diff --git a/meerkat-common/src/main/java/meerkat/crypto/concrete/ECDSASignature.java b/meerkat-common/src/main/java/meerkat/crypto/concrete/ECDSASignature.java index a947e15..e204aec 100644 --- a/meerkat-common/src/main/java/meerkat/crypto/concrete/ECDSASignature.java +++ b/meerkat-common/src/main/java/meerkat/crypto/concrete/ECDSASignature.java @@ -21,8 +21,8 @@ import com.google.protobuf.Message; import meerkat.crypto.DigitalSignature; import meerkat.protobuf.Crypto.Signature; -import org.bouncycastle.util.io.pem.*; -import org.bouncycastle.openssl.*; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; /** @@ -30,7 +30,7 @@ import org.bouncycastle.openssl.*; *

* This class is not thread-safe (each thread should have its own instance). */ -public class ECDSASignature implements DigitalSignature { +public class ECDSASignature extends GlobalCryptoSetup implements DigitalSignature { final Logger logger = LoggerFactory.getLogger(getClass()); final public static String KEYSTORE_TYPE = "PKCS12"; diff --git a/meerkat-common/src/main/java/meerkat/crypto/concrete/GlobalCryptoSetup.java b/meerkat-common/src/main/java/meerkat/crypto/concrete/GlobalCryptoSetup.java new file mode 100644 index 0000000..764fd8d --- /dev/null +++ b/meerkat-common/src/main/java/meerkat/crypto/concrete/GlobalCryptoSetup.java @@ -0,0 +1,38 @@ +package meerkat.crypto.concrete; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.security.Security; + +/** + * A class that performs required crypto setup + */ +public class GlobalCryptoSetup { + final static Logger logger = LoggerFactory.getLogger(GlobalCryptoSetup.class); + + static boolean loadedBouncyCastle = false; + + public static boolean hasSecp256k1Curve() { + // For now we just check if the java version is at least 8 + String[] version = System.getProperty("java.version").split("\\."); + int major = Integer.parseInt(version[0]); + int minor = Integer.parseInt(version[1]); + return ((major > 1) || ((major > 0) && (minor > 7))); + } + + public static void doSetup() { + // Make bouncycastle our default provider if we're running on a JVM version < 8 + // (earlier version don't support the EC curve we use for signatures) + if (!hasSecp256k1Curve() && !loadedBouncyCastle) { + loadedBouncyCastle = true; + Security.insertProviderAt(new BouncyCastleProvider(), 1); + logger.info("Using BouncyCastle instead of native provider to support secp256k1 named curve"); + } + } + + public GlobalCryptoSetup() { + doSetup(); + } +} diff --git a/meerkat-common/src/main/java/meerkat/crypto/concrete/SHA256Digest.java b/meerkat-common/src/main/java/meerkat/crypto/concrete/SHA256Digest.java index 8e72f26..dc1d2ba 100644 --- a/meerkat-common/src/main/java/meerkat/crypto/concrete/SHA256Digest.java +++ b/meerkat-common/src/main/java/meerkat/crypto/concrete/SHA256Digest.java @@ -12,7 +12,7 @@ import java.security.NoSuchAlgorithmException; /** * Created by talm on 11/9/15. */ -public class SHA256Digest implements Digest { +public class SHA256Digest extends GlobalCryptoSetup implements Digest { final Logger logger = LoggerFactory.getLogger(getClass()); public static final String SHA256 = "SHA-256";