Home | History | Annotate | Download | only in provider 
      1 package org.bouncycastle.jce.provider;
      2 
      3 import java.security.Permission;
      4 
      5 import javax.crypto.spec.DHParameterSpec;
      6 
      7 import org.bouncycastle.jcajce.provider.asymmetric.ec.EC5Util;
      8 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
      9 import org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
     10 import org.bouncycastle.jcajce.provider.config.ProviderConfigurationPermission;
     11 import org.bouncycastle.jce.spec.ECParameterSpec;
     12 
     13 class BouncyCastleProviderConfiguration
     14     implements ProviderConfiguration
     15 {
     16     private static Permission BC_EC_LOCAL_PERMISSION = new ProviderConfigurationPermission(
     17         BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA);
     18     private static Permission BC_EC_PERMISSION = new ProviderConfigurationPermission(
     19         BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.EC_IMPLICITLY_CA);
     20     private static Permission BC_DH_LOCAL_PERMISSION = new ProviderConfigurationPermission(
     21         BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS);
     22     private static Permission BC_DH_PERMISSION = new ProviderConfigurationPermission(
     23         BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.DH_DEFAULT_PARAMS);
     24 
     25     private ThreadLocal ecThreadSpec = new ThreadLocal();
     26     private ThreadLocal dhThreadSpec = new ThreadLocal();
     27 
     28     private volatile ECParameterSpec ecImplicitCaParams;
     29     private volatile Object dhDefaultParams;
     30 
     31     void setParameter(String parameterName, Object parameter)
     32     {
     33         SecurityManager securityManager = System.getSecurityManager();
     34 
     35         if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA))
     36         {
     37             ECParameterSpec curveSpec;
     38 
     39             if (securityManager != null)
     40             {
     41                 securityManager.checkPermission(BC_EC_LOCAL_PERMISSION);
     42             }
     43 
     44             if (parameter instanceof ECParameterSpec || parameter == null)
     45             {
     46                 curveSpec = (ECParameterSpec)parameter;
     47             }
     48             else  // assume java.security.spec
     49             {
     50                 curveSpec = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false);
     51             }
     52 
     53             if (curveSpec == null)
     54             {
     55                 ecThreadSpec.remove();
     56             }
     57             else
     58             {
     59                 ecThreadSpec.set(curveSpec);
     60             }
     61         }
     62         else if (parameterName.equals(ConfigurableProvider.EC_IMPLICITLY_CA))
     63         {
     64             if (securityManager != null)
     65             {
     66                 securityManager.checkPermission(BC_EC_PERMISSION);
     67             }
     68 
     69             if (parameter instanceof ECParameterSpec || parameter == null)
     70             {
     71                 ecImplicitCaParams = (ECParameterSpec)parameter;
     72             }
     73             else  // assume java.security.spec
     74             {
     75                 ecImplicitCaParams = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false);
     76             }
     77         }
     78         else if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS))
     79         {
     80             Object dhSpec;
     81 
     82             if (securityManager != null)
     83             {
     84                 securityManager.checkPermission(BC_DH_LOCAL_PERMISSION);
     85             }
     86 
     87             if (parameter instanceof DHParameterSpec || parameter instanceof DHParameterSpec[] || parameter == null)
     88             {
     89                 dhSpec = parameter;
     90             }
     91             else
     92             {
     93                 throw new IllegalArgumentException("not a valid DHParameterSpec");
     94             }
     95 
     96             if (dhSpec == null)
     97             {
     98                 dhThreadSpec.remove();
     99             }
    100             else
    101             {
    102                 dhThreadSpec.set(dhSpec);
    103             }
    104         }
    105         else if (parameterName.equals(ConfigurableProvider.DH_DEFAULT_PARAMS))
    106         {
    107             if (securityManager != null)
    108             {
    109                 securityManager.checkPermission(BC_DH_PERMISSION);
    110             }
    111 
    112             if (parameter instanceof DHParameterSpec || parameter instanceof DHParameterSpec[] || parameter == null)
    113             {
    114                 dhDefaultParams = parameter;
    115             }
    116             else
    117             {
    118                 throw new IllegalArgumentException("not a valid DHParameterSpec or DHParameterSpec[]");
    119             }
    120         }
    121     }
    122 
    123     public ECParameterSpec getEcImplicitlyCa()
    124     {
    125         ECParameterSpec spec = (ECParameterSpec)ecThreadSpec.get();
    126 
    127         if (spec != null)
    128         {
    129             return spec;
    130         }
    131 
    132         return ecImplicitCaParams;
    133     }
    134 
    135     public DHParameterSpec getDHDefaultParameters(int keySize)
    136     {
    137         Object params = dhThreadSpec.get();
    138         if (params == null)
    139         {
    140             params = dhDefaultParams;
    141         }
    142 
    143         if (params instanceof DHParameterSpec)
    144         {
    145             DHParameterSpec spec = (DHParameterSpec)params;
    146 
    147             if (spec.getP().bitLength() == keySize)
    148             {
    149                 return spec;
    150             }
    151         }
    152         else if (params instanceof DHParameterSpec[])
    153         {
    154             DHParameterSpec[] specs = (DHParameterSpec[])params;
    155 
    156             for (int i = 0; i != specs.length; i++)
    157             {
    158                 if (specs[i].getP().bitLength() == keySize)
    159                 {
    160                     return specs[i];
    161                 }
    162             }
    163         }
    164 
    165         return null;
    166     }
    167 }
    168