|
1 /* |
|
2 * Copyright 1997-2007 Sun Microsystems, Inc. All Rights Reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. Sun designates this |
|
8 * particular file as subject to the "Classpath" exception as provided |
|
9 * by Sun in the LICENSE file that accompanied this code. |
|
10 * |
|
11 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
14 * version 2 for more details (a copy is included in the LICENSE file that |
|
15 * accompanied this code). |
|
16 * |
|
17 * You should have received a copy of the GNU General Public License version |
|
18 * 2 along with this work; if not, write to the Free Software Foundation, |
|
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
20 * |
|
21 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
|
22 * CA 95054 USA or visit www.sun.com if you need additional information or |
|
23 * have any questions. |
|
24 */ |
|
25 |
|
26 package com.sun.crypto.provider; |
|
27 |
|
28 import java.security.AccessController; |
|
29 import java.security.Provider; |
|
30 import java.security.PrivilegedAction; |
|
31 import java.security.cert.*; |
|
32 import java.net.URL; |
|
33 import java.io.ByteArrayInputStream; |
|
34 import java.security.CodeSource; |
|
35 import java.security.SecureRandom; |
|
36 |
|
37 |
|
38 /** |
|
39 * The "SunJCE" Cryptographic Service Provider. |
|
40 * |
|
41 * @author Jan Luehe |
|
42 * @author Sharon Liu |
|
43 */ |
|
44 |
|
45 /** |
|
46 * Defines the "SunJCE" provider. |
|
47 * |
|
48 * Supported algorithms and their names: |
|
49 * |
|
50 * - RSA encryption (PKCS#1 v1.5 and raw) |
|
51 * |
|
52 * - DES |
|
53 * |
|
54 * - DES-EDE |
|
55 * |
|
56 * - AES |
|
57 * |
|
58 * - Blowfish |
|
59 * |
|
60 * - RC2 |
|
61 * |
|
62 * - ARCFOUR (RC4 compatible) |
|
63 * |
|
64 * - Cipher modes ECB, CBC, CFB, OFB, PCBC, CTR, and CTS for all block ciphers |
|
65 * |
|
66 * - Cipher padding ISO10126Padding for non-PKCS#5 block ciphers and |
|
67 * NoPadding and PKCS5Padding for all block ciphers |
|
68 * |
|
69 * - Password-based Encryption (PBE) |
|
70 * |
|
71 * - Diffie-Hellman Key Agreement |
|
72 * |
|
73 * - HMAC-MD5, HMAC-SHA1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512 |
|
74 * |
|
75 */ |
|
76 |
|
77 public final class SunJCE extends Provider { |
|
78 |
|
79 private static final long serialVersionUID = 6812507587804302833L; |
|
80 |
|
81 private static final String info = "SunJCE Provider " + |
|
82 "(implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, " |
|
83 + "Diffie-Hellman, HMAC)"; |
|
84 |
|
85 private static final String OID_PKCS12_RC2_40 = "1.2.840.113549.1.12.1.6"; |
|
86 private static final String OID_PKCS12_DESede = "1.2.840.113549.1.12.1.3"; |
|
87 private static final String OID_PKCS5_MD5_DES = "1.2.840.113549.1.5.3"; |
|
88 private static final String OID_PKCS5_PBKDF2 = "1.2.840.113549.1.5.12"; |
|
89 private static final String OID_PKCS3 = "1.2.840.113549.1.3.1"; |
|
90 |
|
91 /* Are we debugging? -- for developers */ |
|
92 static final boolean debug = false; |
|
93 |
|
94 static final SecureRandom RANDOM = new SecureRandom(); |
|
95 |
|
96 // After the SunJCE passed self-integrity checking, |
|
97 // verifiedSelfIntegrity will be set to true. |
|
98 private static boolean verifiedSelfIntegrity = false; |
|
99 |
|
100 public SunJCE() { |
|
101 /* We are the "SunJCE" provider */ |
|
102 super("SunJCE", 1.7d, info); |
|
103 |
|
104 final String BLOCK_MODES = "ECB|CBC|PCBC|CTR|CTS|CFB|OFB" + |
|
105 "|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64" + |
|
106 "|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64"; |
|
107 final String BLOCK_MODES128 = BLOCK_MODES + |
|
108 "|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128" + |
|
109 "|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128"; |
|
110 final String BLOCK_PADS = "NOPADDING|PKCS5PADDING|ISO10126PADDING"; |
|
111 |
|
112 AccessController.doPrivileged(new java.security.PrivilegedAction() { |
|
113 public Object run() { |
|
114 |
|
115 /* |
|
116 * Cipher engines |
|
117 */ |
|
118 put("Cipher.RSA", "com.sun.crypto.provider.RSACipher"); |
|
119 put("Cipher.RSA SupportedModes", "ECB"); |
|
120 put("Cipher.RSA SupportedPaddings", |
|
121 "NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING" |
|
122 + "|OAEPWITHSHA1ANDMGF1PADDING" |
|
123 + "|OAEPWITHSHA-1ANDMGF1PADDING" |
|
124 + "|OAEPWITHSHA-256ANDMGF1PADDING" |
|
125 + "|OAEPWITHSHA-384ANDMGF1PADDING" |
|
126 + "|OAEPWITHSHA-512ANDMGF1PADDING"); |
|
127 put("Cipher.RSA SupportedKeyClasses", |
|
128 "java.security.interfaces.RSAPublicKey" + |
|
129 "|java.security.interfaces.RSAPrivateKey"); |
|
130 |
|
131 put("Cipher.DES", "com.sun.crypto.provider.DESCipher"); |
|
132 put("Cipher.DES SupportedModes", BLOCK_MODES); |
|
133 put("Cipher.DES SupportedPaddings", BLOCK_PADS); |
|
134 put("Cipher.DES SupportedKeyFormats", "RAW"); |
|
135 |
|
136 put("Cipher.DESede", "com.sun.crypto.provider.DESedeCipher"); |
|
137 put("Alg.Alias.Cipher.TripleDES", "DESede"); |
|
138 put("Cipher.DESede SupportedModes", BLOCK_MODES); |
|
139 put("Cipher.DESede SupportedPaddings", BLOCK_PADS); |
|
140 put("Cipher.DESede SupportedKeyFormats", "RAW"); |
|
141 |
|
142 put("Cipher.DESedeWrap", |
|
143 "com.sun.crypto.provider.DESedeWrapCipher"); |
|
144 put("Cipher.DESedeWrap SupportedModes", "CBC"); |
|
145 put("Cipher.DESedeWrap SupportedPaddings", "NOPADDING"); |
|
146 put("Cipher.DESedeWrap SupportedKeyFormats", "RAW"); |
|
147 |
|
148 put("Cipher.PBEWithMD5AndDES", |
|
149 "com.sun.crypto.provider.PBEWithMD5AndDESCipher"); |
|
150 put("Alg.Alias.Cipher.OID."+OID_PKCS5_MD5_DES, |
|
151 "PBEWithMD5AndDES"); |
|
152 put("Alg.Alias.Cipher."+OID_PKCS5_MD5_DES, |
|
153 "PBEWithMD5AndDES"); |
|
154 put("Cipher.PBEWithMD5AndTripleDES", |
|
155 "com.sun.crypto.provider.PBEWithMD5AndTripleDESCipher"); |
|
156 put("Cipher.PBEWithSHA1AndRC2_40", |
|
157 "com.sun.crypto.provider.PKCS12PBECipherCore$" + |
|
158 "PBEWithSHA1AndRC2_40"); |
|
159 put("Alg.Alias.Cipher.OID." + OID_PKCS12_RC2_40, |
|
160 "PBEWithSHA1AndRC2_40"); |
|
161 put("Alg.Alias.Cipher." + OID_PKCS12_RC2_40, |
|
162 "PBEWithSHA1AndRC2_40"); |
|
163 put("Cipher.PBEWithSHA1AndDESede", |
|
164 "com.sun.crypto.provider.PKCS12PBECipherCore$" + |
|
165 "PBEWithSHA1AndDESede"); |
|
166 put("Alg.Alias.Cipher.OID." + OID_PKCS12_DESede, |
|
167 "PBEWithSHA1AndDESede"); |
|
168 put("Alg.Alias.Cipher." + OID_PKCS12_DESede, |
|
169 "PBEWithSHA1AndDESede"); |
|
170 |
|
171 put("Cipher.Blowfish", |
|
172 "com.sun.crypto.provider.BlowfishCipher"); |
|
173 put("Cipher.Blowfish SupportedModes", BLOCK_MODES); |
|
174 put("Cipher.Blowfish SupportedPaddings", BLOCK_PADS); |
|
175 put("Cipher.Blowfish SupportedKeyFormats", "RAW"); |
|
176 |
|
177 put("Cipher.AES", "com.sun.crypto.provider.AESCipher"); |
|
178 put("Alg.Alias.Cipher.Rijndael", "AES"); |
|
179 put("Cipher.AES SupportedModes", BLOCK_MODES128); |
|
180 put("Cipher.AES SupportedPaddings", BLOCK_PADS); |
|
181 put("Cipher.AES SupportedKeyFormats", "RAW"); |
|
182 |
|
183 put("Cipher.AESWrap", "com.sun.crypto.provider.AESWrapCipher"); |
|
184 put("Cipher.AESWrap SupportedModes", "ECB"); |
|
185 put("Cipher.AESWrap SupportedPaddings", "NOPADDING"); |
|
186 put("Cipher.AESWrap SupportedKeyFormats", "RAW"); |
|
187 |
|
188 put("Cipher.RC2", |
|
189 "com.sun.crypto.provider.RC2Cipher"); |
|
190 put("Cipher.RC2 SupportedModes", BLOCK_MODES); |
|
191 put("Cipher.RC2 SupportedPaddings", BLOCK_PADS); |
|
192 put("Cipher.RC2 SupportedKeyFormats", "RAW"); |
|
193 |
|
194 put("Cipher.ARCFOUR", |
|
195 "com.sun.crypto.provider.ARCFOURCipher"); |
|
196 put("Alg.Alias.Cipher.RC4", "ARCFOUR"); |
|
197 put("Cipher.ARCFOUR SupportedModes", "ECB"); |
|
198 put("Cipher.ARCFOUR SupportedPaddings", "NOPADDING"); |
|
199 put("Cipher.ARCFOUR SupportedKeyFormats", "RAW"); |
|
200 |
|
201 /* |
|
202 * Key(pair) Generator engines |
|
203 */ |
|
204 put("KeyGenerator.DES", |
|
205 "com.sun.crypto.provider.DESKeyGenerator"); |
|
206 |
|
207 put("KeyGenerator.DESede", |
|
208 "com.sun.crypto.provider.DESedeKeyGenerator"); |
|
209 put("Alg.Alias.KeyGenerator.TripleDES", "DESede"); |
|
210 |
|
211 put("KeyGenerator.Blowfish", |
|
212 "com.sun.crypto.provider.BlowfishKeyGenerator"); |
|
213 |
|
214 put("KeyGenerator.AES", |
|
215 "com.sun.crypto.provider.AESKeyGenerator"); |
|
216 put("Alg.Alias.KeyGenerator.Rijndael", "AES"); |
|
217 |
|
218 put("KeyGenerator.RC2", |
|
219 "com.sun.crypto.provider.KeyGeneratorCore$" + |
|
220 "RC2KeyGenerator"); |
|
221 put("KeyGenerator.ARCFOUR", |
|
222 "com.sun.crypto.provider.KeyGeneratorCore$" + |
|
223 "ARCFOURKeyGenerator"); |
|
224 put("Alg.Alias.KeyGenerator.RC4", "ARCFOUR"); |
|
225 |
|
226 put("KeyGenerator.HmacMD5", |
|
227 "com.sun.crypto.provider.HmacMD5KeyGenerator"); |
|
228 |
|
229 put("KeyGenerator.HmacSHA1", |
|
230 "com.sun.crypto.provider.HmacSHA1KeyGenerator"); |
|
231 |
|
232 put("KeyGenerator.HmacSHA256", |
|
233 "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA256KG"); |
|
234 put("KeyGenerator.HmacSHA384", |
|
235 "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA384KG"); |
|
236 put("KeyGenerator.HmacSHA512", |
|
237 "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA512KG"); |
|
238 |
|
239 put("KeyPairGenerator.DiffieHellman", |
|
240 "com.sun.crypto.provider.DHKeyPairGenerator"); |
|
241 put("Alg.Alias.KeyPairGenerator.DH", "DiffieHellman"); |
|
242 put("Alg.Alias.KeyPairGenerator.OID."+OID_PKCS3, |
|
243 "DiffieHellman"); |
|
244 put("Alg.Alias.KeyPairGenerator."+OID_PKCS3, |
|
245 "DiffieHellman"); |
|
246 /* |
|
247 * Algorithm parameter generation engines |
|
248 */ |
|
249 put("AlgorithmParameterGenerator.DiffieHellman", |
|
250 "com.sun.crypto.provider.DHParameterGenerator"); |
|
251 put("Alg.Alias.AlgorithmParameterGenerator.DH", |
|
252 "DiffieHellman"); |
|
253 put("Alg.Alias.AlgorithmParameterGenerator.OID."+OID_PKCS3, |
|
254 "DiffieHellman"); |
|
255 put("Alg.Alias.AlgorithmParameterGenerator."+OID_PKCS3, |
|
256 "DiffieHellman"); |
|
257 |
|
258 /* |
|
259 * Key Agreement engines |
|
260 */ |
|
261 put("KeyAgreement.DiffieHellman", |
|
262 "com.sun.crypto.provider.DHKeyAgreement"); |
|
263 put("Alg.Alias.KeyAgreement.DH", "DiffieHellman"); |
|
264 put("Alg.Alias.KeyAgreement.OID."+OID_PKCS3, "DiffieHellman"); |
|
265 put("Alg.Alias.KeyAgreement."+OID_PKCS3, "DiffieHellman"); |
|
266 |
|
267 put("KeyAgreement.DiffieHellman SupportedKeyClasses", |
|
268 "javax.crypto.interfaces.DHPublicKey" + |
|
269 "|javax.crypto.interfaces.DHPrivateKey"); |
|
270 |
|
271 /* |
|
272 * Algorithm Parameter engines |
|
273 */ |
|
274 put("AlgorithmParameters.DiffieHellman", |
|
275 "com.sun.crypto.provider.DHParameters"); |
|
276 put("Alg.Alias.AlgorithmParameters.DH", "DiffieHellman"); |
|
277 put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS3, |
|
278 "DiffieHellman"); |
|
279 put("Alg.Alias.AlgorithmParameters."+OID_PKCS3, |
|
280 "DiffieHellman"); |
|
281 |
|
282 put("AlgorithmParameters.DES", |
|
283 "com.sun.crypto.provider.DESParameters"); |
|
284 |
|
285 put("AlgorithmParameters.DESede", |
|
286 "com.sun.crypto.provider.DESedeParameters"); |
|
287 put("Alg.Alias.AlgorithmParameters.TripleDES", "DESede"); |
|
288 |
|
289 put("AlgorithmParameters.PBE", |
|
290 "com.sun.crypto.provider.PBEParameters"); |
|
291 |
|
292 put("AlgorithmParameters.PBEWithMD5AndDES", |
|
293 "com.sun.crypto.provider.PBEParameters"); |
|
294 put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS5_MD5_DES, |
|
295 "PBEWithMD5AndDES"); |
|
296 put("Alg.Alias.AlgorithmParameters."+OID_PKCS5_MD5_DES, |
|
297 "PBEWithMD5AndDES"); |
|
298 |
|
299 put("AlgorithmParameters.PBEWithMD5AndTripleDES", |
|
300 "com.sun.crypto.provider.PBEParameters"); |
|
301 |
|
302 put("AlgorithmParameters.PBEWithSHA1AndDESede", |
|
303 "com.sun.crypto.provider.PBEParameters"); |
|
304 put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_DESede, |
|
305 "PBEWithSHA1AndDESede"); |
|
306 put("Alg.Alias.AlgorithmParameters."+OID_PKCS12_DESede, |
|
307 "PBEWithSHA1AndDESede"); |
|
308 |
|
309 put("AlgorithmParameters.PBEWithSHA1AndRC2_40", |
|
310 "com.sun.crypto.provider.PBEParameters"); |
|
311 put("Alg.Alias.AlgorithmParameters.OID."+OID_PKCS12_RC2_40, |
|
312 "PBEWithSHA1AndRC2_40"); |
|
313 put("Alg.Alias.AlgorithmParameters." + OID_PKCS12_RC2_40, |
|
314 "PBEWithSHA1AndRC2_40"); |
|
315 |
|
316 put("AlgorithmParameters.Blowfish", |
|
317 "com.sun.crypto.provider.BlowfishParameters"); |
|
318 |
|
319 put("AlgorithmParameters.AES", |
|
320 "com.sun.crypto.provider.AESParameters"); |
|
321 put("Alg.Alias.AlgorithmParameters.Rijndael", "AES"); |
|
322 |
|
323 |
|
324 put("AlgorithmParameters.RC2", |
|
325 "com.sun.crypto.provider.RC2Parameters"); |
|
326 |
|
327 put("AlgorithmParameters.OAEP", |
|
328 "com.sun.crypto.provider.OAEPParameters"); |
|
329 |
|
330 |
|
331 /* |
|
332 * Key factories |
|
333 */ |
|
334 put("KeyFactory.DiffieHellman", |
|
335 "com.sun.crypto.provider.DHKeyFactory"); |
|
336 put("Alg.Alias.KeyFactory.DH", "DiffieHellman"); |
|
337 put("Alg.Alias.KeyFactory.OID."+OID_PKCS3, |
|
338 "DiffieHellman"); |
|
339 put("Alg.Alias.KeyFactory."+OID_PKCS3, "DiffieHellman"); |
|
340 /* |
|
341 * Secret-key factories |
|
342 */ |
|
343 put("SecretKeyFactory.DES", |
|
344 "com.sun.crypto.provider.DESKeyFactory"); |
|
345 |
|
346 put("SecretKeyFactory.DESede", |
|
347 "com.sun.crypto.provider.DESedeKeyFactory"); |
|
348 put("Alg.Alias.SecretKeyFactory.TripleDES", "DESede"); |
|
349 |
|
350 put("SecretKeyFactory.PBEWithMD5AndDES", |
|
351 "com.sun.crypto.provider.PBEKeyFactory$PBEWithMD5AndDES" |
|
352 ); |
|
353 put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS5_MD5_DES, |
|
354 "PBEWithMD5AndDES"); |
|
355 put("Alg.Alias.SecretKeyFactory."+OID_PKCS5_MD5_DES, |
|
356 "PBEWithMD5AndDES"); |
|
357 |
|
358 put("Alg.Alias.SecretKeyFactory.PBE", |
|
359 "PBEWithMD5AndDES"); |
|
360 |
|
361 /* |
|
362 * Internal in-house crypto algorithm used for |
|
363 * the JCEKS keystore type. Since this was developed |
|
364 * internally, there isn't an OID corresponding to this |
|
365 * algorithm. |
|
366 */ |
|
367 put("SecretKeyFactory.PBEWithMD5AndTripleDES", |
|
368 "com.sun.crypto.provider.PBEKeyFactory$" + |
|
369 "PBEWithMD5AndTripleDES" |
|
370 ); |
|
371 |
|
372 put("SecretKeyFactory.PBEWithSHA1AndDESede", |
|
373 "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndDESede" |
|
374 ); |
|
375 put("Alg.Alias.SecretKeyFactory.OID."+OID_PKCS12_DESede, |
|
376 "PBEWithSHA1AndDESede"); |
|
377 put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_DESede, |
|
378 "PBEWithSHA1AndDESede"); |
|
379 |
|
380 put("SecretKeyFactory.PBEWithSHA1AndRC2_40", |
|
381 "com.sun.crypto.provider.PBEKeyFactory$PBEWithSHA1AndRC2_40" |
|
382 ); |
|
383 put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS12_RC2_40, |
|
384 "PBEWithSHA1AndRC2_40"); |
|
385 put("Alg.Alias.SecretKeyFactory." + OID_PKCS12_RC2_40, |
|
386 "PBEWithSHA1AndRC2_40"); |
|
387 |
|
388 put("SecretKeyFactory.PBKDF2WithHmacSHA1", |
|
389 "com.sun.crypto.provider.PBKDF2HmacSHA1Factory"); |
|
390 put("Alg.Alias.SecretKeyFactory.OID." + OID_PKCS5_PBKDF2, |
|
391 "PBKDF2WithHmacSHA1"); |
|
392 put("Alg.Alias.SecretKeyFactory." + OID_PKCS5_PBKDF2, |
|
393 "PBKDF2WithHmacSHA1"); |
|
394 |
|
395 /* |
|
396 * MAC |
|
397 */ |
|
398 put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5"); |
|
399 put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1"); |
|
400 put("Mac.HmacSHA256", |
|
401 "com.sun.crypto.provider.HmacCore$HmacSHA256"); |
|
402 put("Mac.HmacSHA384", |
|
403 "com.sun.crypto.provider.HmacCore$HmacSHA384"); |
|
404 put("Mac.HmacSHA512", |
|
405 "com.sun.crypto.provider.HmacCore$HmacSHA512"); |
|
406 put("Mac.HmacPBESHA1", |
|
407 "com.sun.crypto.provider.HmacPKCS12PBESHA1"); |
|
408 |
|
409 put("Mac.SslMacMD5", |
|
410 "com.sun.crypto.provider.SslMacCore$SslMacMD5"); |
|
411 put("Mac.SslMacSHA1", |
|
412 "com.sun.crypto.provider.SslMacCore$SslMacSHA1"); |
|
413 |
|
414 put("Mac.HmacMD5 SupportedKeyFormats", "RAW"); |
|
415 put("Mac.HmacSHA1 SupportedKeyFormats", "RAW"); |
|
416 put("Mac.HmacSHA256 SupportedKeyFormats", "RAW"); |
|
417 put("Mac.HmacSHA384 SupportedKeyFormats", "RAW"); |
|
418 put("Mac.HmacSHA512 SupportedKeyFormats", "RAW"); |
|
419 put("Mac.HmacPBESHA1 SupportedKeyFormats", "RAW"); |
|
420 put("Mac.SslMacMD5 SupportedKeyFormats", "RAW"); |
|
421 put("Mac.SslMacSHA1 SupportedKeyFormats", "RAW"); |
|
422 |
|
423 /* |
|
424 * KeyStore |
|
425 */ |
|
426 put("KeyStore.JCEKS", "com.sun.crypto.provider.JceKeyStore"); |
|
427 |
|
428 /* |
|
429 * SSL/TLS mechanisms |
|
430 */ |
|
431 put("KeyGenerator.SunTlsPrf", |
|
432 "com.sun.crypto.provider.TlsPrfGenerator"); |
|
433 put("KeyGenerator.SunTlsRsaPremasterSecret", |
|
434 "com.sun.crypto.provider.TlsRsaPremasterSecretGenerator"); |
|
435 put("KeyGenerator.SunTlsMasterSecret", |
|
436 "com.sun.crypto.provider.TlsMasterSecretGenerator"); |
|
437 put("KeyGenerator.SunTlsKeyMaterial", |
|
438 "com.sun.crypto.provider.TlsKeyMaterialGenerator"); |
|
439 |
|
440 return null; |
|
441 } |
|
442 }); |
|
443 } |
|
444 |
|
445 // set to true once self verification is complete |
|
446 private static volatile boolean integrityVerified; |
|
447 |
|
448 static void ensureIntegrity(Class c) { |
|
449 if (verifySelfIntegrity(c) == false) { |
|
450 throw new SecurityException("The SunJCE provider may have " + |
|
451 "been tampered."); |
|
452 } |
|
453 } |
|
454 |
|
455 static final boolean verifySelfIntegrity(Class c) { |
|
456 if (verifiedSelfIntegrity) { |
|
457 return true; |
|
458 } |
|
459 return (integrityVerified = JarVerifier.verify(c)); |
|
460 } |
|
461 } |