Support JDK 7 by loading bouncycastle

2015-11-12 11:06:38 +02:00 · 2015-11-12 11:06:38 +02:00 · 8c2a7ed45f
parent 5e80998d53
commit 8c2a7ed45f
3 changed files with 42 additions and 4 deletions
--- a/meerkat-common/src/main/java/meerkat/crypto/concrete/ECDSASignature.java
+++ b/meerkat-common/src/main/java/meerkat/crypto/concrete/ECDSASignature.java
@ -21,8 +21,8 @@ import com.google.protobuf.Message;

 import meerkat.crypto.DigitalSignature;
 import meerkat.protobuf.Crypto.Signature;
-import org.bouncycastle.util.io.pem.*;
-import org.bouncycastle.openssl.*;
+
+import org.bouncycastle.jce.provider.BouncyCastleProvider;


 /**
@ -30,7 +30,7 @@ import org.bouncycastle.openssl.*;
 * <p>
 * This class is not thread-safe (each thread should have its own instance).
 */
-public class ECDSASignature implements DigitalSignature {
+public class ECDSASignature extends  GlobalCryptoSetup implements DigitalSignature  {
    final Logger logger = LoggerFactory.getLogger(getClass());

    final public static String KEYSTORE_TYPE = "PKCS12";
--- a/meerkat-common/src/main/java/meerkat/crypto/concrete/GlobalCryptoSetup.java
+++ b/meerkat-common/src/main/java/meerkat/crypto/concrete/GlobalCryptoSetup.java
@ -0,0 +1,38 @@
+package meerkat.crypto.concrete;
+
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.security.Security;
+
+/**
+ * A class that performs required crypto setup
+ */
+public class GlobalCryptoSetup {
+    final static Logger logger = LoggerFactory.getLogger(GlobalCryptoSetup.class);
+
+    static boolean loadedBouncyCastle = false;
+
+    public static boolean hasSecp256k1Curve() {
+        // For now we just check if the java version is at least 8
+        String[] version = System.getProperty("java.version").split("\\.");
+        int major = Integer.parseInt(version[0]);
+        int minor = Integer.parseInt(version[1]);
+        return ((major > 1) || ((major > 0) && (minor > 7)));
+    }
+
+    public static void doSetup() {
+        // Make bouncycastle our default provider if we're running on a JVM version < 8
+        // (earlier version don't support the EC curve we use for signatures)
+        if (!hasSecp256k1Curve() && !loadedBouncyCastle) {
+            loadedBouncyCastle = true;
+            Security.insertProviderAt(new BouncyCastleProvider(), 1);
+            logger.info("Using BouncyCastle instead of native provider to support secp256k1 named curve");
+        }
+    }
+
+    public GlobalCryptoSetup() {
+        doSetup();
+    }
+}
--- a/meerkat-common/src/main/java/meerkat/crypto/concrete/SHA256Digest.java
+++ b/meerkat-common/src/main/java/meerkat/crypto/concrete/SHA256Digest.java
@ -12,7 +12,7 @@ import java.security.NoSuchAlgorithmException;
 /**
 * Created by talm on 11/9/15.
 */
-public class SHA256Digest implements Digest {
+public class SHA256Digest extends GlobalCryptoSetup implements Digest {
    final Logger logger = LoggerFactory.getLogger(getClass());
    public static final String SHA256 = "SHA-256";