|
2
|
1 |
/*
|
|
|
2 |
* Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved.
|
|
|
3 |
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
|
4 |
*
|
|
|
5 |
* This code is free software; you can redistribute it and/or modify it
|
|
|
6 |
* under the terms of the GNU General Public License version 2 only, as
|
|
|
7 |
* published by the Free Software Foundation. Sun designates this
|
|
|
8 |
* particular file as subject to the "Classpath" exception as provided
|
|
|
9 |
* by Sun in the LICENSE file that accompanied this code.
|
|
|
10 |
*
|
|
|
11 |
* This code is distributed in the hope that it will be useful, but WITHOUT
|
|
|
12 |
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
|
13 |
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
14 |
* version 2 for more details (a copy is included in the LICENSE file that
|
|
|
15 |
* accompanied this code).
|
|
|
16 |
*
|
|
|
17 |
* You should have received a copy of the GNU General Public License version
|
|
|
18 |
* 2 along with this work; if not, write to the Free Software Foundation,
|
|
|
19 |
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
20 |
*
|
|
|
21 |
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
|
|
|
22 |
* CA 95054 USA or visit www.sun.com if you need additional information or
|
|
|
23 |
* have any questions.
|
|
|
24 |
*/
|
|
|
25 |
|
|
|
26 |
package com.sun.crypto.provider;
|
|
|
27 |
|
|
|
28 |
import java.security.AccessController;
|
|
|
29 |
import java.security.Provider;
|
|
|
30 |
import java.security.PrivilegedAction;
|
|
|
31 |
import java.security.cert.*;
|
|
|
32 |
import java.net.URL;
|
|
|
33 |
import java.io.ByteArrayInputStream;
|
|
|
34 |
import java.security.CodeSource;
|
|
|
35 |
import java.security.SecureRandom;
|
|
|
36 |
|
|
|
37 |
|
|
|
38 |
/**
|
|
|
39 |
* The "SunJCE" Cryptographic Service Provider.
|
|
|
40 |
*
|
|
|
41 |
* @author Jan Luehe
|
|
|
42 |
* @author Sharon Liu
|
|
|
43 |
*/
|
|
|
44 |
|
|
|
45 |
/**
|
|
|
46 |
* Defines the "SunJCE" provider.
|
|
|
47 |
*
|
|
|
48 |
* Supported algorithms and their names:
|
|
|
49 |
*
|
|
|
50 |
* - RSA encryption (PKCS#1 v1.5 and raw)
|
|
|
51 |
*
|
|
|
52 |
* - DES
|
|
|
53 |
*
|
|
|
54 |
* - DES-EDE
|
|
|
55 |
*
|
|
|
56 |
* - AES
|
|
|
57 |
*
|
|
|
58 |
* - Blowfish
|
|
|
59 |
*
|
|
|
60 |
* - RC2
|
|
|
61 |
*
|
|
|
62 |
* - ARCFOUR (RC4 compatible)
|
|
|
63 |
*
|
|
|
64 |
* - Cipher modes ECB, CBC, CFB, OFB, PCBC, CTR, and CTS for all block ciphers
|
|
|
65 |
*
|
|
|
66 |
* - Cipher padding ISO10126Padding for non-PKCS#5 block ciphers and
|
|
|
67 |
* NoPadding and PKCS5Padding for all block ciphers
|
|
|
68 |
*
|
|
|
69 |
* - Password-based Encryption (PBE)
|
|
|
70 |
*
|
|
|
71 |
* - Diffie-Hellman Key Agreement
|
|
|
72 |
*
|
|
|
73 |
* - HMAC-MD5, HMAC-SHA1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512
|
|
|
74 |
*
|
|
|
75 |
*/
|
|
|
76 |
|
|
|
77 |
public final class SunJCE extends Provider {
|
|
|
78 |
|
|
|
79 |
private static final long serialVersionUID = 6812507587804302833L;
|
|
|
80 |
|
|
|
81 |
private static final String info = "SunJCE Provider " +
|
|
|
82 |
"(implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, "
|
|
|
83 |
+ "Diffie-Hellman, HMAC)";
|
|
|
84 |
|
|
|
85 |
private static final String OID_PKCS12_RC2_40 = "1.2.840.113549.1.12.1.6";
|
|
|
86 |
private static final String OID_PKCS12_DESede = "1.2.840.113549.1.12.1.3";
|
|
|
87 |
private static final String OID_PKCS5_MD5_DES = "1.2.840.113549.1.5.3";
|
|
|
88 |
private static final String OID_PKCS5_PBKDF2 = "1.2.840.113549.1.5.12";
|
|
|
89 |
private static final String OID_PKCS3 = "1.2.840.113549.1.3.1";
|
|
|
90 |
|
|
|
91 |
/* Are we debugging? -- for developers */
|
|
|
92 |
static final boolean debug = false;
|
|
|
93 |
|
|
|
94 |
static final SecureRandom RANDOM = new SecureRandom();
|
|
|
95 |
|
|
|
96 |
// After the SunJCE passed self-integrity checking,
|
|
|
97 |
// verifiedSelfIntegrity will be set to true.
|
|
|
98 |
private static boolean verifiedSelfIntegrity = false;
|
|
|
99 |
|
|
|
100 |
public SunJCE() {
|
|
|
101 |
/* We are the "SunJCE" provider */
|
|
|
102 |
super("SunJCE", 1.7d, info);
|
|
|
103 |
|
|
|
104 |
final String BLOCK_MODES = "ECB|CBC|PCBC|CTR|CTS|CFB|OFB" +
|
|
|
105 |
"|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64" +
|
|
|
106 |
"|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64";
|
|
|
107 |
final String BLOCK_MODES128 = BLOCK_MODES +
|
|
|
108 |
"|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128" +
|
|
|
109 |
"|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128";
|
|
|
110 |
final String BLOCK_PADS = "NOPADDING|PKCS5PADDING|ISO10126PADDING";
|
|
|
111 |
|
|
|
112 |
AccessController.doPrivileged(new java.security.PrivilegedAction() {
|
|
|
113 |
public Object run() {
|
|
|
114 |
|
|
|
115 |
/*
|
|
|
116 |
* Cipher engines
|
|
|
117 |
*/
|
|
|
118 |
put("Cipher.RSA", "com.sun.crypto.provider.RSACipher");
|
|
|
119 |
put("Cipher.RSA SupportedModes", "ECB");
|
|
|
120 |
put("Cipher.RSA SupportedPaddings",
|
|
|
121 |
"NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING"
|
|
|
122 |
+ "|OAEPWITHSHA1ANDMGF1PADDING"
|
|
|
123 |
+ "|OAEPWITHSHA-1ANDMGF1PADDING"
|
|
|
124 |
+ "|OAEPWITHSHA-256ANDMGF1PADDING"
|
|
|
125 |
+ "|OAEPWITHSHA-384ANDMGF1PADDING"
|
|
|
126 |
+ "|OAEPWITHSHA-512ANDMGF1PADDING");
|
|
|
127 |
put("Cipher.RSA SupportedKeyClasses",
|
|
|
128 |
"java.security.interfaces.RSAPublicKey" +
|
|
|
129 |
"|java.security.interfaces.RSAPrivateKey");
|
|
|
130 |
|
|
|
131 |
put("Cipher.DES", "com.sun.crypto.provider.DESCipher");
|
|
|
132 |
put("Cipher.DES SupportedModes", BLOCK_MODES);
|
|
|
133 |
put("Cipher.DES SupportedPaddings", BLOCK_PADS);
|
|
|
134 |
put("Cipher.DES SupportedKeyFormats", "RAW");
|
|
|
135 |
|
|
|
136 |
put("Cipher.DESede", "com.sun.crypto.provider.DESedeCipher");
|
|
|
137 |
put("Alg.Alias.Cipher.TripleDES", "DESede");
|
|
|
138 |
put("Cipher.DESede SupportedModes", BLOCK_MODES);
|
|
|
139 |
put("Cipher.DESede SupportedPaddings", BLOCK_PADS);
|
|
|
140 |
put("Cipher.DESede SupportedKeyFormats", "RAW");
|
|
|
141 |
|
|
|
142 |
put("Cipher.DESedeWrap",
|
|
|
143 |
"com.sun.crypto.provider.DESedeWrapCipher");
|
|
|
144 |
put("Cipher.DESedeWrap SupportedModes", "CBC");
|
|
|
145 |
put("Cipher.DESedeWrap SupportedPaddings", "NOPADDING");
|
|
|
146 |
put("Cipher.DESedeWrap SupportedKeyFormats", "RAW");
|
|
|
147 |
|
|
|
148 |
put("Cipher.PBEWithMD5AndDES",
|
|
|
149 |
"com.sun.crypto.provider.PBEWithMD5AndDESCipher");
|
|
|
150 |
put("Alg.Alias.Cipher.OID."+OID_PKCS5_MD5_DES,
|
|
|
151 |
"PBEWithMD5AndDES");
|
|
|
152 |
put("Alg.Alias.Cipher."+OID_PKCS5_MD5_DES,
|
|
|
153 |
"PBEWithMD5AndDES");
|
|
|
154 |
put("Cipher.PBEWithMD5AndTripleDES",
|
|
|
155 |
"com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher");
|
|
|
156 |
put("Cipher.PBEWithSHA1AndRC2_40",
|
|
|
157 |
"com.sun.crypto.provider.PKCS12PBECipherCore$" +
|
|
|
158 |
"PBEWithSHA1AndRC2_40");
|
|
|
159 |
put("Alg.Alias.Cipher.OID." + OID_PKCS12_RC2_40,
|
|
|
160 |
"PBEWithSHA1AndRC2_40");
|
|
|
161 |
put("Alg.Alias.Cipher." + OID_PKCS12_RC2_40,
|
|
|
162 |
"PBEWithSHA1AndRC2_40");
|
|
|
163 |
put("Cipher.PBEWithSHA1AndDESede",
|
|
|
164 |
"com.sun.crypto.provider.PKCS12PBECipherCore$" +
|
|
|
165 |
"PBEWithSHA1AndDESede");
|
|
|
166 |
put("Alg.Alias.Cipher.OID." + OID_PKCS12_DESede,
|
|
|
167 |
"PBEWithSHA1AndDESede");
|
|
|
168 |
put("Alg.Alias.Cipher." + OID_PKCS12_DESede,
|
|
|
169 |
"PBEWithSHA1AndDESede");
|
|
|
170 |
|
|
|
171 |
put("Cipher.Blowfish",
|
|
|
172 |
"com.sun.crypto.provider.BlowfishCipher");
|
|
|
173 |
put("Cipher.Blowfish SupportedModes", BLOCK_MODES);
|
|
|
174 |
put("Cipher.Blowfish SupportedPaddings", BLOCK_PADS);
|
|
|
175 |
put("Cipher.Blowfish SupportedKeyFormats", "RAW");
|
|
|
176 |
|
|
|
177 |
put("Cipher.AES", "com.sun.crypto.provider.AESCipher");
|
|
|
178 |
put("Alg.Alias.Cipher.Rijndael", "AES");
|
|
|
179 |
put("Cipher.AES SupportedModes", BLOCK_MODES128);
|
|
|
180 |
put("Cipher.AES SupportedPaddings", BLOCK_PADS);
|
|
|
181 |
put("Cipher.AES SupportedKeyFormats", "RAW");
|
|
|
182 |
|
|
|
183 |
put("Cipher.AESWrap", "com.sun.crypto.provider.AESWrapCipher");
|
|
|
184 |
put("Cipher.AESWrap SupportedModes", "ECB");
|
|
|
185 |
put("Cipher.AESWrap SupportedPaddings", "NOPADDING");
|
|
|
186 |
put("Cipher.AESWrap SupportedKeyFormats", "RAW");
|
|
|
187 |
|
|
|
188 |
put("Cipher.RC2",
|
|
|
189 |
"com.sun.crypto.provider.RC2Cipher");
|
|
|
190 |
put("Cipher.RC2 SupportedModes", BLOCK_MODES);
|
|
|
191 |
put("Cipher.RC2 SupportedPaddings", BLOCK_PADS);
|
|
|
192 |
put("Cipher.RC2 SupportedKeyFormats", "RAW");
|
|
|
193 |
|
|
|
194 |
put("Cipher.ARCFOUR",
|
|
|
195 |
"com.sun.crypto.provider.ARCFOURCipher");
|
|
|
196 |
put("Alg.Alias.Cipher.RC4", "ARCFOUR");
|
|
|
197 |
put("Cipher.ARCFOUR SupportedModes", "ECB");
|
|
|
198 |
put("Cipher.ARCFOUR SupportedPaddings", "NOPADDING");
|
|
|
199 |
put("Cipher.ARCFOUR SupportedKeyFormats", "RAW");
|
|
|
200 |
|
|
|
201 |
/*
|
|
|
202 |
* Key(pair) Generator engines
|
|
|
203 |
*/
|
|
|
204 |
put("KeyGenerator.DES",
|
|
|
205 |
"com.sun.crypto.provider.DESKeyGenerator");
|
|
|
206 |
|
|
|
207 |
put("KeyGenerator.DESede",
|
|
|
208 |
"com.sun.crypto.provider.DESedeKeyGenerator");
|
|
|
209 |
put("Alg.Alias.KeyGenerator.TripleDES", "DESede");
|
|
|
210 |
|
|
|
211 |
put("KeyGenerator.Blowfish",
|
|
|
212 |
"com.sun.crypto.provider.BlowfishKeyGenerator");
|
|
|
213 |
|
|
|
214 |
put("KeyGenerator.AES",
|
|
|
215 |
"com.sun.crypto.provider.AESKeyGenerator");
|
|
|
216 |
put("Alg.Alias.KeyGenerator.Rijndael", "AES");
|
|
|
217 |
|
|
|
218 |
put("KeyGenerator.RC2",
|
|
|
219 |
"com.sun.crypto.provider.KeyGeneratorCore$" +
|
|
|
220 |
"RC2KeyGenerator");
|
|
|
221 |
put("KeyGenerator.ARCFOUR",
|
|
|
222 |
"com.sun.crypto.provider.KeyGeneratorCore$" +
|
|
|
223 |
"ARCFOURKeyGenerator");
|
|
|
224 |
put("Alg.Alias.KeyGenerator.RC4", "ARCFOUR");
|
|
|
225 |
|
|
|
226 |
put("KeyGenerator.HmacMD5",
|
|
|
227 |
"com.sun.crypto.provider.HmacMD5KeyGenerator");
|
|
|
228 |
|
|
|
229 |
put("KeyGenerator.HmacSHA1",
|
|
|
230 |
"com.sun.crypto.provider.HmacSHA1KeyGenerator");
|
|
|
231 |
|
|
|
232 |
put("KeyGenerator.HmacSHA256",
|
|
|
233 |
"com.sun.crypto.provider.KeyGeneratorCore$HmacSHA256KG");
|
|
|
234 |
put("KeyGenerator.HmacSHA384",
|
|
|
235 |
"com.sun.crypto.provider.KeyGeneratorCore$HmacSHA384KG");
|
|
|
236 |
put("KeyGenerator.HmacSHA512",
|
|
|
237 |
"com.sun.crypto.provider.KeyGeneratorCore$HmacSHA512KG");
|
|
|
238 |
|
|
|
239 |
put("KeyPairGenerator.DiffieHellman",
|
|
|
240 |
"com.sun.crypto.provider.DHKeyPairGenerator");
|
|
|
241 |
put("Alg.Alias.KeyPairGenerator.DH", "DiffieHellman");
|
|
|
242 |
put("Alg.Alias.KeyPairGenerator.OID."+OID_PKCS3,
|
|
|
243 |
"DiffieHellman");
|
|
|
244 |
put("Alg.Alias.KeyPairGenerator."+OID_PKCS3,
|
|
|
245 |
"DiffieHellman");
|
|
|
246 |
/*
|
|
|
247 |
* Algorithm parameter generation engines
|
|
|
248 |
*/
|
|
|
249 |
put("AlgorithmParameterGenerator.DiffieHellman",
|
|
|
250 |
"com.sun.crypto.provider.DHParameterGenerator");
|
|
|
251 |
put("Alg.Alias.AlgorithmParameterGenerator.DH",
|
|
|
252 |
"DiffieHellman");
|
|
|
253 |
put("Alg.Alias.AlgorithmParameterGenerator.OID."+OID_PKCS3,
|
|
|
254 |
"DiffieHellman");
|
|
|
255 |
put("Alg.Alias.AlgorithmParameterGenerator."+OID_PKCS3,
|
|
|
256 |
"DiffieHellman");
|
|
|
257 |
|
|
|
258 |
/*
|
|
|
259 |
* Key Agreement engines
|
|
|
260 |
*/
|
|
|
261 |
put("KeyAgreement.DiffieHellman",
|
|
|
262 |
"com.sun.crypto.provider.DHKeyAgreement");
|
|
|
263 |
put("Alg.Alias.KeyAgreement.DH", "DiffieHellman");
|
|
|
264 |
put("Alg.Alias.KeyAgreement.OID."+OID_PKCS3, "DiffieHellman");
|
|
|
265 |
put("Alg.Alias.KeyAgreement."+OID_PKCS3, "DiffieHellman");
|
|
|
266 |
|
|
|
267 |
put("KeyAgreement.DiffieHellman SupportedKeyClasses",
|
|
|
268 |
"javax.crypto.interfaces.DHPublicKey" +
|
|
|
269 |
"|javax.crypto.interfaces.DHPrivateKey");
|
|
|
270 |
|
|
|
271 |
/*
|
|
|
272 |
* Algorithm Parameter engines
|
|
|
273 |
*/
|
|
|
274 |
put("AlgorithmParameters.DiffieHellman",
|
|
|
275 |
"com.sun.crypto.provider.DHParameters");
|
|
|
276 |
put("Alg.Alias.AlgorithmParameters.DH", "DiffieHellman");
|
|
|
277 |
put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS3,
|
|
|
278 |
"DiffieHellman");
|
|
|
279 |
put("Alg.Alias.AlgorithmParameters."+OID_PKCS3,
|
|
|
280 |
"DiffieHellman");
|
|
|
281 |
|
|
|
282 |
put("AlgorithmParameters.DES",
|
|
|
283 |
"com.sun.crypto.provider.DESParameters");
|
|
|
284 |
|
|
|
285 |
put("AlgorithmParameters.DESede",
|
|
|
286 |
"com.sun.crypto.provider.DESedeParameters");
|
|
|
287 |
put("Alg.Alias.AlgorithmParameters.TripleDES", "DESede");
|
|
|
288 |
|
|
|
289 |
put("AlgorithmParameters.PBE",
|
|
|
290 |
"com.sun.crypto.provider.PBEParameters");
|
|
|
291 |
|
|
|
292 |
put("AlgorithmParameters.PBEWithMD5AndDES",
|
|
|
293 |
"com.sun.crypto.provider.PBEParameters");
|
|
|
294 |
put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS5_MD5_DES,
|
|
|
295 |
"PBEWithMD5AndDES");
|
|
|
296 |
put("Alg.Alias.AlgorithmParameters."+OID_PKCS5_MD5_DES,
|
|
|
297 |
"PBEWithMD5AndDES");
|
|
|
298 |
|
|
|
299 |
put("AlgorithmParameters.PBEWithMD5AndTripleDES",
|
|
|
300 |
"com.sun.crypto.provider.PBEParameters");
|
|
|
301 |
|
|
|
302 |
put("AlgorithmParameters.PBEWithSHA1AndDESede",
|
|
|
303 |
"com.sun.crypto.provider.PBEParameters");
|
|
|
304 |
put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_DESede,
|
|
|
305 |
"PBEWithSHA1AndDESede");
|
|
|
306 |
put("Alg.Alias.AlgorithmParameters."+OID_PKCS12_DESede,
|
|
|
307 |
"PBEWithSHA1AndDESede");
|
|
|
308 |
|
|
|
309 |
put("AlgorithmParameters.PBEWithSHA1AndRC2_40",
|
|
|
310 |
"com.sun.crypto.provider.PBEParameters");
|
|
|
311 |
put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_RC2_40,
|
|
|
312 |
"PBEWithSHA1AndRC2_40");
|
|
|
313 |
put("Alg.Alias.AlgorithmParameters." + OID_PKCS12_RC2_40,
|
|
|
314 |
"PBEWithSHA1AndRC2_40");
|
|
|
315 |
|
|
|
316 |
put("AlgorithmParameters.Blowfish",
|
|
|
317 |
"com.sun.crypto.provider.BlowfishParameters");
|
|
|
318 |
|
|
|
319 |
put("AlgorithmParameters.AES",
|
|
|
320 |
"com.sun.crypto.provider.AESParameters");
|
|
|
321 |
put("Alg.Alias.AlgorithmParameters.Rijndael", "AES");
|
|
|
322 |
|
|
|
323 |
|
|
|
324 |
put("AlgorithmParameters.RC2",
|
|
|
325 |
"com.sun.crypto.provider.RC2Parameters");
|
|
|
326 |
|
|
|
327 |
put("AlgorithmParameters.OAEP",
|
|
|
328 |
"com.sun.crypto.provider.OAEPParameters");
|
|
|
329 |
|
|
|
330 |
|
|
|
331 |
/*
|
|
|
332 |
* Key factories
|
|
|
333 |
*/
|
|
|
334 |
put("KeyFactory.DiffieHellman",
|
|
|
335 |
"com.sun.crypto.provider.DHKeyFactory");
|
|
|
336 |
put("Alg.Alias.KeyFactory.DH", "DiffieHellman");
|
|
|
337 |
put("Alg.Alias.KeyFactory.OID."+OID_PKCS3,
|
|
|
338 |
"DiffieHellman");
|
|
|
339 |
put("Alg.Alias.KeyFactory."+OID_PKCS3, "DiffieHellman");
|
|
|
340 |
/*
|
|
|
341 |
* Secret-key factories
|
|
|
342 |
*/
|
|
|
343 |
put("SecretKeyFactory.DES",
|
|
|
344 |
"com.sun.crypto.provider.DESKeyFactory");
|
|
|
345 |
|
|
|
346 |
put("SecretKeyFactory.DESede",
|
|
|
347 |
"com.sun.crypto.provider.DESedeKeyFactory");
|
|
|
348 |
put("Alg.Alias.SecretKeyFactory.TripleDES", "DESede");
|
|
|
349 |
|
|
|
350 |
put("SecretKeyFactory.PBEWithMD5AndDES",
|
|
|
351 |
"com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES"
|
|
|
352 |
);
|
|
|
353 |
put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS5_MD5_DES,
|
|
|
354 |
"PBEWithMD5AndDES");
|
|
|
355 |
put("Alg.Alias.SecretKeyFactory."+OID_PKCS5_MD5_DES,
|
|
|
356 |
"PBEWithMD5AndDES");
|
|
|
357 |
|
|
|
358 |
put("Alg.Alias.SecretKeyFactory.PBE",
|
|
|
359 |
"PBEWithMD5AndDES");
|
|
|
360 |
|
|
|
361 |
/*
|
|
|
362 |
* Internal in-house crypto algorithm used for
|
|
|
363 |
* the JCEKS keystore type. Since this was developed
|
|
|
364 |
* internally, there isn't an OID corresponding to this
|
|
|
365 |
* algorithm.
|
|
|
366 |
*/
|
|
|
367 |
put("SecretKeyFactory.PBEWithMD5AndTripleDES",
|
|
|
368 |
"com.sun.crypto.provider.PBEKeyFactory$" +
|
|
|
369 |
"PBEWithMD5AndTripleDES"
|
|
|
370 |
);
|
|
|
371 |
|
|
|
372 |
put("SecretKeyFactory.PBEWithSHA1AndDESede",
|
|
|
373 |
"com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede"
|
|
|
374 |
);
|
|
|
375 |
put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS12_DESede,
|
|
|
376 |
"PBEWithSHA1AndDESede");
|
|
|
377 |
put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_DESede,
|
|
|
378 |
"PBEWithSHA1AndDESede");
|
|
|
379 |
|
|
|
380 |
put("SecretKeyFactory.PBEWithSHA1AndRC2_40",
|
|
|
381 |
"com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40"
|
|
|
382 |
);
|
|
|
383 |
put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS12_RC2_40,
|
|
|
384 |
"PBEWithSHA1AndRC2_40");
|
|
|
385 |
put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_RC2_40,
|
|
|
386 |
"PBEWithSHA1AndRC2_40");
|
|
|
387 |
|
|
|
388 |
put("SecretKeyFactory.PBKDF2WithHmacSHA1",
|
|
|
389 |
"com.sun.crypto.provider.PBKDF2HmacSHA1Factory");
|
|
|
390 |
put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS5_PBKDF2,
|
|
|
391 |
"PBKDF2WithHmacSHA1");
|
|
|
392 |
put("Alg.Alias.SecretKeyFactory." + OID_PKCS5_PBKDF2,
|
|
|
393 |
"PBKDF2WithHmacSHA1");
|
|
|
394 |
|
|
|
395 |
/*
|
|
|
396 |
* MAC
|
|
|
397 |
*/
|
|
|
398 |
put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5");
|
|
|
399 |
put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1");
|
|
|
400 |
put("Mac.HmacSHA256",
|
|
|
401 |
"com.sun.crypto.provider.HmacCore$HmacSHA256");
|
|
|
402 |
put("Mac.HmacSHA384",
|
|
|
403 |
"com.sun.crypto.provider.HmacCore$HmacSHA384");
|
|
|
404 |
put("Mac.HmacSHA512",
|
|
|
405 |
"com.sun.crypto.provider.HmacCore$HmacSHA512");
|
|
|
406 |
put("Mac.HmacPBESHA1",
|
|
|
407 |
"com.sun.crypto.provider.HmacPKCS12PBESHA1");
|
|
|
408 |
|
|
|
409 |
put("Mac.SslMacMD5",
|
|
|
410 |
"com.sun.crypto.provider.SslMacCore$SslMacMD5");
|
|
|
411 |
put("Mac.SslMacSHA1",
|
|
|
412 |
"com.sun.crypto.provider.SslMacCore$SslMacSHA1");
|
|
|
413 |
|
|
|
414 |
put("Mac.HmacMD5 SupportedKeyFormats", "RAW");
|
|
|
415 |
put("Mac.HmacSHA1 SupportedKeyFormats", "RAW");
|
|
|
416 |
put("Mac.HmacSHA256 SupportedKeyFormats", "RAW");
|
|
|
417 |
put("Mac.HmacSHA384 SupportedKeyFormats", "RAW");
|
|
|
418 |
put("Mac.HmacSHA512 SupportedKeyFormats", "RAW");
|
|
|
419 |
put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW");
|
|
|
420 |
put("Mac.SslMacMD5 SupportedKeyFormats", "RAW");
|
|
|
421 |
put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW");
|
|
|
422 |
|
|
|
423 |
/*
|
|
|
424 |
* KeyStore
|
|
|
425 |
*/
|
|
|
426 |
put("KeyStore.JCEKS", "com.sun.crypto.provider.JceKeyStore");
|
|
|
427 |
|
|
|
428 |
/*
|
|
|
429 |
* SSL/TLS mechanisms
|
|
|
430 |
*/
|
|
|
431 |
put("KeyGenerator.SunTlsPrf",
|
|
|
432 |
"com.sun.crypto.provider.TlsPrfGenerator");
|
|
|
433 |
put("KeyGenerator.SunTlsRsaPremasterSecret",
|
|
|
434 |
"com.sun.crypto.provider.TlsRsaPremasterSecretGenerator");
|
|
|
435 |
put("KeyGenerator.SunTlsMasterSecret",
|
|
|
436 |
"com.sun.crypto.provider.TlsMasterSecretGenerator");
|
|
|
437 |
put("KeyGenerator.SunTlsKeyMaterial",
|
|
|
438 |
"com.sun.crypto.provider.TlsKeyMaterialGenerator");
|
|
|
439 |
|
|
|
440 |
return null;
|
|
|
441 |
}
|
|
|
442 |
});
|
|
|
443 |
}
|
|
|
444 |
|
|
|
445 |
// set to true once self verification is complete
|
|
|
446 |
private static volatile boolean integrityVerified;
|
|
|
447 |
|
|
|
448 |
static void ensureIntegrity(Class c) {
|
|
|
449 |
if (verifySelfIntegrity(c) == false) {
|
|
|
450 |
throw new SecurityException("The SunJCE provider may have " +
|
|
|
451 |
"been tampered.");
|
|
|
452 |
}
|
|
|
453 |
}
|
|
|
454 |
|
|
|
455 |
static final boolean verifySelfIntegrity(Class c) {
|
|
|
456 |
if (verifiedSelfIntegrity) {
|
|
|
457 |
return true;
|
|
|
458 |
}
|
|
|
459 |
return (integrityVerified = JarVerifier.verify(c));
|
|
|
460 |
}
|
|
|
461 |
}
|