archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 06:45:07 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8220016: Clean up redundant RSA services in the SunJSSE provider

Browse source 
Removed duplicated RSA signature/KF/KPG support in SunJSSE

Reviewed-by: xuelei
This commit is contained in:
Valerie Peng 2019-03-29 00:39:49 +00:00
parent b0f6b1086a
commit e90036145a
8 changed files with 101 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

12
src/java.base/share/classes/sun/security/ssl/SunJSSE.java
View file

@ -27,18 +27,12 @@ package sun.security.ssl;
import java.security.*;
import java.util.*;
import sun.security.rsa.SunRsaSignEntries;
import static sun.security.util.SecurityConstants.PROVIDER_VER;
import static sun.security.provider.SunEntries.createAliases;
/**
* The JSSE provider.
*
* The RSA implementation has been removed from JSSE, but we still need to
* register the same algorithms for compatibility. We just point to the RSA
* implementation in the SunRsaSign provider. This works because all classes
* are in the bootclasspath and therefore loaded by the same classloader.
*
* SunJSSE now supports an experimental FIPS compliant mode when used with an
* appropriate FIPS certified crypto provider. In FIPS mode, we:
* . allow only TLS 1.0 or later
@ -84,12 +78,6 @@ public class SunJSSE extends java.security.Provider {
}
private void doRegister() {
Iterator<Provider.Service> rsaIter =
new SunRsaSignEntries(this).iterator();
while (rsaIter.hasNext()) {
putService(rsaIter.next());
}
ps("Signature", "MD5andSHA1withRSA",
"sun.security.ssl.RSASignature", null, null);