/*
 * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.security.pkcs11;

import java.util.*;
import java.lang.ref.*;

import java.security.Key;

import sun.security.util.Cache;

Key to P11Key translation cache. The PKCS#11 token can only perform operations on keys stored on the token (permanently or temporarily). That means that in order to allow the PKCS#11 provider to use keys from other providers, we need to transparently convert them to P11Keys. The engines do that using (Secret)KeyFactories, which in turn use this class as a cache. There are two KeyCache instances per provider, one for secret keys and one for public and private keys.
Author: Andreas Sterbenz
Since: 1.5
/** * Key to P11Key translation cache. The PKCS#11 token can only perform * operations on keys stored on the token (permanently or temporarily). That * means that in order to allow the PKCS#11 provider to use keys from other * providers, we need to transparently convert them to P11Keys. The engines * do that using (Secret)KeyFactories, which in turn use this class as a * cache. * * There are two KeyCache instances per provider, one for secret keys and * one for public and private keys. * * @author Andreas Sterbenz * @since 1.5 */
final class KeyCache { private final Cache<IdentityWrapper, P11Key> strongCache; private WeakReference<Map<Key,P11Key>> cacheReference; KeyCache() { strongCache = Cache.newHardMemoryCache(16); } private static final class IdentityWrapper { final Object obj; IdentityWrapper(Object obj) { this.obj = obj; } public boolean equals(Object o) { if (this == o) { return true; } if (o instanceof IdentityWrapper == false) { return false; } IdentityWrapper other = (IdentityWrapper)o; return this.obj == other.obj; } public int hashCode() { return System.identityHashCode(obj); } } synchronized P11Key get(Key key) { P11Key p11Key = strongCache.get(new IdentityWrapper(key)); if (p11Key != null) { return p11Key; } Map<Key,P11Key> map = (cacheReference == null) ? null : cacheReference.get(); if (map == null) { return null; } return map.get(key); } synchronized void put(Key key, P11Key p11Key) { strongCache.put(new IdentityWrapper(key), p11Key); Map<Key,P11Key> map = (cacheReference == null) ? null : cacheReference.get(); if (map == null) { map = new IdentityHashMap<>(); cacheReference = new WeakReference<>(map); } map.put(key, p11Key); } }