/* |
|
* Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved. |
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
* |
|
* This code is free software; you can redistribute it and/or modify it |
|
* under the terms of the GNU General Public License version 2 only, as |
|
* published by the Free Software Foundation. Oracle designates this |
|
* particular file as subject to the "Classpath" exception as provided |
|
* by Oracle in the LICENSE file that accompanied this code. |
|
* |
|
* This code is distributed in the hope that it will be useful, but WITHOUT |
|
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
* version 2 for more details (a copy is included in the LICENSE file that |
|
* accompanied this code). |
|
* |
|
* You should have received a copy of the GNU General Public License version |
|
* 2 along with this work; if not, write to the Free Software Foundation, |
|
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
* |
|
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
* or visit www.oracle.com if you need additional information or have any |
|
* questions. |
|
*/ |
|
package sun.security.util; |
|
import java.util.regex.PatternSyntaxException; |
|
import java.security.InvalidParameterException; |
|
import sun.security.action.GetPropertyAction; |
|
/** |
|
* Various constants such as version number, default key length, used by |
|
* the JDK security/crypto providers. |
|
*/ |
|
public final class SecurityProviderConstants { |
|
private static final Debug debug = |
|
Debug.getInstance("jca", "ProviderConfig"); |
|
// Cannot create one of these |
|
private SecurityProviderConstants () { |
|
} |
|
public static final int getDefDSASubprimeSize(int primeSize) { |
|
if (primeSize <= 1024) { |
|
return 160; |
|
} else if (primeSize == 2048) { |
|
return 224; |
|
} else if (primeSize == 3072) { |
|
return 256; |
|
} else { |
|
throw new InvalidParameterException("Invalid DSA Prime Size: " + |
|
primeSize); |
|
} |
|
} |
|
public static final int DEF_DSA_KEY_SIZE; |
|
public static final int DEF_RSA_KEY_SIZE; |
|
public static final int DEF_RSASSA_PSS_KEY_SIZE; |
|
public static final int DEF_DH_KEY_SIZE; |
|
public static final int DEF_EC_KEY_SIZE; |
|
private static final String KEY_LENGTH_PROP = |
|
"jdk.security.defaultKeySize"; |
|
static { |
|
String keyLengthStr = GetPropertyAction.privilegedGetProperty |
|
(KEY_LENGTH_PROP); |
|
int dsaKeySize = 2048; |
|
int rsaKeySize = 2048; |
|
int rsaSsaPssKeySize = rsaKeySize; // default to same value as RSA |
|
int dhKeySize = 2048; |
|
int ecKeySize = 256; |
|
if (keyLengthStr != null) { |
|
try { |
|
String[] pairs = keyLengthStr.split(","); |
|
for (String p : pairs) { |
|
String[] algoAndValue = p.split(":"); |
|
if (algoAndValue.length != 2) { |
|
// invalid pair, skip to next pair |
|
if (debug != null) { |
|
debug.println("Ignoring invalid pair in " + |
|
KEY_LENGTH_PROP + " property: " + p); |
|
} |
|
continue; |
|
} |
|
String algoName = algoAndValue[0].trim().toUpperCase(); |
|
int value = -1; |
|
try { |
|
value = Integer.parseInt(algoAndValue[1].trim()); |
|
} catch (NumberFormatException nfe) { |
|
// invalid value, skip to next pair |
|
if (debug != null) { |
|
debug.println("Ignoring invalid value in " + |
|
KEY_LENGTH_PROP + " property: " + p); |
|
} |
|
continue; |
|
} |
|
if (algoName.equals("DSA")) { |
|
dsaKeySize = value; |
|
} else if (algoName.equals("RSA")) { |
|
rsaKeySize = value; |
|
} else if (algoName.equals("RSASSA-PSS")) { |
|
rsaSsaPssKeySize = value; |
|
} else if (algoName.equals("DH")) { |
|
dhKeySize = value; |
|
} else if (algoName.equals("EC")) { |
|
ecKeySize = value; |
|
} else { |
|
if (debug != null) { |
|
debug.println("Ignoring unsupported algo in " + |
|
KEY_LENGTH_PROP + " property: " + p); |
|
} |
|
continue; |
|
} |
|
if (debug != null) { |
|
debug.println("Overriding default " + algoName + |
|
" keysize with value from " + |
|
KEY_LENGTH_PROP + " property: " + value); |
|
} |
|
} |
|
} catch (PatternSyntaxException pse) { |
|
// if property syntax is not followed correctly |
|
if (debug != null) { |
|
debug.println("Unexpected exception while parsing " + |
|
KEY_LENGTH_PROP + " property: " + pse); |
|
} |
|
} |
|
} |
|
DEF_DSA_KEY_SIZE = dsaKeySize; |
|
DEF_RSA_KEY_SIZE = rsaKeySize; |
|
DEF_RSASSA_PSS_KEY_SIZE = rsaSsaPssKeySize; |
|
DEF_DH_KEY_SIZE = dhKeySize; |
|
DEF_EC_KEY_SIZE = ecKeySize; |
|
} |
|
} |