Subversion Repositories Programming Utils

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
86 rm5248 1
/*
2
 * Licensed to the Apache Software Foundation (ASF) under one
3
 * or more contributor license agreements.  See the NOTICE file
4
 * distributed with this work for additional information
5
 * regarding copyright ownership.  The ASF licenses this file
6
 * to you under the Apache License, Version 2.0 (the
7
 * "License"); you may not use this file except in compliance
8
 * with the License.  You may obtain a copy of the License at
9
 *
10
 *   http://www.apache.org/licenses/LICENSE-2.0
11
 *
12
 * Unless required by applicable law or agreed to in writing,
13
 * software distributed under the License is distributed on an
14
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15
 * KIND, either express or implied.  See the License for the
16
 * specific language governing permissions and limitations
17
 * under the License.
18
 */
19
package org.apache.sshd.common.util;
20
 
21
import java.security.KeyFactory;
22
import java.security.KeyPairGenerator;
23
import java.security.MessageDigest;
24
import java.security.NoSuchAlgorithmException;
25
import java.security.NoSuchProviderException;
26
import java.security.Signature;
27
 
28
import javax.crypto.Cipher;
29
import javax.crypto.KeyAgreement;
30
import javax.crypto.Mac;
31
import javax.crypto.NoSuchPaddingException;
32
 
33
import org.bouncycastle.jce.provider.BouncyCastleProvider;
34
import org.slf4j.Logger;
35
import org.slf4j.LoggerFactory;
36
 
37
/**
38
 * TODO Add javadoc
39
 *
40
 * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
41
 */
42
public class SecurityUtils {
43
 
44
    public static final String BOUNCY_CASTLE = "BC";
45
 
46
    private static final Logger LOG = LoggerFactory.getLogger(SecurityUtils.class);
47
 
48
    private static String securityProvider = null;
49
    private static Boolean registerBouncyCastle;
50
    private static boolean registrationDone;
51
    private static Boolean hasEcc;
52
 
53
    public static boolean hasEcc() {
54
        if (hasEcc == null) {
55
            try {
56
                getKeyPairGenerator("EC");
57
                hasEcc = true;
58
            } catch (Throwable t) {
59
                hasEcc = false;
60
            }
61
        }
62
        return hasEcc;
63
    }
64
 
65
    public static synchronized void setSecurityProvider(String securityProvider) {
66
        SecurityUtils.securityProvider = securityProvider;
67
        registrationDone = false;
68
    }
69
 
70
    public static synchronized void setRegisterBouncyCastle(boolean registerBouncyCastle) {
71
        SecurityUtils.registerBouncyCastle = registerBouncyCastle;
72
        registrationDone = false;
73
    }
74
 
75
    public static synchronized String getSecurityProvider() {
76
        register();
77
        return securityProvider;
78
    }
79
 
80
    public static synchronized boolean isBouncyCastleRegistered() {
81
        register();
82
        return BOUNCY_CASTLE.equals(securityProvider);
83
    }
84
 
85
    private static void register() {
86
        if (!registrationDone) {
87
            if (registerBouncyCastle == null) {
88
                String prop = System.getProperty("org.apache.sshd.registerBouncyCastle");
89
                if (prop != null) {
90
                    registerBouncyCastle = Boolean.parseBoolean(prop);
91
                }
92
            }
93
            if (securityProvider == null && (registerBouncyCastle == null || registerBouncyCastle)) {
94
                // Use an inner class to avoid a strong dependency from SshServer on BouncyCastle
95
                try {
96
                    new BouncyCastleRegistration().run();
97
                } catch (Throwable t) {
98
                    if (registerBouncyCastle == null) {
99
                        LOG.info("BouncyCastle not registered, using the default JCE provider");
100
                    } else {
101
                        LOG.error("Failed to register BouncyCastle as the defaut JCE provider");
102
                        throw new RuntimeException("Failed to register BouncyCastle as the defaut JCE provider", t);
103
                    }
104
                }
105
            }
106
            registrationDone = true;
107
        }
108
    }
109
 
110
    private static class BouncyCastleRegistration {
111
        public void run() throws Exception {
112
            if (java.security.Security.getProvider(BOUNCY_CASTLE) == null) {
113
                LOG.info("Trying to register BouncyCastle as a JCE provider");
114
                java.security.Security.addProvider(new BouncyCastleProvider());
115
                MessageDigest.getInstance("MD5", BOUNCY_CASTLE);
116
                KeyAgreement.getInstance("DH", BOUNCY_CASTLE);
117
                LOG.info("Registration succeeded");
118
            } else {
119
                LOG.info("BouncyCastle already registered as a JCE provider");
120
            }
121
            securityProvider = BOUNCY_CASTLE;
122
        }
123
    }
124
 
125
    public static synchronized KeyFactory getKeyFactory(String algorithm) throws NoSuchAlgorithmException, NoSuchProviderException {
126
        register();
127
        if (getSecurityProvider() == null) {
128
            return KeyFactory.getInstance(algorithm);
129
        } else {
130
            return KeyFactory.getInstance(algorithm, getSecurityProvider());
131
        }
132
    }
133
 
134
    public static synchronized Cipher getCipher(String transformation) throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException {
135
        register();
136
        if (getSecurityProvider() == null) {
137
            return Cipher.getInstance(transformation);
138
        } else {
139
            return Cipher.getInstance(transformation, getSecurityProvider());
140
        }
141
    }
142
 
143
    public static synchronized MessageDigest getMessageDigest(String algorithm) throws NoSuchAlgorithmException, NoSuchProviderException {
144
        register();
145
        if (getSecurityProvider() == null) {
146
            return MessageDigest.getInstance(algorithm);
147
        } else {
148
            return MessageDigest.getInstance(algorithm, getSecurityProvider());
149
        }
150
    }
151
 
152
    public static synchronized KeyPairGenerator getKeyPairGenerator(String algorithm) throws NoSuchAlgorithmException, NoSuchProviderException {
153
        register();
154
        if (getSecurityProvider() == null) {
155
            return KeyPairGenerator.getInstance(algorithm);
156
        } else {
157
            return KeyPairGenerator.getInstance(algorithm, getSecurityProvider());
158
        }
159
    }
160
 
161
    public static synchronized KeyAgreement getKeyAgreement(String algorithm) throws NoSuchAlgorithmException, NoSuchProviderException {
162
        register();
163
        if (getSecurityProvider() == null) {
164
            return KeyAgreement.getInstance(algorithm);
165
        } else {
166
            return KeyAgreement.getInstance(algorithm, getSecurityProvider());
167
        }
168
    }
169
 
170
    public static synchronized Mac getMac(String algorithm) throws NoSuchAlgorithmException, NoSuchProviderException {
171
        register();
172
        if (getSecurityProvider() == null) {
173
            return Mac.getInstance(algorithm);
174
        } else {
175
            return Mac.getInstance(algorithm, getSecurityProvider());
176
        }
177
    }
178
 
179
    public static synchronized Signature getSignature(String algorithm) throws NoSuchAlgorithmException, NoSuchProviderException {
180
        register();
181
        if (getSecurityProvider() == null) {
182
            return Signature.getInstance(algorithm);
183
        } else {
184
            return Signature.getInstance(algorithm, getSecurityProvider());
185
        }
186
    }
187
 
188
}