META-INF.modules.java.base.classes.sun.security.provider.SunEntries Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of java.base Show documentation
Show all versions of java.base Show documentation
Bytecoder java.base Module
/*
* Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.provider;
import java.io.*;
import java.net.*;
import java.util.*;
import java.security.*;
import jdk.internal.util.StaticProperty;
import sun.security.action.GetPropertyAction;
/**
* Defines the entries of the SUN provider.
*
* Algorithms supported, and their names:
*
* - SHA is the message digest scheme described in FIPS 180-1.
* Aliases for SHA are SHA-1 and SHA1.
*
* - SHA1withDSA is the signature scheme described in FIPS 186.
* (SHA used in DSA is SHA-1: FIPS 186 with Change No 1.)
* Aliases for SHA1withDSA are DSA, DSS, SHA/DSA, SHA-1/DSA, SHA1/DSA,
* SHAwithDSA, DSAWithSHA1, and the object
* identifier strings "OID.1.3.14.3.2.13", "OID.1.3.14.3.2.27" and
* "OID.1.2.840.10040.4.3".
*
* - SHA-2 is a set of message digest schemes described in FIPS 180-2.
* SHA-2 family of hash functions includes SHA-224, SHA-256, SHA-384,
* and SHA-512.
*
* - SHA-224withDSA/SHA-256withDSA are the signature schemes
* described in FIPS 186-3. The associated object identifiers are
* "OID.2.16.840.1.101.3.4.3.1", and "OID.2.16.840.1.101.3.4.3.2".
* - DSA is the key generation scheme as described in FIPS 186.
* Aliases for DSA include the OID strings "OID.1.3.14.3.2.12"
* and "OID.1.2.840.10040.4.1".
*
* - MD5 is the message digest scheme described in RFC 1321.
* There are no aliases for MD5.
*
* - X.509 is the certificate factory type for X.509 certificates
* and CRLs. Aliases for X.509 are X509.
*
* - PKIX is the certification path validation algorithm described
* in RFC 5280. The ValidationAlgorithm attribute notes the
* specification that this provider implements.
*
* - JavaPolicy is the default file-based Policy type.
*
* - JavaLoginConfig is the default file-based LoginModule Configuration type.
*/
public final class SunEntries {
// the default algo used by SecureRandom class for new SecureRandom() calls
public static final String DEF_SECURE_RANDOM_ALGO;
// create an aliases List from the specified aliases
public static List createAliases(String ... aliases) {
return Arrays.asList(aliases);
}
// create an aliases List from the specified oid followed by other aliases
public static List createAliasesWithOid(String ... oids) {
String[] result = Arrays.copyOf(oids, oids.length + 1);
result[result.length - 1] = "OID." + oids[0];
return Arrays.asList(result);
}
SunEntries(Provider p) {
services = new LinkedHashSet<>(50, 0.9f);
// start populating content using the specified provider
// common attribute map
HashMap attrs = new HashMap<>(3);
/*
* SecureRandom engines
*/
attrs.put("ThreadSafe", "true");
if (NativePRNG.isAvailable()) {
add(p, "SecureRandom", "NativePRNG",
"sun.security.provider.NativePRNG",
null, attrs);
}
if (NativePRNG.Blocking.isAvailable()) {
add(p, "SecureRandom", "NativePRNGBlocking",
"sun.security.provider.NativePRNG$Blocking", null, attrs);
}
if (NativePRNG.NonBlocking.isAvailable()) {
add(p, "SecureRandom", "NativePRNGNonBlocking",
"sun.security.provider.NativePRNG$NonBlocking", null, attrs);
}
attrs.put("ImplementedIn", "Software");
add(p, "SecureRandom", "DRBG", "sun.security.provider.DRBG",
null, attrs);
add(p, "SecureRandom", "SHA1PRNG",
"sun.security.provider.SecureRandom", null, attrs);
/*
* Signature engines
*/
attrs.clear();
String dsaKeyClasses = "java.security.interfaces.DSAPublicKey" +
"|java.security.interfaces.DSAPrivateKey";
attrs.put("SupportedKeyClasses", dsaKeyClasses);
attrs.put("ImplementedIn", "Software");
attrs.put("KeySize", "1024"); // for NONE and SHA1 DSA signatures
add(p, "Signature", "SHA1withDSA",
"sun.security.provider.DSA$SHA1withDSA",
createAliasesWithOid("1.2.840.10040.4.3", "DSA", "DSS",
"SHA/DSA", "SHA-1/DSA", "SHA1/DSA", "SHAwithDSA",
"DSAWithSHA1", "1.3.14.3.2.13", "1.3.14.3.2.27"), attrs);
add(p, "Signature", "NONEwithDSA", "sun.security.provider.DSA$RawDSA",
createAliases("RawDSA"), attrs);
attrs.put("KeySize", "2048"); // for SHA224 and SHA256 DSA signatures
add(p, "Signature", "SHA224withDSA",
"sun.security.provider.DSA$SHA224withDSA",
createAliasesWithOid("2.16.840.1.101.3.4.3.1"), attrs);
add(p, "Signature", "SHA256withDSA",
"sun.security.provider.DSA$SHA256withDSA",
createAliasesWithOid("2.16.840.1.101.3.4.3.2"), attrs);
attrs.remove("KeySize");
add(p, "Signature", "SHA1withDSAinP1363Format",
"sun.security.provider.DSA$SHA1withDSAinP1363Format",
null, null);
add(p, "Signature", "NONEwithDSAinP1363Format",
"sun.security.provider.DSA$RawDSAinP1363Format",
null, null);
add(p, "Signature", "SHA224withDSAinP1363Format",
"sun.security.provider.DSA$SHA224withDSAinP1363Format",
null, null);
add(p, "Signature", "SHA256withDSAinP1363Format",
"sun.security.provider.DSA$SHA256withDSAinP1363Format",
null, null);
/*
* Key Pair Generator engines
*/
attrs.clear();
attrs.put("ImplementedIn", "Software");
attrs.put("KeySize", "2048"); // for DSA KPG and APG only
String dsaOid = "1.2.840.10040.4.1";
List dsaAliases = createAliasesWithOid(dsaOid, "1.3.14.3.2.12");
String dsaKPGImplClass = "sun.security.provider.DSAKeyPairGenerator$";
dsaKPGImplClass += (useLegacyDSA? "Legacy" : "Current");
add(p, "KeyPairGenerator", "DSA", dsaKPGImplClass, dsaAliases, attrs);
/*
* Algorithm Parameter Generator engines
*/
add(p, "AlgorithmParameterGenerator", "DSA",
"sun.security.provider.DSAParameterGenerator", dsaAliases,
attrs);
attrs.remove("KeySize");
/*
* Algorithm Parameter engines
*/
add(p, "AlgorithmParameters", "DSA",
"sun.security.provider.DSAParameters", dsaAliases, attrs);
/*
* Key factories
*/
add(p, "KeyFactory", "DSA", "sun.security.provider.DSAKeyFactory",
dsaAliases, attrs);
/*
* Digest engines
*/
add(p, "MessageDigest", "MD2", "sun.security.provider.MD2", null, attrs);
add(p, "MessageDigest", "MD5", "sun.security.provider.MD5", null, attrs);
add(p, "MessageDigest", "SHA", "sun.security.provider.SHA",
createAliasesWithOid("1.3.14.3.2.26", "SHA-1", "SHA1"), attrs);
String sha2BaseOid = "2.16.840.1.101.3.4.2";
add(p, "MessageDigest", "SHA-224", "sun.security.provider.SHA2$SHA224",
createAliasesWithOid(sha2BaseOid + ".4"), attrs);
add(p, "MessageDigest", "SHA-256", "sun.security.provider.SHA2$SHA256",
createAliasesWithOid(sha2BaseOid + ".1"), attrs);
add(p, "MessageDigest", "SHA-384", "sun.security.provider.SHA5$SHA384",
createAliasesWithOid(sha2BaseOid + ".2"), attrs);
add(p, "MessageDigest", "SHA-512", "sun.security.provider.SHA5$SHA512",
createAliasesWithOid(sha2BaseOid + ".3"), attrs);
add(p, "MessageDigest", "SHA-512/224",
"sun.security.provider.SHA5$SHA512_224",
createAliasesWithOid(sha2BaseOid + ".5"), attrs);
add(p, "MessageDigest", "SHA-512/256",
"sun.security.provider.SHA5$SHA512_256",
createAliasesWithOid(sha2BaseOid + ".6"), attrs);
add(p, "MessageDigest", "SHA3-224", "sun.security.provider.SHA3$SHA224",
createAliasesWithOid(sha2BaseOid + ".7"), attrs);
add(p, "MessageDigest", "SHA3-256", "sun.security.provider.SHA3$SHA256",
createAliasesWithOid(sha2BaseOid + ".8"), attrs);
add(p, "MessageDigest", "SHA3-384", "sun.security.provider.SHA3$SHA384",
createAliasesWithOid(sha2BaseOid + ".9"), attrs);
add(p, "MessageDigest", "SHA3-512", "sun.security.provider.SHA3$SHA512",
createAliasesWithOid(sha2BaseOid + ".10"), attrs);
/*
* Certificates
*/
add(p, "CertificateFactory", "X.509",
"sun.security.provider.X509Factory",
createAliases("X509"), attrs);
/*
* KeyStore
*/
add(p, "KeyStore", "PKCS12",
"sun.security.pkcs12.PKCS12KeyStore$DualFormatPKCS12",
null, null);
add(p, "KeyStore", "JKS",
"sun.security.provider.JavaKeyStore$DualFormatJKS",
null, attrs);
add(p, "KeyStore", "CaseExactJKS",
"sun.security.provider.JavaKeyStore$CaseExactJKS",
null, attrs);
add(p, "KeyStore", "DKS", "sun.security.provider.DomainKeyStore$DKS",
null, attrs);
/*
* CertStores
*/
add(p, "CertStore", "Collection",
"sun.security.provider.certpath.CollectionCertStore",
null, attrs);
add(p, "CertStore", "com.sun.security.IndexedCollection",
"sun.security.provider.certpath.IndexedCollectionCertStore",
null, attrs);
/*
* Policy
*/
add(p, "Policy", "JavaPolicy", "sun.security.provider.PolicySpiFile",
null, null);
/*
* Configuration
*/
add(p, "Configuration", "JavaLoginConfig",
"sun.security.provider.ConfigFile$Spi", null, null);
/*
* CertPathBuilder and CertPathValidator
*/
attrs.clear();
attrs.put("ValidationAlgorithm", "RFC5280");
attrs.put("ImplementedIn", "Software");
add(p, "CertPathBuilder", "PKIX",
"sun.security.provider.certpath.SunCertPathBuilder",
null, attrs);
add(p, "CertPathValidator", "PKIX",
"sun.security.provider.certpath.PKIXCertPathValidator",
null, attrs);
}
Iterator iterator() {
return services.iterator();
}
private void add(Provider p, String type, String algo, String cn,
List aliases, HashMap attrs) {
services.add(new Provider.Service(p, type, algo, cn, aliases, attrs));
}
private LinkedHashSet services;
// name of the *System* property, takes precedence over PROP_RNDSOURCE
private static final String PROP_EGD = "java.security.egd";
// name of the *Security* property
private static final String PROP_RNDSOURCE = "securerandom.source";
private static final boolean useLegacyDSA =
Boolean.parseBoolean(GetPropertyAction.privilegedGetProperty
("jdk.security.legacyDSAKeyPairGenerator"));
static final String URL_DEV_RANDOM = "file:/dev/random";
static final String URL_DEV_URANDOM = "file:/dev/urandom";
private static final String seedSource;
static {
seedSource = AccessController.doPrivileged(
new PrivilegedAction() {
@Override
public String run() {
String egdSource = System.getProperty(PROP_EGD, "");
if (egdSource.length() != 0) {
return egdSource;
}
egdSource = Security.getProperty(PROP_RNDSOURCE);
if (egdSource == null) {
return "";
}
return egdSource;
}
});
DEF_SECURE_RANDOM_ALGO = (NativePRNG.isAvailable() &&
(seedSource.equals(URL_DEV_URANDOM) ||
seedSource.equals(URL_DEV_RANDOM)) ?
"NativePRNG" : "DRBG");
}
static String getSeedSource() {
return seedSource;
}
/*
* Use a URI to access this File. Previous code used a URL
* which is less strict on syntax. If we encounter a
* URISyntaxException we make best efforts for backwards
* compatibility. e.g. space character in deviceName string.
*
* Method called within PrivilegedExceptionAction block.
*
* Moved from SeedGenerator to avoid initialization problems with
* signed providers.
*/
static File getDeviceFile(URL device) throws IOException {
try {
URI deviceURI = device.toURI();
if(deviceURI.isOpaque()) {
// File constructor does not accept opaque URI
URI localDir = new File(
StaticProperty.userDir()).toURI();
String uriPath = localDir.toString() +
deviceURI.toString().substring(5);
return new File(URI.create(uriPath));
} else {
return new File(deviceURI);
}
} catch (URISyntaxException use) {
/*
* Make best effort to access this File.
* We can try using the URL path.
*/
return new File(device.getPath());
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy