Source code

001/**
002 * Copyright 2021 Emmanuel Bourg
003 * <p>
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 * <p>
008 * http://www.apache.org/licenses/LICENSE-2.0
009 * <p>
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016
017package net.jsign.jca;
018
019import java.security.AccessController;
020import java.security.PrivilegedAction;
021import java.security.Provider;
022import java.util.Collections;
023
024import net.jsign.DigestAlgorithm;
025
026/**
027 * JCA Provider using a signing service.
028 *
029 * <p>Example:</p>
030 * <pre>
031 * Provider provider = new SigningServiceJcaProvider(new AzureKeyVaultSigningService(vault, token));
032 * KeyStore keystore = KeyStore.getInstance("AZUREKEYVAULT", provider);
033 * </pre>
034 *
035 * @since 4.0
036 */
037public class SigningServiceJcaProvider extends Provider {
038
039    private final SigningService service;
040
041    public SigningServiceJcaProvider(SigningService service) {
042        super(service.getName(), 1.0, service.getName() + " signing service provider");
043        this.service = service;
044
045        AccessController.doPrivileged((PrivilegedAction<Object>) () -> {
046            putService(new KeyStoreProviderService());
047            for (String alg : new String[]{"RSA", "ECDSA"}) {
048                for (DigestAlgorithm digest : DigestAlgorithm.values()) {
049                    if (digest != DigestAlgorithm.MD5) {
050                        putService(new SignatureProviderService(digest.name() + "with" + alg));
051                    }
052                }
053            }
054            return null;
055        });
056    }
057
058    private class KeyStoreProviderService extends Service {
059        public KeyStoreProviderService() {
060            super(SigningServiceJcaProvider.this, "KeyStore", service.getName().toUpperCase(), SigningServiceKeyStore.class.getName(), Collections.emptyList(), null);
061        }
062
063        @Override
064        public Object newInstance(Object constructorParameter) {
065            return new SigningServiceKeyStore(service);
066        }
067    }
068
069    private class SignatureProviderService extends Service {
070
071        private final String signingAlgorithm;
072
073        public SignatureProviderService(String signingAlgorithm) {
074            super(SigningServiceJcaProvider.this, "Signature", signingAlgorithm, SigningServiceSignature.class.getName(), Collections.emptyList(), Collections.emptyMap());
075            this.signingAlgorithm = signingAlgorithm;
076        }
077
078        @Override
079        public Object newInstance(Object constructorParameter) {
080            return new SigningServiceSignature(service, signingAlgorithm);
081        }
082    }
083}