Mercurial > hg > icedtea7-forest > jdk

view src/share/classes/sun/security/ec/SunEC.java @ 9256:44e58259e68b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
PR3480, RH1486025: ECC and NSS JVM crash Summary: SunEC provider can have multiple instances, leading to premature NSS shutdown Contributed-by: Martin Balao <mbalao@redhat.com>
author andrew
date Wed, 25 Oct 2017 18:08:25 +0100
parents 610eb1b5fd0b
children
line wrap: on
line source

/*
 * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.security.ec;

import java.util.*;
import java.security.*;
import sun.security.action.PutAllAction;

/**
 * Provider class for the Elliptic Curve provider.
 * Supports EC keypair and parameter generation, ECDSA signing and
 * ECDH key agreement.
 *
 * IMPLEMENTATION NOTE:
 * The Java classes in this provider access a native ECC implementation
 * via JNI to a C++ wrapper class which in turn calls C functions.
 * The Java classes are packaged into the signed sunec.jar in the JRE
 * extensions directory and the C++ and C functions are packaged into
 * libsunec.so or sunec.dll in the JRE native libraries directory.
 * If the native library is not present then this provider is registered
 * with support for fewer ECC algorithms (KeyPairGenerator, Signature and
 * KeyAgreement are omitted).
 *
 * @since   1.7
 */
public final class SunEC extends Provider {

    private static final long serialVersionUID = -2279741672933606418L;

    // flag indicating whether the full EC implementation is present
    // (when native library is absent then fewer EC algorithms are available)
    private static boolean useFullImplementation = true;
    static {
        try {
            AccessController.doPrivileged(new PrivilegedAction<Void>() {
                public Void run() {
                    System.loadLibrary("sunec"); // check for native library
                    initialize();
                    return null;
                }
            });
        } catch (UnsatisfiedLinkError e) {
            useFullImplementation = false;
        }
    }

    public SunEC() {
        super("SunEC", 1.7d, "Sun Elliptic Curve provider (EC, ECDSA, ECDH)");

        // if there is no security manager installed, put directly into
        // the provider. Otherwise, create a temporary map and use a
        // doPrivileged() call at the end to transfer the contents
        if (System.getSecurityManager() == null) {
            SunECEntries.putEntries(this, useFullImplementation);
        } else {
            Map<Object, Object> map = new HashMap<Object, Object>();
            SunECEntries.putEntries(map, useFullImplementation);
            AccessController.doPrivileged(new PutAllAction(this, map));
        }
    }

    /**
     * Initialize the native code.
     */
    private static native void initialize();

}