List of usage examples for org.bouncycastle.jcajce.provider.config ConfigurableProvider EC_IMPLICITLY_CA
String EC_IMPLICITLY_CA
To view the source code for org.bouncycastle.jcajce.provider.config ConfigurableProvider EC_IMPLICITLY_CA.
Click Source Link
From source file:org.cesecore.util.CryptoProviderTools.java
License:Open Source License
@SuppressWarnings("unchecked") public static synchronized void installBCProvider() { // A flag that ensures that we install the parameters for implcitlyCA only when we have installed a new provider boolean installImplicitlyCA = false; if (Security.addProvider(new BouncyCastleProvider()) < 0) { // If already installed, remove so we can handle redeploy // Nope, we ignore re-deploy on this level, because it can happen // that the BC-provider is uninstalled, in just the second another // thread tries to use the provider, and then that request will fail. if (CesecoreConfiguration.isDevelopmentProviderInstallation()) { removeBCProvider();//from w ww .j a v a 2 s. c o m if (Security.addProvider(new BouncyCastleProvider()) < 0) { log.error("Cannot even install BC provider again!"); } else { installImplicitlyCA = true; } } } else { installImplicitlyCA = true; } // Also install the CVC provider try { Security.addProvider(new CVCProvider()); } catch (Exception e) { log.info("CVC provider can not be installed, CVC certificate will not work: ", e); } if (installImplicitlyCA) { // Install EC parameters for implicitlyCA encoding of EC keys, we have default curve parameters if no new ones have been given. // The parameters are only used if implicitlyCA is used for generating keys, or verifying certs final ECCurve curve = new ECCurve.Fp(new BigInteger(IMPLICITLYCA_Q), // q new BigInteger(IMPLICITLYCA_A, 16), // a new BigInteger(IMPLICITLYCA_B, 16)); // b final org.bouncycastle.jce.spec.ECParameterSpec implicitSpec = new org.bouncycastle.jce.spec.ECParameterSpec( curve, curve.decodePoint(Hex.decode(IMPLICITLYCA_G)), // G new BigInteger(IMPLICITLYCA_N)); // n final ConfigurableProvider config = (ConfigurableProvider) Security.getProvider("BC"); if (config != null) { config.setParameter(ConfigurableProvider.EC_IMPLICITLY_CA, implicitSpec); } else { log.error("Can not get ConfigurableProvider, implicitlyCA EC parameters NOT set!"); } } // 2007-05-25 // Finally we must configure SERIALNUMBER behavior in BC >=1.36 to be the same // as the behavior in BC 1.35, it changed from SN to SERIALNUMBER in BC 1.36 // We must be backwards compatible X509Name.DefaultSymbols.put(X509Name.SN, "SN"); // We hard specify the system security provider in a few cases (see SYSTEM_SECURITY_PROVIDER). // If the SUN provider does not exist, we will always use BC. final Provider p = Security.getProvider(SYSTEM_SECURITY_PROVIDER); if (p == null) { log.debug("SUN security provider does not exist, using BC as system default provider."); SYSTEM_SECURITY_PROVIDER = "BC"; } }