diff -r a2bf68a0365f -r f9e03aef3a49 src/java.base/share/classes/sun/security/util/SecurityProviderConstants.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/java.base/share/classes/sun/security/util/SecurityProviderConstants.java Thu Jul 13 20:41:59 2017 +0000 @@ -0,0 +1,131 @@ +/* + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +package sun.security.util; + +import java.util.regex.PatternSyntaxException; +import java.security.InvalidParameterException; +import sun.security.action.GetPropertyAction; + +/** + * Various constants such as version number, default key length, used by + * the JDK security/crypto providers. + */ +public final class SecurityProviderConstants { + private static final Debug debug = + Debug.getInstance("jca", "ProviderConfig"); + + // Cannot create one of these + private SecurityProviderConstants () { + } + + public static final int getDefDSASubprimeSize(int primeSize) { + if (primeSize <= 1024) { + return 160; + } else if (primeSize == 2048) { + return 224; + } else if (primeSize == 3072) { + return 256; + } else { + throw new InvalidParameterException("Invalid DSA Prime Size: " + + primeSize); + } + } + + public static final int DEF_DSA_KEY_SIZE; + public static final int DEF_RSA_KEY_SIZE; + public static final int DEF_DH_KEY_SIZE; + public static final int DEF_EC_KEY_SIZE; + + private static final String KEY_LENGTH_PROP = + "jdk.security.defaultKeySize"; + static { + String keyLengthStr = GetPropertyAction.privilegedGetProperty + (KEY_LENGTH_PROP); + int dsaKeySize = 1024; + int rsaKeySize = 2048; + int dhKeySize = 2048; + int ecKeySize = 256; + + if (keyLengthStr != null) { + try { + String[] pairs = keyLengthStr.split(","); + for (String p : pairs) { + String[] algoAndValue = p.split(":"); + if (algoAndValue.length != 2) { + // invalid pair, skip to next pair + if (debug != null) { + debug.println("Ignoring invalid pair in " + + KEY_LENGTH_PROP + " property: " + p); + } + continue; + } + String algoName = algoAndValue[0].trim().toUpperCase(); + int value = -1; + try { + value = Integer.parseInt(algoAndValue[1].trim()); + } catch (NumberFormatException nfe) { + // invalid value, skip to next pair + if (debug != null) { + debug.println("Ignoring invalid value in " + + KEY_LENGTH_PROP + " property: " + p); + } + continue; + } + if (algoName.equals("DSA")) { + dsaKeySize = value; + } else if (algoName.equals("RSA")) { + rsaKeySize = value; + } else if (algoName.equals("DH")) { + dhKeySize = value; + } else if (algoName.equals("EC")) { + ecKeySize = value; + } else { + if (debug != null) { + debug.println("Ignoring unsupported algo in " + + KEY_LENGTH_PROP + " property: " + p); + } + continue; + } + if (debug != null) { + debug.println("Overriding default " + algoName + + " keysize with value from " + + KEY_LENGTH_PROP + " property: " + value); + } + } + } catch (PatternSyntaxException pse) { + // if property syntax is not followed correctly + if (debug != null) { + debug.println("Unexpected exception while parsing " + + KEY_LENGTH_PROP + " property: " + pse); + } + } + } + DEF_DSA_KEY_SIZE = dsaKeySize; + DEF_RSA_KEY_SIZE = rsaKeySize; + DEF_DH_KEY_SIZE = dhKeySize; + DEF_EC_KEY_SIZE = ecKeySize; + } +}