BouncyCastleProviderConfiguration.java revision e1142c149e244797ce73b0e7fad40816e447a817
1package org.bouncycastle.jce.provider; 2 3import java.security.Permission; 4 5import javax.crypto.spec.DHParameterSpec; 6 7import org.bouncycastle.jcajce.provider.asymmetric.ec.EC5Util; 8import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; 9import org.bouncycastle.jcajce.provider.config.ProviderConfiguration; 10import org.bouncycastle.jcajce.provider.config.ProviderConfigurationPermission; 11import org.bouncycastle.jce.spec.ECParameterSpec; 12 13class BouncyCastleProviderConfiguration 14 implements ProviderConfiguration 15{ 16 private static Permission BC_EC_LOCAL_PERMISSION = new ProviderConfigurationPermission( 17 BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA); 18 private static Permission BC_EC_PERMISSION = new ProviderConfigurationPermission( 19 BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.EC_IMPLICITLY_CA); 20 private static Permission BC_DH_LOCAL_PERMISSION = new ProviderConfigurationPermission( 21 BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS); 22 private static Permission BC_DH_PERMISSION = new ProviderConfigurationPermission( 23 BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.DH_DEFAULT_PARAMS); 24 25 private ThreadLocal ecThreadSpec = new ThreadLocal(); 26 private ThreadLocal dhThreadSpec = new ThreadLocal(); 27 28 private volatile ECParameterSpec ecImplicitCaParams; 29 private volatile Object dhDefaultParams; 30 31 void setParameter(String parameterName, Object parameter) 32 { 33 SecurityManager securityManager = System.getSecurityManager(); 34 35 if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA)) 36 { 37 ECParameterSpec curveSpec; 38 39 if (securityManager != null) 40 { 41 securityManager.checkPermission(BC_EC_LOCAL_PERMISSION); 42 } 43 44 if (parameter instanceof ECParameterSpec || parameter == null) 45 { 46 curveSpec = (ECParameterSpec)parameter; 47 } 48 else // assume java.security.spec 49 { 50 curveSpec = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false); 51 } 52 53 if (curveSpec == null) 54 { 55 ecThreadSpec.remove(); 56 } 57 else 58 { 59 ecThreadSpec.set(curveSpec); 60 } 61 } 62 else if (parameterName.equals(ConfigurableProvider.EC_IMPLICITLY_CA)) 63 { 64 if (securityManager != null) 65 { 66 securityManager.checkPermission(BC_EC_PERMISSION); 67 } 68 69 if (parameter instanceof ECParameterSpec || parameter == null) 70 { 71 ecImplicitCaParams = (ECParameterSpec)parameter; 72 } 73 else // assume java.security.spec 74 { 75 ecImplicitCaParams = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false); 76 } 77 } 78 else if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS)) 79 { 80 Object dhSpec; 81 82 if (securityManager != null) 83 { 84 securityManager.checkPermission(BC_DH_LOCAL_PERMISSION); 85 } 86 87 if (parameter instanceof DHParameterSpec || parameter instanceof DHParameterSpec[] || parameter == null) 88 { 89 dhSpec = parameter; 90 } 91 else 92 { 93 throw new IllegalArgumentException("not a valid DHParameterSpec"); 94 } 95 96 if (dhSpec == null) 97 { 98 dhThreadSpec.remove(); 99 } 100 else 101 { 102 dhThreadSpec.set(dhSpec); 103 } 104 } 105 else if (parameterName.equals(ConfigurableProvider.DH_DEFAULT_PARAMS)) 106 { 107 if (securityManager != null) 108 { 109 securityManager.checkPermission(BC_DH_PERMISSION); 110 } 111 112 if (parameter instanceof DHParameterSpec || parameter instanceof DHParameterSpec[] || parameter == null) 113 { 114 dhDefaultParams = parameter; 115 } 116 else 117 { 118 throw new IllegalArgumentException("not a valid DHParameterSpec or DHParameterSpec[]"); 119 } 120 } 121 } 122 123 public ECParameterSpec getEcImplicitlyCa() 124 { 125 ECParameterSpec spec = (ECParameterSpec)ecThreadSpec.get(); 126 127 if (spec != null) 128 { 129 return spec; 130 } 131 132 return ecImplicitCaParams; 133 } 134 135 public DHParameterSpec getDHDefaultParameters(int keySize) 136 { 137 Object params = dhThreadSpec.get(); 138 if (params == null) 139 { 140 params = dhDefaultParams; 141 } 142 143 if (params instanceof DHParameterSpec) 144 { 145 DHParameterSpec spec = (DHParameterSpec)params; 146 147 if (spec.getP().bitLength() == keySize) 148 { 149 return spec; 150 } 151 } 152 else if (params instanceof DHParameterSpec[]) 153 { 154 DHParameterSpec[] specs = (DHParameterSpec[])params; 155 156 for (int i = 0; i != specs.length; i++) 157 { 158 if (specs[i].getP().bitLength() == keySize) 159 { 160 return specs[i]; 161 } 162 } 163 } 164 165 return null; 166 } 167} 168