https://openjdk.java.net/ 
/*
 * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package sun.security.pkcs11;

import java.util.*;
import java.lang.ref.*;

import java.security.Key;

import sun.security.util.Cache;


Key to P11Key translation cache. The PKCS#11 token can only perform
operations on keys stored on the token (permanently or temporarily). That
means that in order to allow the PKCS#11 provider to use keys from other
providers, we need to transparently convert them to P11Keys. The engines
do that using (Secret)KeyFactories, which in turn use this class as a
cache.
There are two KeyCache instances per provider, one for secret keys and
one for public and private keys.

Author: Andreas Sterbenz
Since:  1.5
/**
 * Key to P11Key translation cache. The PKCS#11 token can only perform
 * operations on keys stored on the token (permanently or temporarily). That
 * means that in order to allow the PKCS#11 provider to use keys from other
 * providers, we need to transparently convert them to P11Keys. The engines
 * do that using (Secret)KeyFactories, which in turn use this class as a
 * cache.
 *
 * There are two KeyCache instances per provider, one for secret keys and
 * one for public and private keys.
 *
 * @author  Andreas Sterbenz
 * @since   1.5
 */
final class KeyCache {

    private final Cache<IdentityWrapper, P11Key> strongCache;

    private WeakReference<Map<Key,P11Key>> cacheReference;

    KeyCache() {
        strongCache = Cache.newHardMemoryCache(16);
    }

    private static final class IdentityWrapper {
        final Object obj;
        IdentityWrapper(Object obj) {
            this.obj = obj;
        }
        public boolean equals(Object o) {
            if (this == o) {
                return true;
            }
            if (o instanceof IdentityWrapper == false) {
                return false;
            }
            IdentityWrapper other = (IdentityWrapper)o;
            return this.obj == other.obj;
        }
        public int hashCode() {
            return System.identityHashCode(obj);
        }
    }

    synchronized P11Key get(Key key) {
        P11Key p11Key = strongCache.get(new IdentityWrapper(key));
        if (p11Key != null) {
            return p11Key;
        }
        Map<Key,P11Key> map =
                (cacheReference == null) ? null : cacheReference.get();
        if (map == null) {
            return null;
        }
        return map.get(key);
    }

    synchronized void put(Key key, P11Key p11Key) {
        strongCache.put(new IdentityWrapper(key), p11Key);
        Map<Key,P11Key> map =
                (cacheReference == null) ? null : cacheReference.get();
        if (map == null) {
            map = new IdentityHashMap<>();
            cacheReference = new WeakReference<>(map);
        }
        map.put(key, p11Key);
    }

}