< prev index next >

src/java.base/share/classes/sun/security/util/KeyUtil.java

Print this page 
rev 59383 : [mq]: final


 209                 "The key spec to be validated cannot be null");
 210         }
 211 
 212         if (keySpec instanceof DHPublicKeySpec) {
 213             validateDHPublicKey((DHPublicKeySpec)keySpec);
 214         }
 215     }
 216 
 217     /**
 218      * Returns whether the specified provider is Oracle provider or not.
 219      *
 220      * @param  providerName
 221      *         the provider name
 222      * @return true if, and only if, the provider of the specified
 223      *         {@code providerName} is Oracle provider
 224      */
 225     public static final boolean isOracleJCEProvider(String providerName) {
 226         return providerName != null &&
 227                 (providerName.equals("SunJCE") ||
 228                     providerName.equals("SunMSCAPI") ||
 229                     providerName.equals("OracleUcrypto") ||
 230                     providerName.startsWith("SunPKCS11"));
 231     }
 232 
 233     /**
 234      * Check the format of TLS PreMasterSecret.
 235      * <P>
 236      * To avoid vulnerabilities described by section 7.4.7.1, RFC 5246,
 237      * treating incorrectly formatted message blocks and/or mismatched
 238      * version numbers in a manner indistinguishable from correctly
 239      * formatted RSA blocks.
 240      *
 241      * RFC 5246 describes the approach as:
 242      * <pre>{@literal
 243      *
 244      *  1. Generate a string R of 48 random bytes
 245      *
 246      *  2. Decrypt the message to recover the plaintext M
 247      *
 248      *  3. If the PKCS#1 padding is not correct, or the length of message
 249      *     M is not exactly 48 bytes:




 209                 "The key spec to be validated cannot be null");
 210         }
 211 
 212         if (keySpec instanceof DHPublicKeySpec) {
 213             validateDHPublicKey((DHPublicKeySpec)keySpec);
 214         }
 215     }
 216 
 217     /**
 218      * Returns whether the specified provider is Oracle provider or not.
 219      *
 220      * @param  providerName
 221      *         the provider name
 222      * @return true if, and only if, the provider of the specified
 223      *         {@code providerName} is Oracle provider
 224      */
 225     public static final boolean isOracleJCEProvider(String providerName) {
 226         return providerName != null &&
 227                 (providerName.equals("SunJCE") ||
 228                     providerName.equals("SunMSCAPI") ||

 229                     providerName.startsWith("SunPKCS11"));
 230     }
 231 
 232     /**
 233      * Check the format of TLS PreMasterSecret.
 234      * <P>
 235      * To avoid vulnerabilities described by section 7.4.7.1, RFC 5246,
 236      * treating incorrectly formatted message blocks and/or mismatched
 237      * version numbers in a manner indistinguishable from correctly
 238      * formatted RSA blocks.
 239      *
 240      * RFC 5246 describes the approach as:
 241      * <pre>{@literal
 242      *
 243      *  1. Generate a string R of 48 random bytes
 244      *
 245      *  2. Decrypt the message to recover the plaintext M
 246      *
 247      *  3. If the PKCS#1 padding is not correct, or the length of message
 248      *     M is not exactly 48 bytes:
< prev index next >