< prev index next >
src/java.base/share/classes/sun/security/ssl/JsseJce.java
Print this page
*** 1,7 ****
/*
! * Copyright (c) 2001, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 23,72 ****
* questions.
*/
package sun.security.ssl;
- import java.util.*;
import java.math.BigInteger;
-
import java.security.*;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.*;
!
import javax.crypto.*;
-
- // explicit import to override the Provider class in this package
- import java.security.Provider;
-
- // need internal Sun classes for FIPS tricks
- import sun.security.jca.Providers;
import sun.security.jca.ProviderList;
!
! import sun.security.util.ECUtil;
!
import static sun.security.ssl.SunJSSE.cryptoProvider;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
/**
* This class contains a few static methods for interaction with the JCA/JCE
* to obtain implementations, etc.
*
* @author Andreas Sterbenz
*/
final class JsseJce {
private static final ProviderList fipsProviderList;
- // Flag indicating whether Kerberos crypto is available.
- // If true, then all the Kerberos-based crypto we need is available.
- private static final boolean kerberosAvailable;
- static {
- ClientKeyExchangeService p =
- ClientKeyExchangeService.find("KRB5");
- kerberosAvailable = (p != null);
- }
-
static {
// force FIPS flag initialization
// Because isFIPS() is synchronized and cryptoProvider is not modified
// after it completes, this also eliminates the need for any further
// synchronization when accessing cryptoProvider
--- 23,56 ----
* questions.
*/
package sun.security.ssl;
import java.math.BigInteger;
import java.security.*;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.*;
! import java.util.*;
import javax.crypto.*;
import sun.security.jca.ProviderList;
! import sun.security.jca.Providers;
import static sun.security.ssl.SunJSSE.cryptoProvider;
+ import sun.security.util.ECUtil;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
/**
* This class contains a few static methods for interaction with the JCA/JCE
* to obtain implementations, etc.
*
* @author Andreas Sterbenz
*/
final class JsseJce {
+ static final boolean ALLOW_ECC =
+ Utilities.getBooleanProperty("com.sun.net.ssl.enableECC", true);
private static final ProviderList fipsProviderList;
static {
// force FIPS flag initialization
// Because isFIPS() is synchronized and cryptoProvider is not modified
// after it completes, this also eliminates the need for any further
// synchronization when accessing cryptoProvider
*** 179,189 ****
static boolean isEcAvailable() {
return EcAvailability.isAvailable;
}
static boolean isKerberosAvailable() {
! return kerberosAvailable;
}
/**
* Return an JCE cipher implementation for the specified algorithm.
*/
--- 163,173 ----
static boolean isEcAvailable() {
return EcAvailability.isAvailable;
}
static boolean isKerberosAvailable() {
! return false;
}
/**
* Return an JCE cipher implementation for the specified algorithm.
*/
*** 297,307 ****
// ignore
}
for (Provider.Service s : cryptoProvider.getServices()) {
if (s.getType().equals("SecureRandom")) {
try {
! return SecureRandom.getInstance(s.getAlgorithm(), cryptoProvider);
} catch (NoSuchAlgorithmException ee) {
// ignore
}
}
}
--- 281,292 ----
// ignore
}
for (Provider.Service s : cryptoProvider.getServices()) {
if (s.getType().equals("SecureRandom")) {
try {
! return SecureRandom.getInstance(
! s.getAlgorithm(), cryptoProvider);
} catch (NoSuchAlgorithmException ee) {
// ignore
}
}
}
*** 392,402 ****
// lazy initialization holder class idiom for static default parameters
//
// See Effective Java Second Edition: Item 71.
private static class EcAvailability {
// Is EC crypto available?
! private final static boolean isAvailable;
static {
boolean mediator = true;
try {
JsseJce.getSignature(SIGNATURE_ECDSA);
--- 377,387 ----
// lazy initialization holder class idiom for static default parameters
//
// See Effective Java Second Edition: Item 71.
private static class EcAvailability {
// Is EC crypto available?
! private static final boolean isAvailable;
static {
boolean mediator = true;
try {
JsseJce.getSignature(SIGNATURE_ECDSA);
< prev index next >