1package org.bouncycastle.jce.provider; 2 3import java.security.Permission; 4 5import javax.crypto.spec.DHParameterSpec; 6 7import org.bouncycastle.jcajce.provider.asymmetric.ec.EC5Util; 8import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 9import org.bouncycastle.jcajce.provider.config.ProviderConfiguration; 10import org.bouncycastle.jcajce.provider.config.ProviderConfigurationPermission; 11import org.bouncycastle.jce.spec.ECParameterSpec; 12 13class BouncyCastleProviderConfiguration 14 implements ProviderConfiguration 15{ 16 private static Permission BC_EC_LOCAL_PERMISSION = new ProviderConfigurationPermission( 17 BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA); 18 private static Permission BC_EC_PERMISSION = new ProviderConfigurationPermission( 19 BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.EC_IMPLICITLY_CA); 20 private static Permission BC_DH_LOCAL_PERMISSION = new ProviderConfigurationPermission( 21 BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS); 22 private static Permission BC_DH_PERMISSION = new ProviderConfigurationPermission( 23 BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.DH_DEFAULT_PARAMS); 24 25 private ThreadLocal ecThreadSpec = new ThreadLocal(); 26 private ThreadLocal dhThreadSpec = new ThreadLocal(); 27 28 private volatile ECParameterSpec ecImplicitCaParams; 29 private volatile DHParameterSpec dhDefaultParams; 30 31 void setParameter(String parameterName, Object parameter) 32 { 33 SecurityManager securityManager = System.getSecurityManager(); 34 35 if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA)) 36 { 37 ECParameterSpec curveSpec; 38 39 if (securityManager != null) 40 { 41 securityManager.checkPermission(BC_EC_LOCAL_PERMISSION); 42 } 43 44 if (parameter instanceof ECParameterSpec || parameter == null) 45 { 46 curveSpec = (ECParameterSpec)parameter; 47 } 48 else // assume java.security.spec 49 { 50 curveSpec = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false); 51 } 52 53 if (curveSpec == null) 54 { 55 ecThreadSpec.remove(); 56 } 57 else 58 { 59 ecThreadSpec.set(curveSpec); 60 } 61 } 62 else if (parameterName.equals(ConfigurableProvider.EC_IMPLICITLY_CA)) 63 { 64 if (securityManager != null) 65 { 66 securityManager.checkPermission(BC_EC_PERMISSION); 67 } 68 69 if (parameter instanceof ECParameterSpec || parameter == null) 70 { 71 ecImplicitCaParams = (ECParameterSpec)parameter; 72 } 73 else // assume java.security.spec 74 { 75 ecImplicitCaParams = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false); 76 } 77 } 78 else if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS)) 79 { 80 DHParameterSpec dhSpec; 81 82 if (securityManager != null) 83 { 84 securityManager.checkPermission(BC_DH_LOCAL_PERMISSION); 85 } 86 87 if (parameter instanceof DHParameterSpec || parameter == null) 88 { 89 dhSpec = (DHParameterSpec)parameter; 90 } 91 else 92 { 93 throw new IllegalArgumentException("not a valid DHParameterSpec"); 94 } 95 96 if (dhSpec == null) 97 { 98 dhThreadSpec.remove(); 99 } 100 else 101 { 102 dhThreadSpec.set(dhSpec); 103 } 104 } 105 else if (parameterName.equals(ConfigurableProvider.DH_DEFAULT_PARAMS)) 106 { 107 if (securityManager != null) 108 { 109 securityManager.checkPermission(BC_DH_PERMISSION); 110 } 111 112 if (parameter instanceof DHParameterSpec || parameter == null) 113 { 114 dhDefaultParams = (DHParameterSpec)parameter; 115 } 116 else 117 { 118 throw new IllegalArgumentException("not a valid DHParameterSpec"); 119 } 120 } 121 } 122 123 public ECParameterSpec getEcImplicitlyCa() 124 { 125 ECParameterSpec spec = (ECParameterSpec)ecThreadSpec.get(); 126 127 if (spec != null) 128 { 129 return spec; 130 } 131 132 return ecImplicitCaParams; 133 } 134 135 public DHParameterSpec getDHDefaultParameters() 136 { 137 DHParameterSpec spec = (DHParameterSpec)dhThreadSpec.get(); 138 139 if (spec != null) 140 { 141 return spec; 142 } 143 144 return dhDefaultParams; 145 } 146} 147