--- a/src/java.base/share/classes/sun/security/ssl/RSASignature.java Fri May 11 14:55:56 2018 -0700
+++ b/src/java.base/share/classes/sun/security/ssl/RSASignature.java Fri May 11 15:53:12 2018 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,10 +23,10 @@
* questions.
*/
-
package sun.security.ssl;
import java.security.*;
+import java.security.spec.AlgorithmParameterSpec;
/**
* Signature implementation for the SSL/TLS RSA Signature variant with both
@@ -45,35 +45,35 @@
* getInternalInstance() method.
*
* This class is not thread safe.
- *
*/
public final class RSASignature extends SignatureSpi {
-
private final Signature rawRsa;
- private MessageDigest md5, sha;
-
- // flag indicating if the MessageDigests are in reset state
- private boolean isReset;
+ private final MessageDigest mdMD5;
+ private final MessageDigest mdSHA;
public RSASignature() throws NoSuchAlgorithmException {
super();
rawRsa = JsseJce.getSignature(JsseJce.SIGNATURE_RAWRSA);
- isReset = true;
+ this.mdMD5 = JsseJce.getMessageDigest("MD5");
+ this.mdSHA = JsseJce.getMessageDigest("SHA");
}
/**
- * Get an implementation for the RSA signature. Follows the standard
- * JCA getInstance() model, so it return the implementation from the
- * provider with the highest precedence, which may be this class.
+ * Get an implementation for the RSA signature.
+ *
+ * Follows the standard JCA getInstance() model, so it return the
+ * implementation from the provider with the highest precedence,
+ * which may be this class.
*/
static Signature getInstance() throws NoSuchAlgorithmException {
return JsseJce.getSignature(JsseJce.SIGNATURE_SSLRSA);
}
/**
- * Get an internal implementation for the RSA signature. Used for RSA
- * client authentication, which needs the ability to set the digests
- * to externally provided values via the setHashes() method.
+ * Get an internal implementation for the RSA signature.
+ *
+ * Used for RSA client authentication, which needs the ability to set
+ * the digests to externally provided values via the setHashes() method.
*/
static Signature getInternalInstance()
throws NoSuchAlgorithmException, NoSuchProviderException {
@@ -88,28 +88,14 @@
sig.setParameter("hashes", new MessageDigest[] {md5, sha});
}
- /**
- * Reset the MessageDigests unless they are already reset.
- */
- private void reset() {
- if (isReset == false) {
- md5.reset();
- sha.reset();
- isReset = true;
- }
- }
-
- private static void checkNull(Key key) throws InvalidKeyException {
- if (key == null) {
- throw new InvalidKeyException("Key must not be null");
- }
- }
-
@Override
protected void engineInitVerify(PublicKey publicKey)
throws InvalidKeyException {
- checkNull(publicKey);
- reset();
+ if (publicKey == null) {
+ throw new InvalidKeyException("Public key must not be null");
+ }
+ mdMD5.reset();
+ mdSHA.reset();
rawRsa.initVerify(publicKey);
}
@@ -122,42 +108,31 @@
@Override
protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
throws InvalidKeyException {
- checkNull(privateKey);
- reset();
+ if (privateKey == null) {
+ throw new InvalidKeyException("Private key must not be null");
+ }
+ mdMD5.reset();
+ mdSHA.reset();
rawRsa.initSign(privateKey, random);
}
- // lazily initialize the MessageDigests
- private void initDigests() {
- if (md5 == null) {
- md5 = JsseJce.getMD5();
- sha = JsseJce.getSHA();
- }
- }
-
@Override
protected void engineUpdate(byte b) {
- initDigests();
- isReset = false;
- md5.update(b);
- sha.update(b);
+ mdMD5.update(b);
+ mdSHA.update(b);
}
@Override
protected void engineUpdate(byte[] b, int off, int len) {
- initDigests();
- isReset = false;
- md5.update(b, off, len);
- sha.update(b, off, len);
+ mdMD5.update(b, off, len);
+ mdSHA.update(b, off, len);
}
private byte[] getDigest() throws SignatureException {
try {
- initDigests();
byte[] data = new byte[36];
- md5.digest(data, 0, 16);
- sha.digest(data, 16, 20);
- isReset = true;
+ mdMD5.digest(data, 0, 16);
+ mdSHA.digest(data, 16, 20);
return data;
} catch (DigestException e) {
// should never occur
@@ -185,26 +160,28 @@
@Override
@SuppressWarnings("deprecation")
- protected void engineSetParameter(String param, Object value)
- throws InvalidParameterException {
- if (param.equals("hashes") == false) {
- throw new InvalidParameterException
- ("Parameter not supported: " + param);
+ protected void engineSetParameter(String param,
+ Object value) throws InvalidParameterException {
+ throw new InvalidParameterException("Parameters not supported");
+ }
+
+ @Override
+ protected void engineSetParameter(AlgorithmParameterSpec params)
+ throws InvalidAlgorithmParameterException {
+ if (params != null) {
+ throw new InvalidAlgorithmParameterException("No parameters accepted");
}
- if (value instanceof MessageDigest[] == false) {
- throw new InvalidParameterException
- ("value must be MessageDigest[]");
- }
- MessageDigest[] digests = (MessageDigest[])value;
- md5 = digests[0];
- sha = digests[1];
}
@Override
@SuppressWarnings("deprecation")
- protected Object engineGetParameter(String param)
- throws InvalidParameterException {
+ protected Object engineGetParameter(
+ String param) throws InvalidParameterException {
throw new InvalidParameterException("Parameters not supported");
}
+ @Override
+ protected AlgorithmParameters engineGetParameters() {
+ return null;
+ }
}