< prev index next >
src/share/classes/sun/security/pkcs11/P11KeyPairGenerator.java
Print this page
rev 12543 : 8181048: Refactor existing providers to refer to the same constants for default values for key length
Reviewed-by: mullan, ahgross
@@ -1,7 +1,7 @@
/*
- * Copyright (c) 2003, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
@@ -31,15 +31,17 @@
import java.security.spec.*;
import javax.crypto.spec.DHParameterSpec;
import sun.security.provider.ParameterCache;
+import static sun.security.util.SecurityProviderConstants.*;
import static sun.security.pkcs11.TemplateManager.*;
import sun.security.pkcs11.wrapper.*;
import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
+
import sun.security.rsa.RSAKeyFactory;
/**
* KeyPairGenerator implementation class. This class currently supports
* RSA, DSA, DH, and EC.
@@ -96,20 +98,25 @@
}
// set default key sizes and apply our own algorithm-specific limits
// override lower limit to disallow unsecure keys being generated
// override upper limit to deter DOS attack
if (algorithm.equals("EC")) {
- keySize = 256;
+ keySize = DEF_EC_KEY_SIZE;
if ((minKeyLen == -1) || (minKeyLen < 112)) {
minKeyLen = 112;
}
if ((maxKeyLen == -1) || (maxKeyLen > 2048)) {
maxKeyLen = 2048;
}
} else {
- // RSA, DH, and DSA
- keySize = 1024;
+ if (algorithm.equals("DSA")) {
+ keySize = DEF_DSA_KEY_SIZE;
+ } else if (algorithm.equals("RSA")) {
+ keySize = DEF_RSA_KEY_SIZE;
+ } else {
+ keySize = DEF_DH_KEY_SIZE;
+ }
if ((minKeyLen == -1) || (minKeyLen < 512)) {
minKeyLen = 512;
}
if (algorithm.equals("RSA")) {
if ((maxKeyLen == -1) || (maxKeyLen > 64 * 1024)) {
< prev index next >