stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

7092821: java.security.Provider.getService() is synchronized and became scalability bottleneck

Browse Source 
Changed Provider class to use ConcurrentHashMap and default providers to use putService()

Reviewed-by: weijun, mullan
This commit is contained in:
Valerie Peng 2018-12-13 01:15:21 +00:00
parent f47bd19cbc
commit 0b05ebed2e
8 changed files with 1019 additions and 1152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1280
src/java.base/share/classes/com/sun/crypto/provider/SunJCE.java
View File

File diff suppressed because it is too large Load Diff

144
src/java.base/share/classes/java/security/Provider.java
View File

@ -33,6 +33,7 @@ import java.lang.reflect.*;
import java.util.function.BiConsumer;
import java.util.function.BiFunction;
import java.util.function.Function;
import java.util.concurrent.ConcurrentHashMap;
/**
* This class represents a "provider" for the
@ -225,6 +226,7 @@ public abstract class Provider extends Properties {
this.version = version;
this.versionStr = Double.toString(version);
this.info = info;
this.serviceMap = new ConcurrentHashMap<>();
putId();
initialized = true;
}
@ -262,6 +264,7 @@ public abstract class Provider extends Properties {
this.versionStr = versionStr;
this.version = parseVersionStr(versionStr);
this.info = info;
this.serviceMap = new ConcurrentHashMap<>();
putId();
initialized = true;
}
@ -852,10 +855,7 @@ public abstract class Provider extends Properties {
// legacy properties changed since last call to any services method?
private transient boolean legacyChanged;
// serviceMap changed since last call to getServices()
private transient boolean servicesChanged;
// Map<String,String>
private transient Map<String,String> legacyStrings;
private volatile transient boolean servicesChanged;
// Map<ServiceKey,Service>
// used for services added via putService(), initialized on demand
@ -905,22 +905,18 @@ public abstract class Provider extends Properties {
// otherwise, set version based on versionStr
this.version = parseVersionStr(this.versionStr);
}
this.serviceMap = new ConcurrentHashMap<>();
implClear();
initialized = true;
putAll(copy);
}
private boolean checkLegacy(Object key) {
private static boolean isProviderInfo(Object key) {
String keyString = (String)key;
if (keyString.startsWith("Provider.")) {
return false;
return true;
}
legacyChanged = true;
if (legacyStrings == null) {
legacyStrings = new LinkedHashMap<>();
}
return true;
return false;
}
/**
@ -936,20 +932,20 @@ public abstract class Provider extends Properties {
private Object implRemove(Object key) {
if (key instanceof String) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return null;
}
legacyStrings.remove((String)key);
legacyChanged = true;
}
return super.remove(key);
}
private boolean implRemove(Object key, Object value) {
if (key instanceof String && value instanceof String) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return false;
}
legacyStrings.remove((String)key, value);
legacyChanged = true;
}
return super.remove(key, value);
}
@ -957,21 +953,20 @@ public abstract class Provider extends Properties {
private boolean implReplace(Object key, Object oldValue, Object newValue) {
if ((key instanceof String) && (oldValue instanceof String) &&
(newValue instanceof String)) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return false;
}
legacyStrings.replace((String)key, (String)oldValue,
(String)newValue);
legacyChanged = true;
}
return super.replace(key, oldValue, newValue);
}
private Object implReplace(Object key, Object value) {
if ((key instanceof String) && (value instanceof String)) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return null;
}
legacyStrings.replace((String)key, (String)value);
legacyChanged = true;
}
return super.replace(key, value);
}
@ -980,12 +975,6 @@ public abstract class Provider extends Properties {
private void implReplaceAll(BiFunction<? super Object, ? super Object,
? extends Object> function) {
legacyChanged = true;
if (legacyStrings == null) {
legacyStrings = new LinkedHashMap<>();
} else {
legacyStrings.replaceAll((BiFunction<? super String, ? super String,
? extends String>) function);
}
super.replaceAll(function);
}
@ -993,11 +982,10 @@ public abstract class Provider extends Properties {
private Object implMerge(Object key, Object value, BiFunction<? super Object,
? super Object, ? extends Object> remappingFunction) {
if ((key instanceof String) && (value instanceof String)) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return null;
}
legacyStrings.merge((String)key, (String)value,
(BiFunction<? super String, ? super String, ? extends String>) remappingFunction);
legacyChanged = true;
}
return super.merge(key, value, remappingFunction);
}
@ -1006,11 +994,10 @@ public abstract class Provider extends Properties {
private Object implCompute(Object key, BiFunction<? super Object,
? super Object, ? extends Object> remappingFunction) {
if (key instanceof String) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return null;
}
legacyStrings.compute((String) key,
(BiFunction<? super String,? super String, ? extends String>) remappingFunction);
legacyChanged = true;
}
return super.compute(key, remappingFunction);
}
@ -1019,11 +1006,10 @@ public abstract class Provider extends Properties {
private Object implComputeIfAbsent(Object key, Function<? super Object,
? extends Object> mappingFunction) {
if (key instanceof String) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return null;
}
legacyStrings.computeIfAbsent((String) key,
(Function<? super String, ? extends String>) mappingFunction);
legacyChanged = true;
}
return super.computeIfAbsent(key, mappingFunction);
}
@ -1032,45 +1018,39 @@ public abstract class Provider extends Properties {
private Object implComputeIfPresent(Object key, BiFunction<? super Object,
? super Object, ? extends Object> remappingFunction) {
if (key instanceof String) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return null;
}
legacyStrings.computeIfPresent((String) key,
(BiFunction<? super String, ? super String, ? extends String>) remappingFunction);
legacyChanged = true;
}
return super.computeIfPresent(key, remappingFunction);
}
private Object implPut(Object key, Object value) {
if ((key instanceof String) && (value instanceof String)) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return null;
}
legacyStrings.put((String)key, (String)value);
legacyChanged = true;
}
return super.put(key, value);
}
private Object implPutIfAbsent(Object key, Object value) {
if ((key instanceof String) && (value instanceof String)) {
if (!checkLegacy(key)) {
if (isProviderInfo(key)) {
return null;
}
legacyStrings.putIfAbsent((String)key, (String)value);
legacyChanged = true;
}
return super.putIfAbsent(key, value);
}
private void implClear() {
if (legacyStrings != null) {
legacyStrings.clear();
}
if (legacyMap != null) {
legacyMap.clear();
}
if (serviceMap != null) {
serviceMap.clear();
}
serviceMap.clear();
legacyChanged = false;
servicesChanged = false;
serviceSet = null;
@ -1090,13 +1070,13 @@ public abstract class Provider extends Properties {
this.algorithm = intern ? algorithm.intern() : algorithm;
}
public int hashCode() {
return type.hashCode() + algorithm.hashCode();
return Objects.hash(type, algorithm);
}
public boolean equals(Object obj) {
if (this == obj) {
return true;
}
if (obj instanceof ServiceKey == false) {
if (!(obj instanceof ServiceKey)) {
return false;
}
ServiceKey other = (ServiceKey)obj;
@ -1113,16 +1093,16 @@ public abstract class Provider extends Properties {
* service objects.
*/
private void ensureLegacyParsed() {
if ((legacyChanged == false) || (legacyStrings == null)) {
if (legacyChanged == false) {
return;
}
serviceSet = null;
if (legacyMap == null) {
legacyMap = new LinkedHashMap<>();
legacyMap = new ConcurrentHashMap<>();
} else {
legacyMap.clear();
}
for (Map.Entry<String,String> entry : legacyStrings.entrySet()) {
for (Map.Entry<?,?> entry : super.entrySet()) {
parseLegacyPut(entry.getKey(), entry.getValue());
}
removeInvalidServices(legacyMap);
@ -1161,7 +1141,15 @@ public abstract class Provider extends Properties {
private static final String ALIAS_PREFIX_LOWER = "alg.alias.";
private static final int ALIAS_LENGTH = ALIAS_PREFIX.length();
private void parseLegacyPut(String name, String value) {
private void parseLegacyPut(Object k, Object v) {
if (!(k instanceof String) || !(v instanceof String)) {
return;
}
String name = (String) k;
String value = (String) v;
if (isProviderInfo(name)) {
return;
}
if (name.toLowerCase(ENGLISH).startsWith(ALIAS_PREFIX_LOWER)) {
// e.g. put("Alg.Alias.MessageDigest.SHA", "SHA-1");
// aliasKey ~ MessageDigest.SHA
@ -1248,22 +1236,28 @@ public abstract class Provider extends Properties {
*
* @since 1.5
*/
public synchronized Service getService(String type, String algorithm) {
public Service getService(String type, String algorithm) {
checkInitialized();
// avoid allocating a new key object if possible
// avoid allocating a new ServiceKey object if possible
ServiceKey key = previousKey;
if (key.matches(type, algorithm) == false) {
key = new ServiceKey(type, algorithm, false);
previousKey = key;
}
if (serviceMap != null) {
Service service = serviceMap.get(key);
if (service != null) {
return service;
if (!serviceMap.isEmpty()) {
Service s = serviceMap.get(key);
if (s != null) {
return s;
}
}
ensureLegacyParsed();
return (legacyMap != null) ? legacyMap.get(key) : null;
synchronized (this) {
ensureLegacyParsed();
}
if (legacyMap != null && !legacyMap.isEmpty()) {
return legacyMap.get(key);
}
return null;
}
// ServiceKey from previous getService() call
@ -1292,10 +1286,10 @@ public abstract class Provider extends Properties {
if (serviceSet == null) {
ensureLegacyParsed();
Set<Service> set = new LinkedHashSet<>();
if (serviceMap != null) {
if (!serviceMap.isEmpty()) {
set.addAll(serviceMap.values());
}
if (legacyMap != null) {
if (legacyMap != null && !legacyMap.isEmpty()) {
set.addAll(legacyMap.values());
}
serviceSet = Collections.unmodifiableSet(set);
@ -1333,7 +1327,7 @@ public abstract class Provider extends Properties {
*
* @since 1.5
*/
protected synchronized void putService(Service s) {
protected void putService(Service s) {
check("putProviderProperty." + name);
if (debug != null) {
debug.println(name + ".putService(): " + s);
@ -1345,20 +1339,18 @@ public abstract class Provider extends Properties {
throw new IllegalArgumentException
("service.getProvider() must match this Provider object");
}
if (serviceMap == null) {
serviceMap = new LinkedHashMap<>();
}
servicesChanged = true;
String type = s.getType();
String algorithm = s.getAlgorithm();
ServiceKey key = new ServiceKey(type, algorithm, true);
// remove existing service
implRemoveService(serviceMap.get(key));
serviceMap.put(key, s);
for (String alias : s.getAliases()) {
serviceMap.put(new ServiceKey(type, alias, true), s);
}
putPropertyStrings(s);
servicesChanged = true;
synchronized (this) {
putPropertyStrings(s);
}
}
/**
@ -1425,7 +1417,7 @@ public abstract class Provider extends Properties {
*
* @since 1.5
*/
protected synchronized void removeService(Service s) {
protected void removeService(Service s) {
check("removeProviderProperty." + name);
if (debug != null) {
debug.println(name + ".removeService(): " + s);
@ -1437,7 +1429,7 @@ public abstract class Provider extends Properties {
}
private void implRemoveService(Service s) {
if ((s == null) || (serviceMap == null)) {
if ((s == null) || serviceMap.isEmpty()) {
return;
}
String type = s.getType();
@ -1452,7 +1444,9 @@ public abstract class Provider extends Properties {
for (String alias : s.getAliases()) {
serviceMap.remove(new ServiceKey(type, alias, false));
}
removePropertyStrings(s);
synchronized (this) {
removePropertyStrings(s);
}
}
// Wrapped String that behaves in a case insensitive way for equals/hashCode

27
src/java.base/share/classes/sun/security/provider/Sun.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,7 +28,6 @@ package sun.security.provider;
import java.util.*;
import java.security.*;
import sun.security.action.PutAllAction;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
@ -51,17 +50,27 @@ public final class Sun extends Provider {
/* We are the SUN provider */
super("SUN", PROVIDER_VER, INFO);
Provider p = this;
Iterator<Provider.Service> serviceIter = new SunEntries(p).iterator();
// if there is no security manager installed, put directly into
// the provider. Otherwise, create a temporary map and use a
// doPrivileged() call at the end to transfer the contents
// the provider
if (System.getSecurityManager() == null) {
SunEntries.putEntries(this);
putEntries(serviceIter);
} else {
// use LinkedHashMap to preserve the order of the PRNGs
Map<Object, Object> map = new LinkedHashMap<>();
SunEntries.putEntries(map);
AccessController.doPrivileged(new PutAllAction(this, map));
AccessController.doPrivileged(new PrivilegedAction<Void>() {
@Override
public Void run() {
putEntries(serviceIter);
return null;
}
});
}
}
void putEntries(Iterator<Provider.Service> i) {
while (i.hasNext()) {
putService(i.next());
}
}
}

380
src/java.base/share/classes/sun/security/provider/SunEntries.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,7 +27,7 @@ package sun.security.provider;
import java.io.*;
import java.net.*;
import java.util.Map;
import java.util.*;
import java.security.*;
import jdk.internal.util.StaticProperty;
@ -75,17 +75,28 @@ import sun.security.action.GetPropertyAction;
* - JavaLoginConfig is the default file-based LoginModule Configuration type.
*/
final class SunEntries {
public final class SunEntries {
private static final boolean useLegacyDSA =
Boolean.parseBoolean(GetPropertyAction.privilegedGetProperty
("jdk.security.legacyDSAKeyPairGenerator"));
private SunEntries() {
// empty
// create an aliases List from the specified aliases
public static List<String> createAliases(String ... aliases) {
return Arrays.asList(aliases);
}
static void putEntries(Map<Object, Object> map) {
// create an aliases List from the specified oid followed by other aliases
public static List<String> createAliasesWithOid(String ... oids) {
String[] result = Arrays.copyOf(oids, oids.length + 1);
result[result.length - 1] = "OID." + oids[0];
return Arrays.asList(result);
}
// extend LinkedHashSet to preserve the ordering (needed by SecureRandom?)
SunEntries(Provider p) {
services = new LinkedHashSet<>(50, 0.9f);
// start populating content using the specified provider
// common attribute map
HashMap<String, String> attrs = new HashMap<>(3);
/*
* SecureRandom
@ -100,266 +111,217 @@ final class SunEntries {
boolean useNativePRNG = seedSource.equals(URL_DEV_URANDOM) ||
seedSource.equals(URL_DEV_RANDOM);
attrs.put("ThreadSafe", "true");
if (nativeAvailable && useNativePRNG) {
map.put("SecureRandom.NativePRNG",
"sun.security.provider.NativePRNG");
map.put("SecureRandom.NativePRNG ThreadSafe", "true");
add(p, "SecureRandom", "NativePRNG",
"sun.security.provider.NativePRNG", null, attrs);
}
map.put("SecureRandom.DRBG", "sun.security.provider.DRBG");
map.put("SecureRandom.DRBG ThreadSafe", "true");
map.put("SecureRandom.SHA1PRNG",
"sun.security.provider.SecureRandom");
map.put("SecureRandom.SHA1PRNG ThreadSafe", "true");
attrs.put("ImplementedIn", "Software");
add(p, "SecureRandom", "DRBG", "sun.security.provider.DRBG", null, attrs);
add(p, "SecureRandom", "SHA1PRNG",
"sun.security.provider.SecureRandom", null, attrs);
attrs.remove("ImplementedIn");
if (nativeAvailable && !useNativePRNG) {
map.put("SecureRandom.NativePRNG",
"sun.security.provider.NativePRNG");
map.put("SecureRandom.NativePRNG ThreadSafe", "true");
add(p, "SecureRandom", "NativePRNG", "sun.security.provider.NativePRNG",
null, attrs);
}
if (NativePRNG.Blocking.isAvailable()) {
map.put("SecureRandom.NativePRNGBlocking",
"sun.security.provider.NativePRNG$Blocking");
map.put("SecureRandom.NativePRNGBlocking ThreadSafe", "true");
add(p, "SecureRandom", "NativePRNGBlocking",
"sun.security.provider.NativePRNG$Blocking", null, attrs);
}
if (NativePRNG.NonBlocking.isAvailable()) {
map.put("SecureRandom.NativePRNGNonBlocking",
"sun.security.provider.NativePRNG$NonBlocking");
map.put("SecureRandom.NativePRNGNonBlocking ThreadSafe", "true");
add(p, "SecureRandom", "NativePRNGNonBlocking",
"sun.security.provider.NativePRNG$NonBlocking", null, attrs);
}
/*
* Signature engines
*/
map.put("Signature.SHA1withDSA",
"sun.security.provider.DSA$SHA1withDSA");
map.put("Signature.NONEwithDSA", "sun.security.provider.DSA$RawDSA");
map.put("Alg.Alias.Signature.RawDSA", "NONEwithDSA");
map.put("Signature.SHA224withDSA",
"sun.security.provider.DSA$SHA224withDSA");
map.put("Signature.SHA256withDSA",
"sun.security.provider.DSA$SHA256withDSA");
map.put("Signature.SHA1withDSAinP1363Format",
"sun.security.provider.DSA$SHA1withDSAinP1363Format");
map.put("Signature.NONEwithDSAinP1363Format",
"sun.security.provider.DSA$RawDSAinP1363Format");
map.put("Signature.SHA224withDSAinP1363Format",
"sun.security.provider.DSA$SHA224withDSAinP1363Format");
map.put("Signature.SHA256withDSAinP1363Format",
"sun.security.provider.DSA$SHA256withDSAinP1363Format");
attrs.clear();
String dsaKeyClasses = "java.security.interfaces.DSAPublicKey" +
"|java.security.interfaces.DSAPrivateKey";
map.put("Signature.SHA1withDSA SupportedKeyClasses", dsaKeyClasses);
map.put("Signature.NONEwithDSA SupportedKeyClasses", dsaKeyClasses);
map.put("Signature.SHA224withDSA SupportedKeyClasses", dsaKeyClasses);
map.put("Signature.SHA256withDSA SupportedKeyClasses", dsaKeyClasses);
attrs.put("SupportedKeyClasses", dsaKeyClasses);
attrs.put("ImplementedIn", "Software");
map.put("Alg.Alias.Signature.DSA", "SHA1withDSA");
map.put("Alg.Alias.Signature.DSS", "SHA1withDSA");
map.put("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA");
map.put("Alg.Alias.Signature.SHA-1/DSA", "SHA1withDSA");
map.put("Alg.Alias.Signature.SHA1/DSA", "SHA1withDSA");
map.put("Alg.Alias.Signature.SHAwithDSA", "SHA1withDSA");
map.put("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA");
map.put("Alg.Alias.Signature.OID.1.2.840.10040.4.3",
"SHA1withDSA");
map.put("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA");
map.put("Alg.Alias.Signature.1.3.14.3.2.13", "SHA1withDSA");
map.put("Alg.Alias.Signature.1.3.14.3.2.27", "SHA1withDSA");
map.put("Alg.Alias.Signature.OID.2.16.840.1.101.3.4.3.1",
"SHA224withDSA");
map.put("Alg.Alias.Signature.2.16.840.1.101.3.4.3.1", "SHA224withDSA");
map.put("Alg.Alias.Signature.OID.2.16.840.1.101.3.4.3.2",
"SHA256withDSA");
map.put("Alg.Alias.Signature.2.16.840.1.101.3.4.3.2", "SHA256withDSA");
attrs.put("KeySize", "1024"); // for NONE and SHA1 DSA signatures
add(p, "Signature", "SHA1withDSA",
"sun.security.provider.DSA$SHA1withDSA",
createAliasesWithOid("1.2.840.10040.4.3", "DSA", "DSS", "SHA/DSA",
"SHA-1/DSA", "SHA1/DSA", "SHAwithDSA", "DSAWithSHA1",
"1.3.14.3.2.13", "1.3.14.3.2.27"), attrs);
add(p, "Signature", "NONEwithDSA", "sun.security.provider.DSA$RawDSA",
createAliases("RawDSA"), attrs);
attrs.put("KeySize", "2048"); // for SHA224 and SHA256 DSA signatures
add(p, "Signature", "SHA224withDSA",
"sun.security.provider.DSA$SHA224withDSA",
createAliasesWithOid("2.16.840.1.101.3.4.3.1"), attrs);
add(p, "Signature", "SHA256withDSA",
"sun.security.provider.DSA$SHA256withDSA",
createAliasesWithOid("2.16.840.1.101.3.4.3.2"), attrs);
attrs.remove("KeySize");
add(p, "Signature", "SHA1withDSAinP1363Format",
"sun.security.provider.DSA$SHA1withDSAinP1363Format",
null, null);
add(p, "Signature", "NONEwithDSAinP1363Format",
"sun.security.provider.DSA$RawDSAinP1363Format",
null, null);
add(p, "Signature", "SHA224withDSAinP1363Format",
"sun.security.provider.DSA$SHA224withDSAinP1363Format",
null, null);
add(p, "Signature", "SHA256withDSAinP1363Format",
"sun.security.provider.DSA$SHA256withDSAinP1363Format",
null, null);
/*
* Key Pair Generator engines
*/
attrs.clear();
attrs.put("ImplementedIn", "Software");
attrs.put("KeySize", "2048"); // for DSA KPG and APG only
String dsaOid = "1.2.840.10040.4.1";
List<String> dsaAliases = createAliasesWithOid(dsaOid, "1.3.14.3.2.12");
String dsaKPGImplClass = "sun.security.provider.DSAKeyPairGenerator$";
dsaKPGImplClass += (useLegacyDSA? "Legacy" : "Current");
map.put("KeyPairGenerator.DSA", dsaKPGImplClass);
map.put("Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1", "DSA");
map.put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSA");
map.put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSA");
/*
* Digest engines
*/
map.put("MessageDigest.MD2", "sun.security.provider.MD2");
map.put("MessageDigest.MD5", "sun.security.provider.MD5");
map.put("MessageDigest.SHA", "sun.security.provider.SHA");
map.put("Alg.Alias.MessageDigest.SHA-1", "SHA");
map.put("Alg.Alias.MessageDigest.SHA1", "SHA");
map.put("Alg.Alias.MessageDigest.1.3.14.3.2.26", "SHA");
map.put("Alg.Alias.MessageDigest.OID.1.3.14.3.2.26", "SHA");
map.put("MessageDigest.SHA-224", "sun.security.provider.SHA2$SHA224");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.4", "SHA-224");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.4",
"SHA-224");
map.put("MessageDigest.SHA-256", "sun.security.provider.SHA2$SHA256");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1", "SHA-256");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.1",
"SHA-256");
map.put("MessageDigest.SHA-384", "sun.security.provider.SHA5$SHA384");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.2", "SHA-384");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.2",
"SHA-384");
map.put("MessageDigest.SHA-512", "sun.security.provider.SHA5$SHA512");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.3", "SHA-512");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.3",
"SHA-512");
map.put("MessageDigest.SHA-512/224", "sun.security.provider.SHA5$SHA512_224");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.5", "SHA-512/224");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.5",
"SHA-512/224");
map.put("MessageDigest.SHA-512/256", "sun.security.provider.SHA5$SHA512_256");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.6", "SHA-512/256");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.6",
"SHA-512/256");
map.put("MessageDigest.SHA3-224", "sun.security.provider.SHA3$SHA224");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.7", "SHA3-224");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.7",
"SHA3-224");
map.put("MessageDigest.SHA3-256", "sun.security.provider.SHA3$SHA256");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.8", "SHA3-256");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.8",
"SHA3-256");
map.put("MessageDigest.SHA3-384", "sun.security.provider.SHA3$SHA384");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.9", "SHA3-384");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.9",
"SHA3-384");
map.put("MessageDigest.SHA3-512", "sun.security.provider.SHA3$SHA512");
map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.10", "SHA3-512");
map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.10",
"SHA3-512");
add(p, "KeyPairGenerator", "DSA", dsaKPGImplClass, dsaAliases, attrs);
/*
* Algorithm Parameter Generator engines
*/
map.put("AlgorithmParameterGenerator.DSA",
"sun.security.provider.DSAParameterGenerator");
add(p, "AlgorithmParameterGenerator", "DSA",
"sun.security.provider.DSAParameterGenerator", dsaAliases, attrs);
attrs.remove("KeySize");
/*
* Algorithm Parameter engines
*/
map.put("AlgorithmParameters.DSA",
"sun.security.provider.DSAParameters");
map.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.10040.4.1", "DSA");
map.put("Alg.Alias.AlgorithmParameters.1.2.840.10040.4.1", "DSA");
map.put("Alg.Alias.AlgorithmParameters.1.3.14.3.2.12", "DSA");
add(p, "AlgorithmParameters", "DSA",
"sun.security.provider.DSAParameters", dsaAliases, attrs);
/*
* Key factories
*/
map.put("KeyFactory.DSA", "sun.security.provider.DSAKeyFactory");
map.put("Alg.Alias.KeyFactory.OID.1.2.840.10040.4.1", "DSA");
map.put("Alg.Alias.KeyFactory.1.2.840.10040.4.1", "DSA");
map.put("Alg.Alias.KeyFactory.1.3.14.3.2.12", "DSA");
add(p, "KeyFactory", "DSA", "sun.security.provider.DSAKeyFactory",
dsaAliases, attrs);
/*
* Digest engines
*/
add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", null, attrs);
add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", null, attrs);
add(p, "MessageDigest", "SHA", "sun.security.provider.SHA",
createAliasesWithOid("1.3.14.3.2.26", "SHA-1", "SHA1"), attrs);
String sha2BaseOid = "2.16.840.1.101.3.4.2";
add(p, "MessageDigest", "SHA-224", "sun.security.provider.SHA2$SHA224",
createAliasesWithOid(sha2BaseOid + ".4"), attrs);
add(p, "MessageDigest", "SHA-256", "sun.security.provider.SHA2$SHA256",
createAliasesWithOid(sha2BaseOid + ".1"), attrs);
add(p, "MessageDigest", "SHA-384", "sun.security.provider.SHA5$SHA384",
createAliasesWithOid(sha2BaseOid + ".2"), attrs);
add(p, "MessageDigest", "SHA-512", "sun.security.provider.SHA5$SHA512",
createAliasesWithOid(sha2BaseOid + ".3"), attrs);
add(p, "MessageDigest", "SHA-512/224",
"sun.security.provider.SHA5$SHA512_224",
createAliasesWithOid(sha2BaseOid + ".5"), attrs);
add(p, "MessageDigest", "SHA-512/256",
"sun.security.provider.SHA5$SHA512_256",
createAliasesWithOid(sha2BaseOid + ".6"), attrs);
add(p, "MessageDigest", "SHA3-224", "sun.security.provider.SHA3$SHA224",
createAliasesWithOid(sha2BaseOid + ".7"), attrs);
add(p, "MessageDigest", "SHA3-256", "sun.security.provider.SHA3$SHA256",
createAliasesWithOid(sha2BaseOid + ".8"), attrs);
add(p, "MessageDigest", "SHA3-384", "sun.security.provider.SHA3$SHA384",
createAliasesWithOid(sha2BaseOid + ".9"), attrs);
add(p, "MessageDigest", "SHA3-512", "sun.security.provider.SHA3$SHA512",
createAliasesWithOid(sha2BaseOid + ".10"), attrs);
/*
* Certificates
*/
map.put("CertificateFactory.X.509",
"sun.security.provider.X509Factory");
map.put("Alg.Alias.CertificateFactory.X509", "X.509");
add(p, "CertificateFactory", "X.509",
"sun.security.provider.X509Factory",
createAliases("X509"), attrs);
/*
* KeyStore
*/
map.put("KeyStore.PKCS12",
"sun.security.pkcs12.PKCS12KeyStore$DualFormatPKCS12");
map.put("KeyStore.JKS",
"sun.security.provider.JavaKeyStore$DualFormatJKS");
map.put("KeyStore.CaseExactJKS",
"sun.security.provider.JavaKeyStore$CaseExactJKS");
map.put("KeyStore.DKS", "sun.security.provider.DomainKeyStore$DKS");
add(p, "KeyStore", "PKCS12",
"sun.security.pkcs12.PKCS12KeyStore$DualFormatPKCS12",
null, null);
add(p, "KeyStore", "JKS",
"sun.security.provider.JavaKeyStore$DualFormatJKS",
null, attrs);
add(p, "KeyStore", "CaseExactJKS",
"sun.security.provider.JavaKeyStore$CaseExactJKS",
null, attrs);
add(p, "KeyStore", "DKS", "sun.security.provider.DomainKeyStore$DKS",
null, attrs);
/*
* Policy
*/
map.put("Policy.JavaPolicy", "sun.security.provider.PolicySpiFile");
/*
* Configuration
*/
map.put("Configuration.JavaLoginConfig",
"sun.security.provider.ConfigFile$Spi");
/*
* CertPathBuilder
*/
map.put("CertPathBuilder.PKIX",
"sun.security.provider.certpath.SunCertPathBuilder");
map.put("CertPathBuilder.PKIX ValidationAlgorithm",
"RFC5280");
/*
* CertPathValidator
*/
map.put("CertPathValidator.PKIX",
"sun.security.provider.certpath.PKIXCertPathValidator");
map.put("CertPathValidator.PKIX ValidationAlgorithm",
"RFC5280");
/*
* CertStores
*/
map.put("CertStore.Collection",
"sun.security.provider.certpath.CollectionCertStore");
map.put("CertStore.com.sun.security.IndexedCollection",
"sun.security.provider.certpath.IndexedCollectionCertStore");
add(p, "CertStore", "Collection",
"sun.security.provider.certpath.CollectionCertStore",
null, attrs);
add(p, "CertStore", "com.sun.security.IndexedCollection",
"sun.security.provider.certpath.IndexedCollectionCertStore",
null, attrs);
/*
* KeySize
* Policy
*/
map.put("Signature.NONEwithDSA KeySize", "1024");
map.put("Signature.SHA1withDSA KeySize", "1024");
map.put("Signature.SHA224withDSA KeySize", "2048");
map.put("Signature.SHA256withDSA KeySize", "2048");
map.put("KeyPairGenerator.DSA KeySize", "2048");
map.put("AlgorithmParameterGenerator.DSA KeySize", "2048");
add(p, "Policy", "JavaPolicy", "sun.security.provider.PolicySpiFile",
null, null);
/*
* Implementation type: software or hardware
* Configuration
*/
map.put("Signature.SHA1withDSA ImplementedIn", "Software");
map.put("KeyPairGenerator.DSA ImplementedIn", "Software");
map.put("MessageDigest.MD5 ImplementedIn", "Software");
map.put("MessageDigest.SHA ImplementedIn", "Software");
map.put("AlgorithmParameterGenerator.DSA ImplementedIn",
"Software");
map.put("AlgorithmParameters.DSA ImplementedIn", "Software");
map.put("KeyFactory.DSA ImplementedIn", "Software");
map.put("SecureRandom.SHA1PRNG ImplementedIn", "Software");
map.put("SecureRandom.DRBG ImplementedIn", "Software");
map.put("CertificateFactory.X.509 ImplementedIn", "Software");
map.put("KeyStore.JKS ImplementedIn", "Software");
map.put("CertPathValidator.PKIX ImplementedIn", "Software");
map.put("CertPathBuilder.PKIX ImplementedIn", "Software");
map.put("CertStore.Collection ImplementedIn", "Software");
map.put("CertStore.com.sun.security.IndexedCollection ImplementedIn",
"Software");
add(p, "Configuration", "JavaLoginConfig",
"sun.security.provider.ConfigFile$Spi", null, null);
/*
* CertPathBuilder and CertPathValidator
*/
attrs.clear();
attrs.put("ValidationAlgorithm", "RFC5280");
attrs.put("ImplementedIn", "Software");
add(p, "CertPathBuilder", "PKIX",
"sun.security.provider.certpath.SunCertPathBuilder",
null, attrs);
add(p, "CertPathValidator", "PKIX",
"sun.security.provider.certpath.PKIXCertPathValidator",
null, attrs);
}
Iterator<Provider.Service> iterator() {
return services.iterator();
}
private void add(Provider p, String type, String algo, String cn,
List<String> aliases, HashMap<String, String> attrs) {
services.add(new Provider.Service(p, type, algo, cn, aliases, attrs));
}
private LinkedHashSet<Provider.Service> services;
// name of the *System* property, takes precedence over PROP_RNDSOURCE
private static final String PROP_EGD = "java.security.egd";
// name of the *Security* property
private static final String PROP_RNDSOURCE = "securerandom.source";
private static final boolean useLegacyDSA =
Boolean.parseBoolean(GetPropertyAction.privilegedGetProperty
("jdk.security.legacyDSAKeyPairGenerator"));
static final String URL_DEV_RANDOM = "file:/dev/random";
static final String URL_DEV_URANDOM = "file:/dev/urandom";

34
src/java.base/share/classes/sun/security/provider/VerificationProvider.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -28,8 +28,6 @@ package sun.security.provider;
import java.util.*;
import java.security.*;
import sun.security.action.PutAllAction;
import sun.security.rsa.SunRsaSignEntries;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
@ -70,18 +68,30 @@ public final class VerificationProvider extends Provider {
return;
}
Provider p = this;
Iterator<Provider.Service> sunIter = new SunEntries(p).iterator();
Iterator<Provider.Service> rsaIter =
new SunRsaSignEntries(p).iterator();
// if there is no security manager installed, put directly into
// the provider. Otherwise, create a temporary map and use a
// doPrivileged() call at the end to transfer the contents
// the provider
if (System.getSecurityManager() == null) {
SunEntries.putEntries(this);
SunRsaSignEntries.putEntries(this);
putEntries(sunIter);
putEntries(rsaIter);
} else {
// use LinkedHashMap to preserve the order of the PRNGs
Map<Object, Object> map = new LinkedHashMap<>();
SunEntries.putEntries(map);
SunRsaSignEntries.putEntries(map);
AccessController.doPrivileged(new PutAllAction(this, map));
AccessController.doPrivileged(new PrivilegedAction<Object>() {
public Void run() {
putEntries(sunIter);
putEntries(rsaIter);
return null;
}
});
}
}
void putEntries(Iterator<Provider.Service> i) {
while (i.hasNext()) {
putService(i.next());
}
}

28
src/java.base/share/classes/sun/security/rsa/SunRsaSign.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,7 +29,6 @@ import java.util.*;
import java.security.*;
import sun.security.action.PutAllAction;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
/**
@ -46,17 +45,24 @@ public final class SunRsaSign extends Provider {
public SunRsaSign() {
super("SunRsaSign", PROVIDER_VER, "Sun RSA signature provider");
// if there is no security manager installed, put directly into
// the provider. Otherwise, create a temporary map and use a
// doPrivileged() call at the end to transfer the contents
Provider p = this;
Iterator<Provider.Service> serviceIter = new SunRsaSignEntries(p).iterator();
if (System.getSecurityManager() == null) {
SunRsaSignEntries.putEntries(this);
putEntries(serviceIter);
} else {
// use LinkedHashMap to preserve the order of the PRNGs
Map<Object, Object> map = new HashMap<>();
SunRsaSignEntries.putEntries(map);
AccessController.doPrivileged(new PutAllAction(this, map));
AccessController.doPrivileged(new PrivilegedAction<Void>() {
@Override
public Void run() {
putEntries(serviceIter);
return null;
}
});
}
}
void putEntries(Iterator<Provider.Service> i) {
while (i.hasNext()) {
putService(i.next());
}
}
}

163
src/java.base/share/classes/sun/security/rsa/SunRsaSignEntries.java
View File

@ -25,7 +25,9 @@
package sun.security.rsa;
import java.util.Map;
import java.util.*;
import java.security.Provider;
import static sun.security.provider.SunEntries.createAliasesWithOid;
/**
* Defines the entries of the SunRsaSign provider.
@ -34,102 +36,81 @@ import java.util.Map;
*/
public final class SunRsaSignEntries {
private SunRsaSignEntries() {
// empty
private void add(Provider p, String type, String algo, String cn,
List<String> aliases, HashMap<String, String> attrs) {
services.add(new Provider.Service(p, type, algo, cn, aliases, attrs));
}
public static void putEntries(Map<Object, Object> map) {
// extend LinkedHashSet for consistency with SunEntries
// used by sun.security.provider.VerificationProvider
public SunRsaSignEntries(Provider p) {
services = new LinkedHashSet<>(20, 0.9f);
// main algorithms
map.put("KeyFactory.RSA",
"sun.security.rsa.RSAKeyFactory$Legacy");
map.put("KeyPairGenerator.RSA",
"sun.security.rsa.RSAKeyPairGenerator$Legacy");
map.put("Signature.MD2withRSA",
"sun.security.rsa.RSASignature$MD2withRSA");
map.put("Signature.MD5withRSA",
"sun.security.rsa.RSASignature$MD5withRSA");
map.put("Signature.SHA1withRSA",
"sun.security.rsa.RSASignature$SHA1withRSA");
map.put("Signature.SHA224withRSA",
"sun.security.rsa.RSASignature$SHA224withRSA");
map.put("Signature.SHA256withRSA",
"sun.security.rsa.RSASignature$SHA256withRSA");
map.put("Signature.SHA384withRSA",
"sun.security.rsa.RSASignature$SHA384withRSA");
map.put("Signature.SHA512withRSA",
"sun.security.rsa.RSASignature$SHA512withRSA");
map.put("Signature.SHA512/224withRSA",
"sun.security.rsa.RSASignature$SHA512_224withRSA");
map.put("Signature.SHA512/256withRSA",
"sun.security.rsa.RSASignature$SHA512_256withRSA");
// start populating content using the specified provider
map.put("KeyFactory.RSASSA-PSS",
"sun.security.rsa.RSAKeyFactory$PSS");
map.put("KeyPairGenerator.RSASSA-PSS",
"sun.security.rsa.RSAKeyPairGenerator$PSS");
map.put("Signature.RSASSA-PSS",
"sun.security.rsa.RSAPSSSignature");
map.put("AlgorithmParameters.RSASSA-PSS",
"sun.security.rsa.PSSParameters");
// common oids
String rsaOid = "1.2.840.113549.1.1";
List<String> rsaAliases = createAliasesWithOid(rsaOid);
List<String> rsapssAliases = createAliasesWithOid(rsaOid + ".10");
String sha1withRSAOid2 = "1.3.14.3.2.29";
// attributes for supported key classes
String rsaKeyClasses = "java.security.interfaces.RSAPublicKey" +
"|java.security.interfaces.RSAPrivateKey";
map.put("Signature.MD2withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.MD5withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA1withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA224withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA256withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA384withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA512withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA512/224withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA512/256withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.RSASSA-PSS SupportedKeyClasses", rsaKeyClasses);
// common attribute map
HashMap<String, String> attrs = new HashMap<>(3);
attrs.put("SupportedKeyClasses",
"java.security.interfaces.RSAPublicKey" +
"|java.security.interfaces.RSAPrivateKey");
// aliases
map.put("Alg.Alias.KeyFactory.1.2.840.113549.1.1", "RSA");
map.put("Alg.Alias.KeyFactory.OID.1.2.840.113549.1.1", "RSA");
add(p, "KeyFactory", "RSA",
"sun.security.rsa.RSAKeyFactory$Legacy",
rsaAliases, null);
add(p, "KeyPairGenerator", "RSA",
"sun.security.rsa.RSAKeyPairGenerator$Legacy",
rsaAliases, null);
add(p, "Signature", "MD2withRSA",
"sun.security.rsa.RSASignature$MD2withRSA",
createAliasesWithOid(rsaOid + ".2"), attrs);
add(p, "Signature", "MD5withRSA",
"sun.security.rsa.RSASignature$MD5withRSA",
createAliasesWithOid(rsaOid + ".4"), attrs);
add(p, "Signature", "SHA1withRSA",
"sun.security.rsa.RSASignature$SHA1withRSA",
createAliasesWithOid(rsaOid + ".5", sha1withRSAOid2), attrs);
add(p, "Signature", "SHA224withRSA",
"sun.security.rsa.RSASignature$SHA224withRSA",
createAliasesWithOid(rsaOid + ".14"), attrs);
add(p, "Signature", "SHA256withRSA",
"sun.security.rsa.RSASignature$SHA256withRSA",
createAliasesWithOid(rsaOid + ".11"), attrs);
add(p, "Signature", "SHA384withRSA",
"sun.security.rsa.RSASignature$SHA384withRSA",
createAliasesWithOid(rsaOid + ".12"), attrs);
add(p, "Signature", "SHA512withRSA",
"sun.security.rsa.RSASignature$SHA512withRSA",
createAliasesWithOid(rsaOid + ".13"), attrs);
add(p, "Signature", "SHA512/224withRSA",
"sun.security.rsa.RSASignature$SHA512_224withRSA",
createAliasesWithOid(rsaOid + ".15"), attrs);
add(p, "Signature", "SHA512/256withRSA",
"sun.security.rsa.RSASignature$SHA512_256withRSA",
createAliasesWithOid(rsaOid + ".16"), attrs);
map.put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1", "RSA");
map.put("Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1", "RSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.2", "MD2withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.2", "MD2withRSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.4", "MD5withRSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1withRSA");
map.put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1withRSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.14", "SHA224withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.14", "SHA224withRSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.15", "SHA512/224withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.15", "SHA512/224withRSA");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.16", "SHA512/256withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.16", "SHA512/256withRSA");
map.put("Alg.Alias.KeyFactory.1.2.840.113549.1.1.10", "RSASSA-PSS");
map.put("Alg.Alias.KeyFactory.OID.1.2.840.113549.1.1.10", "RSASSA-PSS");
map.put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1.10", "RSASSA-PSS");
map.put("Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1.10", "RSASSA-PSS");
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.10", "RSASSA-PSS");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.10", "RSASSA-PSS");
map.put("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.1.10", "RSASSA-PSS");
map.put("Alg.Alias.AlgorithmParameters.OID.1.2.840.113549.1.1.10", "RSASSA-PSS");
add(p, "KeyFactory", "RSASSA-PSS",
"sun.security.rsa.RSAKeyFactory$PSS",
rsapssAliases, null);
add(p, "KeyPairGenerator", "RSASSA-PSS",
"sun.security.rsa.RSAKeyPairGenerator$PSS",
rsapssAliases, null);
add(p, "Signature", "RSASSA-PSS",
"sun.security.rsa.RSAPSSSignature",
rsapssAliases, attrs);
add(p, "AlgorithmParameters", "RSASSA-PSS",
"sun.security.rsa.PSSParameters",
rsapssAliases, null);
}
public Iterator<Provider.Service> iterator() {
return services.iterator();
}
private LinkedHashSet<Provider.Service> services;
}

115
src/java.base/share/classes/sun/security/ssl/SunJSSE.java
View File

@ -26,7 +26,10 @@
package sun.security.ssl;
import java.security.*;
import java.util.*;
import sun.security.rsa.SunRsaSignEntries;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
import static sun.security.provider.SunEntries.createAliases;
/**
* The JSSE provider.
@ -157,86 +160,62 @@ public abstract class SunJSSE extends java.security.Provider {
});
}
private void ps(String type, String algo, String cn,
List<String> aliases, HashMap<String, String> attrs) {
putService(new Provider.Service(this, type, algo, cn, aliases, attrs));
}
private void doRegister(boolean isfips) {
if (isfips == false) {
put("KeyFactory.RSA",
"sun.security.rsa.RSAKeyFactory$Legacy");
put("Alg.Alias.KeyFactory.1.2.840.113549.1.1", "RSA");
put("Alg.Alias.KeyFactory.OID.1.2.840.113549.1.1", "RSA");
put("KeyPairGenerator.RSA",
"sun.security.rsa.RSAKeyPairGenerator$Legacy");
put("Alg.Alias.KeyPairGenerator.1.2.840.113549.1.1", "RSA");
put("Alg.Alias.KeyPairGenerator.OID.1.2.840.113549.1.1", "RSA");
put("Signature.MD2withRSA",
"sun.security.rsa.RSASignature$MD2withRSA");
put("Alg.Alias.Signature.1.2.840.113549.1.1.2", "MD2withRSA");
put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.2",
"MD2withRSA");
put("Signature.MD5withRSA",
"sun.security.rsa.RSASignature$MD5withRSA");
put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA");
put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.4",
"MD5withRSA");
put("Signature.SHA1withRSA",
"sun.security.rsa.RSASignature$SHA1withRSA");
put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA");
put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5",
"SHA1withRSA");
put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1withRSA");
put("Alg.Alias.Signature.OID.1.3.14.3.2.29", "SHA1withRSA");
Iterator<Provider.Service> rsaIter =
new SunRsaSignEntries(this).iterator();
while (rsaIter.hasNext()) {
putService(rsaIter.next());
}
}
put("Signature.MD5andSHA1withRSA",
"sun.security.ssl.RSASignature");
ps("Signature", "MD5andSHA1withRSA",
"sun.security.ssl.RSASignature", null, null);
put("KeyManagerFactory.SunX509",
"sun.security.ssl.KeyManagerFactoryImpl$SunX509");
put("KeyManagerFactory.NewSunX509",
"sun.security.ssl.KeyManagerFactoryImpl$X509");
put("Alg.Alias.KeyManagerFactory.PKIX", "NewSunX509");
ps("KeyManagerFactory", "SunX509",
"sun.security.ssl.KeyManagerFactoryImpl$SunX509", null, null);
ps("KeyManagerFactory", "NewSunX509",
"sun.security.ssl.KeyManagerFactoryImpl$X509",
createAliases("PKIX"), null);
put("TrustManagerFactory.SunX509",
"sun.security.ssl.TrustManagerFactoryImpl$SimpleFactory");
put("TrustManagerFactory.PKIX",
"sun.security.ssl.TrustManagerFactoryImpl$PKIXFactory");
put("Alg.Alias.TrustManagerFactory.SunPKIX", "PKIX");
put("Alg.Alias.TrustManagerFactory.X509", "PKIX");
put("Alg.Alias.TrustManagerFactory.X.509", "PKIX");
ps("TrustManagerFactory", "SunX509",
"sun.security.ssl.TrustManagerFactoryImpl$SimpleFactory", null, null);
ps("TrustManagerFactory", "PKIX",
"sun.security.ssl.TrustManagerFactoryImpl$PKIXFactory",
createAliases("SunPKIX", "X509", "X.509"), null);
put("SSLContext.TLSv1",
"sun.security.ssl.SSLContextImpl$TLS10Context");
put("SSLContext.TLSv1.1",
"sun.security.ssl.SSLContextImpl$TLS11Context");
put("SSLContext.TLSv1.2",
"sun.security.ssl.SSLContextImpl$TLS12Context");
put("SSLContext.TLSv1.3",
"sun.security.ssl.SSLContextImpl$TLS13Context");
put("SSLContext.TLS",
"sun.security.ssl.SSLContextImpl$TLSContext");
if (isfips == false) {
put("Alg.Alias.SSLContext.SSL", "TLS");
put("Alg.Alias.SSLContext.SSLv3", "TLSv1");
}
ps("SSLContext", "TLSv1",
"sun.security.ssl.SSLContextImpl$TLS10Context",
(isfips? null : createAliases("SSLv3")), null);
ps("SSLContext", "TLSv1.1",
"sun.security.ssl.SSLContextImpl$TLS11Context", null, null);
ps("SSLContext", "TLSv1.2",
"sun.security.ssl.SSLContextImpl$TLS12Context", null, null);
ps("SSLContext", "TLSv1.3",
"sun.security.ssl.SSLContextImpl$TLS13Context", null, null);
ps("SSLContext", "TLS",
"sun.security.ssl.SSLContextImpl$TLSContext",
(isfips? null : createAliases("SSL")), null);
put("SSLContext.DTLSv1.0",
"sun.security.ssl.SSLContextImpl$DTLS10Context");
put("SSLContext.DTLSv1.2",
"sun.security.ssl.SSLContextImpl$DTLS12Context");
put("SSLContext.DTLS",
"sun.security.ssl.SSLContextImpl$DTLSContext");
ps("SSLContext", "DTLSv1.0",
"sun.security.ssl.SSLContextImpl$DTLS10Context", null, null);
ps("SSLContext", "DTLSv1.2",
"sun.security.ssl.SSLContextImpl$DTLS12Context", null, null);
ps("SSLContext", "DTLS",
"sun.security.ssl.SSLContextImpl$DTLSContext", null, null);
put("SSLContext.Default",
"sun.security.ssl.SSLContextImpl$DefaultSSLContext");
ps("SSLContext", "Default",
"sun.security.ssl.SSLContextImpl$DefaultSSLContext", null, null);
/*
* KeyStore
*/
put("KeyStore.PKCS12",
"sun.security.pkcs12.PKCS12KeyStore");
ps("KeyStore", "PKCS12",
"sun.security.pkcs12.PKCS12KeyStore", null, null);
}
// com.sun.net.ssl.internal.ssl.Provider has been deprecated since JDK 9