25 |
25 |
26 package sun.security.ssl; |
26 package sun.security.ssl; |
27 |
27 |
28 import java.security.*; |
28 import java.security.*; |
29 import java.util.*; |
29 import java.util.*; |
30 import sun.security.rsa.SunRsaSignEntries; |
|
31 import static sun.security.util.SecurityConstants.PROVIDER_VER; |
30 import static sun.security.util.SecurityConstants.PROVIDER_VER; |
32 import static sun.security.provider.SunEntries.createAliases; |
31 import static sun.security.provider.SunEntries.createAliases; |
33 |
32 |
34 /** |
33 /** |
35 * The JSSE provider. |
34 * The JSSE provider. |
36 * |
|
37 * The RSA implementation has been removed from JSSE, but we still need to |
|
38 * register the same algorithms for compatibility. We just point to the RSA |
|
39 * implementation in the SunRsaSign provider. This works because all classes |
|
40 * are in the bootclasspath and therefore loaded by the same classloader. |
|
41 * |
35 * |
42 * SunJSSE now supports an experimental FIPS compliant mode when used with an |
36 * SunJSSE now supports an experimental FIPS compliant mode when used with an |
43 * appropriate FIPS certified crypto provider. In FIPS mode, we: |
37 * appropriate FIPS certified crypto provider. In FIPS mode, we: |
44 * . allow only TLS 1.0 or later |
38 * . allow only TLS 1.0 or later |
45 * . allow only FIPS approved ciphersuites |
39 * . allow only FIPS approved ciphersuites |
82 List<String> aliases, HashMap<String, String> attrs) { |
76 List<String> aliases, HashMap<String, String> attrs) { |
83 putService(new Provider.Service(this, type, algo, cn, aliases, attrs)); |
77 putService(new Provider.Service(this, type, algo, cn, aliases, attrs)); |
84 } |
78 } |
85 |
79 |
86 private void doRegister() { |
80 private void doRegister() { |
87 Iterator<Provider.Service> rsaIter = |
|
88 new SunRsaSignEntries(this).iterator(); |
|
89 while (rsaIter.hasNext()) { |
|
90 putService(rsaIter.next()); |
|
91 } |
|
92 |
|
93 ps("Signature", "MD5andSHA1withRSA", |
81 ps("Signature", "MD5andSHA1withRSA", |
94 "sun.security.ssl.RSASignature", null, null); |
82 "sun.security.ssl.RSASignature", null, null); |
95 |
83 |
96 ps("KeyManagerFactory", "SunX509", |
84 ps("KeyManagerFactory", "SunX509", |
97 "sun.security.ssl.KeyManagerFactoryImpl$SunX509", null, null); |
85 "sun.security.ssl.KeyManagerFactoryImpl$SunX509", null, null); |