInstance; } catch (NoSuchAlgorithmException nsae) { throw new KeyStoreException(type + " not found", nsae); } catch (NoSuchProviderException nspe) { @@ -887,14 +891,19 @@ * * @see Provider */ - public static KeyStore getInstance(String type, String provider) + public static synchronized KeyStore getInstance(String type, String provider) throws KeyStoreException, NoSuchProviderException { if (provider == null || provider.length() == 0) throw new IllegalArgumentException("missing provider"); try { - Object[] objs = Security.getImpl(type, "KeyStore", provider); - return new KeyStore((KeyStoreSpi)objs[0], (Provider)objs[1], type); + + if(keyStoreInstance == null){ + Object[] objs = Security.getImpl(type, "KeyStore", provider); + keyStoreInstance = new KeyStore((KeyStoreSpi)objs[0], (Provider)objs[1], type); + } + + return keyStoreInstance; } catch (NoSuchAlgorithmException nsae) { throw new KeyStoreException(type + " not found", nsae); } @@ -928,14 +937,17 @@ * * @since 1.4 */ - public static KeyStore getInstance(String type, Provider provider) + public static synchronized KeyStore getInstance(String type, Provider provider) throws KeyStoreException { if (provider == null) throw new IllegalArgumentException("missing provider"); try { - Object[] objs = Security.getImpl(type, "KeyStore", provider); - return new KeyStore((KeyStoreSpi)objs[0], (Provider)objs[1], type); + if(keyStoreInstance == null){ + Object[] objs = Security.getImpl(type, "KeyStore", provider); + keyStoreInstance = new KeyStore((KeyStoreSpi)objs[0], (Provider)objs[1], type); + } + return keyStoreInstance; } catch (NoSuchAlgorithmException nsae) { throw new KeyStoreException(type + " not found", nsae); } diff --git a/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java b/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java --- a/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java +++ b/src/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java @@ -39,6 +39,12 @@ private X509TrustManager trustManager = null; private boolean isInitialized = false; + private static long cacertsFileTime = 0; + private static FileInputStream fis = null; + private static String storeFileName = null; + private static File storeFile = null; + private static Object lock = new Object(); + TrustManagerFactoryImpl() { // empty } @@ -131,9 +137,6 @@ */ static KeyStore getCacertsKeyStore(String dbgname) throws Exception { - String storeFileName = null; - File storeFile = null; - FileInputStream fis = null; String defaultTrustStoreType; String defaultTrustStoreProvider; final HashMap props = new HashMap<>(); @@ -168,29 +171,35 @@ */ try { - storeFileName = props.get("trustStore"); - if (!"NONE".equals(storeFileName)) { - if (storeFileName != null) { - storeFile = new File(storeFileName); - fis = getFileInputStream(storeFile); - } else { - String javaHome = props.get("javaHome"); - storeFile = new File(javaHome + sep + "lib" + sep - + "security" + sep + - "jssecacerts"); - if ((fis = getFileInputStream(storeFile)) == null) { - storeFile = new File(javaHome + sep + "lib" + sep - + "security" + sep + - "cacerts"); - fis = getFileInputStream(storeFile); + + //if fis has not been loaded before, load it + synchronized(lock){ + if(fis == null){ + storeFileName = props.get("trustStore"); + if (!"NONE".equals(storeFileName)) { + if (storeFileName != null) { + storeFile = new File(storeFileName); + fis = getFileInputStream(storeFile); + } else { + String javaHome = props.get("javaHome"); + storeFile = new File(javaHome + sep + "lib" + sep + + "security" + sep + + "jssecacerts"); + if ((fis = getFileInputStream(storeFile)) == null) { + storeFile = new File(javaHome + sep + "lib" + sep + + "security" + sep + + "cacerts"); + fis = getFileInputStream(storeFile); + } + } + + if (fis != null) { + storeFileName = storeFile.getPath(); + } else { + storeFileName = "No File Available, using empty keystore."; + } } } - - if (fis != null) { - storeFileName = storeFile.getPath(); - } else { - storeFileName = "No File Available, using empty keystore."; - } } defaultTrustStoreType = props.get("trustStoreType"); @@ -216,19 +225,27 @@ ks = KeyStore.getInstance(defaultTrustStoreType, defaultTrustStoreProvider); } - char[] passwd = null; - String defaultTrustStorePassword = - props.get("trustStorePasswd"); - if (defaultTrustStorePassword.length() != 0) - passwd = defaultTrustStorePassword.toCharArray(); - // if trustStore is NONE, fis will be null - ks.load(fis, passwd); + //If the cacerts file has been modified, then load keystore + synchronized(lock){ + if(storeFile.lastModified() > cacertsFileTime){ + cacertsFileTime = storeFile.lastModified(); + fis = getFileInputStream(storeFile); + char[] passwd = null; + String defaultTrustStorePassword = + props.get("trustStorePasswd"); + if (defaultTrustStorePassword.length() != 0) + passwd = defaultTrustStorePassword.toCharArray(); - // Zero out the temporary password storage - if (passwd != null) { - for (int i = 0; i < passwd.length; i++) { - passwd[i] = (char)0; + // if trustStore is NONE, fis will be null + ks.load(fis, passwd); + + // Zero out the temporary password storage + if (passwd != null) { + for (int i = 0; i < passwd.length; i++) { + passwd[i] = (char)0; + } + } } } }