BouncyCastleProviderConfiguration.java revision e1142c149e244797ce73b0e7fad40816e447a817 
1package org.bouncycastle.jce.provider;
2
3import java.security.Permission;
4
5import javax.crypto.spec.DHParameterSpec;
6
7import org.bouncycastle.jcajce.provider.asymmetric.ec.EC5Util;
8import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
9import org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
10import org.bouncycastle.jcajce.provider.config.ProviderConfigurationPermission;
11import org.bouncycastle.jce.spec.ECParameterSpec;
12
13class BouncyCastleProviderConfiguration
14    implements ProviderConfiguration
15{
16    private static Permission BC_EC_LOCAL_PERMISSION = new ProviderConfigurationPermission(
17        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA);
18    private static Permission BC_EC_PERMISSION = new ProviderConfigurationPermission(
19        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.EC_IMPLICITLY_CA);
20    private static Permission BC_DH_LOCAL_PERMISSION = new ProviderConfigurationPermission(
21        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS);
22    private static Permission BC_DH_PERMISSION = new ProviderConfigurationPermission(
23        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.DH_DEFAULT_PARAMS);
24
25    private ThreadLocal ecThreadSpec = new ThreadLocal();
26    private ThreadLocal dhThreadSpec = new ThreadLocal();
27
28    private volatile ECParameterSpec ecImplicitCaParams;
29    private volatile Object dhDefaultParams;
30
31    void setParameter(String parameterName, Object parameter)
32    {
33        SecurityManager securityManager = System.getSecurityManager();
34
35        if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA))
36        {
37            ECParameterSpec curveSpec;
38
39            if (securityManager != null)
40            {
41                securityManager.checkPermission(BC_EC_LOCAL_PERMISSION);
42            }
43
44            if (parameter instanceof ECParameterSpec || parameter == null)
45            {
46                curveSpec = (ECParameterSpec)parameter;
47            }
48            else  // assume java.security.spec
49            {
50                curveSpec = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false);
51            }
52
53            if (curveSpec == null)
54            {
55                ecThreadSpec.remove();
56            }
57            else
58            {
59                ecThreadSpec.set(curveSpec);
60            }
61        }
62        else if (parameterName.equals(ConfigurableProvider.EC_IMPLICITLY_CA))
63        {
64            if (securityManager != null)
65            {
66                securityManager.checkPermission(BC_EC_PERMISSION);
67            }
68
69            if (parameter instanceof ECParameterSpec || parameter == null)
70            {
71                ecImplicitCaParams = (ECParameterSpec)parameter;
72            }
73            else  // assume java.security.spec
74            {
75                ecImplicitCaParams = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false);
76            }
77        }
78        else if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS))
79        {
80            Object dhSpec;
81
82            if (securityManager != null)
83            {
84                securityManager.checkPermission(BC_DH_LOCAL_PERMISSION);
85            }
86
87            if (parameter instanceof DHParameterSpec || parameter instanceof DHParameterSpec[] || parameter == null)
88            {
89                dhSpec = parameter;
90            }
91            else
92            {
93                throw new IllegalArgumentException("not a valid DHParameterSpec");
94            }
95
96            if (dhSpec == null)
97            {
98                dhThreadSpec.remove();
99            }
100            else
101            {
102                dhThreadSpec.set(dhSpec);
103            }
104        }
105        else if (parameterName.equals(ConfigurableProvider.DH_DEFAULT_PARAMS))
106        {
107            if (securityManager != null)
108            {
109                securityManager.checkPermission(BC_DH_PERMISSION);
110            }
111
112            if (parameter instanceof DHParameterSpec || parameter instanceof DHParameterSpec[] || parameter == null)
113            {
114                dhDefaultParams = parameter;
115            }
116            else
117            {
118                throw new IllegalArgumentException("not a valid DHParameterSpec or DHParameterSpec[]");
119            }
120        }
121    }
122
123    public ECParameterSpec getEcImplicitlyCa()
124    {
125        ECParameterSpec spec = (ECParameterSpec)ecThreadSpec.get();
126
127        if (spec != null)
128        {
129            return spec;
130        }
131
132        return ecImplicitCaParams;
133    }
134
135    public DHParameterSpec getDHDefaultParameters(int keySize)
136    {
137        Object params = dhThreadSpec.get();
138        if (params == null)
139        {
140            params = dhDefaultParams;
141        }
142
143        if (params instanceof DHParameterSpec)
144        {
145            DHParameterSpec spec = (DHParameterSpec)params;
146
147            if (spec.getP().bitLength() == keySize)
148            {
149                return spec;
150            }
151        }
152        else if (params instanceof DHParameterSpec[])
153        {
154            DHParameterSpec[] specs = (DHParameterSpec[])params;
155
156            for (int i = 0; i != specs.length; i++)
157            {
158                if (specs[i].getP().bitLength() == keySize)
159                {
160                    return specs[i];
161                }
162            }
163        }
164
165        return null;
166    }
167}
168