1
/*
2
 * Copyright (c) 2003, 2021, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.  Oracle designates this
8
 * particular file as subject to the "Classpath" exception as provided
9
 * by Oracle in the LICENSE file that accompanied this code.
10
 *
11
 * This code is distributed in the hope that it will be useful, but WITHOUT
12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
 * version 2 for more details (a copy is included in the LICENSE file that
15
 * accompanied this code).
16
 *
17
 * You should have received a copy of the GNU General Public License version
18
 * 2 along with this work; if not, write to the Free Software Foundation,
19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20
 *
21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22
 * or visit www.oracle.com if you need additional information or have any
23
 * questions.
24
 */
25

26
package sun.security.pkcs11;
27

28
import java.util.*;
29
import java.lang.ref.*;
30

31
import java.security.Key;
32

33
import sun.security.util.Cache;
34

35
/**
36
 * Key to P11Key translation cache. The PKCS#11 token can only perform
37
 * operations on keys stored on the token (permanently or temporarily). That
38
 * means that in order to allow the PKCS#11 provider to use keys from other
39
 * providers, we need to transparently convert them to P11Keys. The engines
40
 * do that using (Secret)KeyFactories, which in turn use this class as a
41
 * cache.
42
 *
43
 * There are two KeyCache instances per provider, one for secret keys and
44
 * one for public and private keys.
45
 *
46
 * @author  Andreas Sterbenz
47
 * @since   1.5
48
 */
49
final class KeyCache {
50

51
    private final Cache<IdentityWrapper, P11Key> strongCache;
52

53
    private WeakReference<Map<Key,P11Key>> cacheReference;
54

55
    KeyCache() {
56
        strongCache = Cache.newHardMemoryCache(16);
57
    }
58

59
    private static final class IdentityWrapper {
60
        final Object obj;
61
        IdentityWrapper(Object obj) {
62
            this.obj = obj;
63
        }
64
        public boolean equals(Object o) {
65
            if (this == o) {
66
                return true;
67
            }
68
            if (o instanceof IdentityWrapper == false) {
69
                return false;
70
            }
71
            IdentityWrapper other = (IdentityWrapper)o;
72
            return this.obj == other.obj;
73
        }
74
        public int hashCode() {
75
            return System.identityHashCode(obj);
76
        }
77
    }
78

79
    synchronized P11Key get(Key key) {
80
        P11Key p11Key = strongCache.get(new IdentityWrapper(key));
81
        if (p11Key != null) {
82
            return p11Key;
83
        }
84
        Map<Key,P11Key> map =
85
                (cacheReference == null) ? null : cacheReference.get();
86
        if (map == null) {
87
            return null;
88
        }
89
        return map.get(key);
90
    }
91

92
    synchronized void put(Key key, P11Key p11Key) {
93
        strongCache.put(new IdentityWrapper(key), p11Key);
94
        Map<Key,P11Key> map =
95
                (cacheReference == null) ? null : cacheReference.get();
96
        if (map == null) {
97
            map = new IdentityHashMap<>();
98
            cacheReference = new WeakReference<>(map);
99
        }
100
        map.put(key, p11Key);
101
    }
102

103
    synchronized void clear() {
104
        strongCache.clear();
105
        cacheReference = null;
106
    }
107
}
108

109