1 /* 2 * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.util; 27 28 import java.util.regex.PatternSyntaxException; 29 import java.security.InvalidParameterException; 30 import sun.security.action.GetPropertyAction; 31 32 /** 33 * Various constants such as version number, default key length, used by 34 * the JDK security/crypto providers. 35 */ 36 public final class SecurityProviderConstants { 37 private static final Debug debug = 38 Debug.getInstance("jca", "ProviderConfig"); 39 40 // Cannot create one of these 41 private SecurityProviderConstants () { 42 } 43 44 public static final int getDefDSASubprimeSize(int primeSize) { 45 if (primeSize <= 1024) { 46 return 160; 47 } else if (primeSize == 2048) { 48 return 224; 49 } else if (primeSize == 3072) { 50 return 256; 51 } else { 52 throw new InvalidParameterException("Invalid DSA Prime Size: " + 53 primeSize); 54 } 55 } 56 57 public static final int DEF_DSA_KEY_SIZE; 58 public static final int DEF_RSA_KEY_SIZE; 59 public static final int DEF_DH_KEY_SIZE; 60 public static final int DEF_EC_KEY_SIZE; 61 62 private static final String KEY_LENGTH_PROP = 63 "jdk.security.defaultKeySize"; 64 static { 65 String keyLengthStr = GetPropertyAction.privilegedGetProperty 66 (KEY_LENGTH_PROP); 67 int dsaKeySize = 1024; 68 int rsaKeySize = 1024; 69 int dhKeySize = 1024; 70 int ecKeySize = 256; 71 72 if (keyLengthStr != null) { 73 try { 74 String[] pairs = keyLengthStr.split(","); 75 for (String p : pairs) { 76 String[] algoAndValue = p.split(":"); 77 if (algoAndValue.length != 2) { 78 // invalid pair, skip to next pair 79 if (debug != null) { 80 debug.println("Ignoring invalid pair in " + 81 KEY_LENGTH_PROP + " property: " + p); 82 } 83 continue; 84 } 85 String algoName = algoAndValue[0].trim().toUpperCase(); 86 int value = -1; 87 try { 88 value = Integer.parseInt(algoAndValue[1].trim()); 89 } catch (NumberFormatException nfe) { 90 // invalid value, skip to next pair 91 if (debug != null) { 92 debug.println("Ignoring invalid value in " + 93 KEY_LENGTH_PROP + " property: " + p); 94 } 95 continue; 96 } 97 if (algoName.equals("DSA")) { 98 dsaKeySize = value; 99 } else if (algoName.equals("RSA")) { 100 rsaKeySize = value; 101 } else if (algoName.equals("DH")) { 102 dhKeySize = value; 103 } else if (algoName.equals("EC")) { 104 ecKeySize = value; 105 } else { 106 if (debug != null) { 107 debug.println("Ignoring unsupported algo in " + 108 KEY_LENGTH_PROP + " property: " + p); 109 } 110 continue; 111 } 112 if (debug != null) { 113 debug.println("Overriding default " + algoName + 114 " keysize with value from " + 115 KEY_LENGTH_PROP + " property: " + value); 116 } 117 } 118 } catch (PatternSyntaxException pse) { 119 // if property syntax is not followed correctly 120 if (debug != null) { 121 debug.println("Unexpected exception while parsing " + 122 KEY_LENGTH_PROP + " property: " + pse); 123 } 124 } 125 } 126 DEF_DSA_KEY_SIZE = dsaKeySize; 127 DEF_RSA_KEY_SIZE = rsaKeySize; 128 DEF_DH_KEY_SIZE = dhKeySize; 129 DEF_EC_KEY_SIZE = ecKeySize; 130 } 131 }