Using a specific Java security provider only in the scope of a method

Question

So I am looking ways to use a security provider only in the scope of a function. I can already do this by adding these two lines: (assume BouncyCastle is the provider)

Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
// do some stuff with converter
Security.removeProvider("BC");

So i just want to use BC for JcaPEMKeyConverter and then for the rest use default security provider.

Is there a better way to do this? More elegantly? How about a custom java annotation, is that a good way ?

Thx :)

I don't know if it's elegant, but you can call the other overload of `.setProvider` with the BC `Provider` object instead of changing the (JVM-global) provider list. — dave_thompson_085, May 26 '16 at 11:33

score 5 · Accepted Answer · answered May 26 '16 at 20:51

If you only want that the BouncyCastleProvider are used in JcaPEMKeyConverter class use setProvider(java.security.Provider provider) instead of setProvider(java.lang.String providerName) as follows:

JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider());

Then there is no need to add and remove the provider on the security providers list, so you can avoid Security.addProvider and Security.removeProvider calls.

Hope it helps,

Please be aware of the possible memory leak: https://bugs.openjdk.java.net/browse/JDK-8168469 — Petr Hunka, Feb 27 '17 at 17:34

Using a specific Java security provider only in the scope of a method

1 Answers1

Linked