jdk-sandbox: comparison src/java.base/share/classes/sun/security/ssl/RSASignature.java

equal deleted inserted replaced

-:356eaea05bf0
+:68fa3d4026ea
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */
 package sun.security.ssl;
 import java.security.*;
 import java.security.spec.AlgorithmParameterSpec;
 * implementation allows the hashes to be explicitly set, which is required
 * for RSA client authentication. It can be obtained via the
 * getInternalInstance() method.
 *
 * This class is not thread safe.
-*
 */
 public final class RSASignature extends SignatureSpi {
 private final Signature rawRsa;
-private MessageDigest md5, sha;
+private final MessageDigest mdMD5;
+private final MessageDigest mdSHA;
-// flag indicating if the MessageDigests are in reset state
-private boolean isReset;
 public RSASignature() throws NoSuchAlgorithmException {
 super();
 rawRsa = JsseJce.getSignature(JsseJce.SIGNATURE_RAWRSA);
-isReset = true;
+this.mdMD5 = JsseJce.getMessageDigest("MD5");
+this.mdSHA = JsseJce.getMessageDigest("SHA");
 }
 /**
-* Get an implementation for the RSA signature. Follows the standard
+* Get an implementation for the RSA signature.
-* JCA getInstance() model, so it return the implementation from the
+*
-* provider with the highest precedence, which may be this class.
+* Follows the standard JCA getInstance() model, so it return the
+* implementation from the  provider with the highest precedence,
+* which may be this class.
 */
 static Signature getInstance() throws NoSuchAlgorithmException {
 return JsseJce.getSignature(JsseJce.SIGNATURE_SSLRSA);
 }
-/**
-* Get an internal implementation for the RSA signature. Used for RSA
-* client authentication, which needs the ability to set the digests
-* to externally provided values via the setHashes() method.
-*/
-static Signature getInternalInstance()
-throws NoSuchAlgorithmException, NoSuchProviderException {
-return Signature.getInstance(JsseJce.SIGNATURE_SSLRSA, "SunJSSE");
-}
-/**
-* Set the MD5 and SHA hashes to the provided objects.
-*/
-@SuppressWarnings("deprecation")
-static void setHashes(Signature sig, MessageDigest md5, MessageDigest sha) {
-sig.setParameter("hashes", new MessageDigest[] {md5, sha});
-}
-/**
-* Reset the MessageDigests unless they are already reset.
-*/
-private void reset() {
-if (isReset == false) {
-md5.reset();
-sha.reset();
-isReset = true;
-}
-}
-private static void checkNull(Key key) throws InvalidKeyException {
-if (key == null) {
-throw new InvalidKeyException("Key must not be null");
-}
-}
 @Override
 protected void engineInitVerify(PublicKey publicKey)
 throws InvalidKeyException {
-checkNull(publicKey);
+if (publicKey == null) {
-reset();
+throw new InvalidKeyException("Public key must not be null");
+}
+mdMD5.reset();
+mdSHA.reset();
 rawRsa.initVerify(publicKey);
 }
 @Override
 protected void engineInitSign(PrivateKey privateKey)
 }
 @Override
 protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
 throws InvalidKeyException {
-checkNull(privateKey);
+if (privateKey == null) {
-reset();
+throw new InvalidKeyException("Private key must not be null");
+}
+mdMD5.reset();
+mdSHA.reset();
 rawRsa.initSign(privateKey, random);
-}
-// lazily initialize the MessageDigests
-private void initDigests() {
-if (md5 == null) {
-md5 = JsseJce.getMD5();
-sha = JsseJce.getSHA();
-}
 }
 @Override
 protected void engineUpdate(byte b) {
-initDigests();
+mdMD5.update(b);
-isReset = false;
+mdSHA.update(b);
-md5.update(b);
-sha.update(b);
 }
 @Override
 protected void engineUpdate(byte[] b, int off, int len) {
-initDigests();
+mdMD5.update(b, off, len);
-isReset = false;
+mdSHA.update(b, off, len);
-md5.update(b, off, len);
-sha.update(b, off, len);
 }
 private byte[] getDigest() throws SignatureException {
 try {
-initDigests();
 byte[] data = new byte[36];
-md5.digest(data, 0, 16);
+mdMD5.digest(data, 0, 16);
-sha.digest(data, 16, 20);
+mdSHA.digest(data, 16, 20);
-isReset = true;
 return data;
 } catch (DigestException e) {
 // should never occur
 throw new SignatureException(e);
 }
 return rawRsa.verify(sigBytes, offset, length);
 }
 @Override
 @SuppressWarnings("deprecation")
-protected void engineSetParameter(String param, Object value)
+protected void engineSetParameter(String param,
-throws InvalidParameterException {
+Object value) throws InvalidParameterException {
-if (param.equals("hashes") == false) {
+throw new InvalidParameterException("Parameters not supported");
-throw new InvalidParameterException
-("Parameter not supported: " + param);
-}
-if (value instanceof MessageDigest[] == false) {
-throw new InvalidParameterException
-("value must be MessageDigest[]");
-}
-MessageDigest[] digests = (MessageDigest[])value;
-md5 = digests[0];
-sha = digests[1];
 }
 @Override
 protected void engineSetParameter(AlgorithmParameterSpec params)
 throws InvalidAlgorithmParameterException {
 }
 }
 @Override
 @SuppressWarnings("deprecation")
-protected Object engineGetParameter(String param)
+protected Object engineGetParameter(
-throws InvalidParameterException {
+String param) throws InvalidParameterException {
 throw new InvalidParameterException("Parameters not supported");
 }
 @Override
 protected AlgorithmParameters engineGetParameters() {

changeset 50768	68fa3d4026ea
parent 50204	3195a713e24d
child 53734	cb1642ccc732