1 /* 2 * Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package sun.security.util; 27 28 import java.util.regex.PatternSyntaxException; 29 import java.security.InvalidParameterException; 30 import sun.security.action.GetPropertyAction; 31 32 /** 33 * Various constants such as version number, default key length, used by 34 * the JDK security/crypto providers. 35 */ 36 public final class SecurityProviderConstants { 37 private static final Debug debug = 38 Debug.getInstance("jca", "ProviderConfig"); 39 40 // Cannot create one of these 41 private SecurityProviderConstants () { 42 } 43 44 public static final int getDefDSASubprimeSize(int primeSize) { 45 if (primeSize <= 1024) { 46 return 160; 47 } else if (primeSize == 2048) { 48 return 224; 49 } else if (primeSize == 3072) { 50 return 256; 51 } else { 52 throw new InvalidParameterException("Invalid DSA Prime Size: " + 53 primeSize); 54 } 55 } 56 57 public static final int DEF_DSA_KEY_SIZE; 58 public static final int DEF_RSA_KEY_SIZE; 59 public static final int DEF_RSASSA_PSS_KEY_SIZE; 60 public static final int DEF_DH_KEY_SIZE; 61 public static final int DEF_EC_KEY_SIZE; 62 63 private static final String KEY_LENGTH_PROP = 64 "jdk.security.defaultKeySize"; 65 static { 66 String keyLengthStr = GetPropertyAction.privilegedGetProperty 67 (KEY_LENGTH_PROP); 68 int dsaKeySize = 2048; 69 int rsaKeySize = 2048; 70 int rsaSsaPssKeySize = rsaKeySize; // default to same value as RSA 71 int dhKeySize = 2048; 72 int ecKeySize = 256; 73 74 if (keyLengthStr != null) { 75 try { 76 String[] pairs = keyLengthStr.split(","); 77 for (String p : pairs) { 78 String[] algoAndValue = p.split(":"); 79 if (algoAndValue.length != 2) { 80 // invalid pair, skip to next pair 81 if (debug != null) { 82 debug.println("Ignoring invalid pair in " + 83 KEY_LENGTH_PROP + " property: " + p); 84 } 85 continue; 86 } 87 String algoName = algoAndValue[0].trim().toUpperCase(); 88 int value = -1; 89 try { 90 value = Integer.parseInt(algoAndValue[1].trim()); 91 } catch (NumberFormatException nfe) { 92 // invalid value, skip to next pair 93 if (debug != null) { 94 debug.println("Ignoring invalid value in " + 95 KEY_LENGTH_PROP + " property: " + p); 96 } 97 continue; 98 } 99 if (algoName.equals("DSA")) { 100 dsaKeySize = value; 101 } else if (algoName.equals("RSA")) { 102 rsaKeySize = value; 103 } else if (algoName.equals("RSASSA-PSS")) { 104 rsaSsaPssKeySize = value; 105 } else if (algoName.equals("DH")) { 106 dhKeySize = value; 107 } else if (algoName.equals("EC")) { 108 ecKeySize = value; 109 } else { 110 if (debug != null) { 111 debug.println("Ignoring unsupported algo in " + 112 KEY_LENGTH_PROP + " property: " + p); 113 } 114 continue; 115 } 116 if (debug != null) { 117 debug.println("Overriding default " + algoName + 118 " keysize with value from " + 119 KEY_LENGTH_PROP + " property: " + value); 120 } 121 } 122 } catch (PatternSyntaxException pse) { 123 // if property syntax is not followed correctly 124 if (debug != null) { 125 debug.println("Unexpected exception while parsing " + 126 KEY_LENGTH_PROP + " property: " + pse); 127 } 128 } 129 } 130 DEF_DSA_KEY_SIZE = dsaKeySize; 131 DEF_RSA_KEY_SIZE = rsaKeySize; 132 DEF_RSASSA_PSS_KEY_SIZE = rsaSsaPssKeySize; 133 DEF_DH_KEY_SIZE = dhKeySize; 134 DEF_EC_KEY_SIZE = ecKeySize; 135 } 136 }