ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-06-17 14:48:16 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

CORDA-1337 Crypto.registerProviders (#2962)

Browse Source 
CORDA-1337 Crypto.registerProviders + add BCPQC as well
This commit is contained in:
Konstantinos Chalkias
2018-04-13 12:40:15 +01:00
committed by GitHub
parent 91c52af5ac
commit 6f69f0252d
3 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
core/src/main/kotlin/net/corda/core/crypto/Crypto.kt
View File

@ -991,4 +991,16 @@ object Crypto {
txId txId
} }
} }
/**
* Method to force registering all [Crypto]-related cryptography [Provider]s.
* It is recommended that it is invoked first thing on `main` functions, so the [Provider]s are in place before any
* cryptographic operation is requested outside [Crypto] (i.e., SecureRandom, KeyStore, cert-path validation,
* CRL & CSR checks etc.).
*/
// TODO: perform all cryptographic operations via Crypto.
@JvmStatic
fun registerProviders() {
providerMap
}
} }

2
core/src/main/kotlin/net/corda/core/crypto/internal/ProviderMap.kt
View File

@ -37,6 +37,8 @@ internal val cordaBouncyCastleProvider = BouncyCastleProvider().apply {
} }
internal val bouncyCastlePQCProvider = BouncyCastlePQCProvider().apply { internal val bouncyCastlePQCProvider = BouncyCastlePQCProvider().apply {
require(name == "BCPQC") // The constant it comes from is not final. require(name == "BCPQC") // The constant it comes from is not final.
}.also {
Security.addProvider(it)
} }
// This map is required to defend against users that forcibly call Security.addProvider / Security.removeProvider // This map is required to defend against users that forcibly call Security.addProvider / Security.removeProvider
// that could cause unexpected and suspicious behaviour. // that could cause unexpected and suspicious behaviour.

4
node/src/main/kotlin/net/corda/node/Corda.kt
View File

@ -9,7 +9,9 @@ import net.corda.node.internal.NodeStartup
import kotlin.system.exitProcess import kotlin.system.exitProcess
fun main(args: Array<String>) { fun main(args: Array<String>) {
Crypto.findProvider(CordaSecurityProvider.PROVIDER_NAME) // Install our SecureRandom before e.g. UUID asks for one. // Register all cryptography [Provider]s first thing on boot.
// Required to install our [SecureRandom] before e.g., UUID asks for one.
Crypto.registerProviders()
// Pass the arguments to the Node factory. In the Enterprise edition, this line is modified to point to a subclass. // Pass the arguments to the Node factory. In the Enterprise edition, this line is modified to point to a subclass.
// It will exit the process in case of startup failure and is not intended to be used by embedders. If you want // It will exit the process in case of startup failure and is not intended to be used by embedders. If you want
// to embed Node in your own container, instantiate it directly and set up the configuration objects yourself. // to embed Node in your own container, instantiate it directly and set up the configuration objects yourself.