Skip to content

Commit 7eefaa7

Browse files
keithc-cakeithc-ca
authored
Merge pull request ibmruntimes#862 from KostasTsiounis/split_digest_flags
Add more granular digest flags
2 parents d96904b + 46a56b9 commit 7eefaa7

File tree

1 file changed

+66
-10
lines changed

1 file changed

+66
-10
lines changed

src/java.base/share/classes/sun/security/provider/SunEntries.java

+66-10
Original file line numberDiff line numberDiff line change
@@ -99,10 +99,49 @@
9999

100100
public final class SunEntries {
101101

102-
/* The property 'jdk.nativeDigest' is used to control enablement of the native
103-
* digest implementation.
104-
*/
105-
private static final boolean useNativeDigest = NativeCrypto.isAlgorithmEnabled("jdk.nativeDigest", "MessageDigest");
102+
private static final boolean useNativeMD5;
103+
private static final boolean useNativeSHA;
104+
private static final boolean useNativeSHA224;
105+
private static final boolean useNativeSHA256;
106+
private static final boolean useNativeSHA384;
107+
private static final boolean useNativeSHA512;
108+
109+
static {
110+
/* The property 'jdk.nativeDigest' is used to control enablement of all native
111+
* digest implementations.
112+
*/
113+
boolean useNativeDigest = NativeCrypto.isAlgorithmEnabled("jdk.nativeDigest", "MessageDigest");
114+
115+
/* The property 'jdk.nativeMD5' is used to control enablement of the native
116+
* MD5 implementation.
117+
*/
118+
useNativeMD5 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeMD5", "MD5");
119+
120+
/* The property 'jdk.nativeSHA' is used to control enablement of the native
121+
* SHA implementation.
122+
*/
123+
useNativeSHA = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA", "SHA");
124+
125+
/* The property 'jdk.nativeSHA224' is used to control enablement of the native
126+
* SHA-224 implementation.
127+
*/
128+
useNativeSHA224 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA224", "SHA-224");
129+
130+
/* The property 'jdk.nativeSHA256' is used to control enablement of the native
131+
* SHA-256 implementation.
132+
*/
133+
useNativeSHA256 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA256", "SHA-256");
134+
135+
/* The property 'jdk.nativeSHA384' is used to control enablement of the native
136+
* SHA-384 implementation.
137+
*/
138+
useNativeSHA384 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA384", "SHA-384");
139+
140+
/* The property 'jdk.nativeSHA512' is used to control enablement of the native
141+
* SHA-512 implementation.
142+
*/
143+
useNativeSHA512 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA512", "SHA-512");
144+
}
106145

107146
// the default algo used by SecureRandom class for new SecureRandom() calls
108147
public static final String DEF_SECURE_RANDOM_ALGO;
@@ -290,7 +329,7 @@ public final class SunEntries {
290329
* enabled or not.
291330
*/
292331
/* Don't use native MD5 on AIX due to an observed performance regression. */
293-
if (useNativeDigest
332+
if (useNativeMD5
294333
&& NativeCrypto.isAllowedAndLoaded()
295334
&& NativeCrypto.isMD5Available()
296335
&& !OperatingSystem.isAix()
@@ -300,19 +339,36 @@ public final class SunEntries {
300339
providerMD5 = "sun.security.provider.MD5";
301340
}
302341

303-
if (useNativeDigest && NativeCrypto.isAllowedAndLoaded()) {
342+
if (useNativeSHA && NativeCrypto.isAllowedAndLoaded()) {
304343
providerSHA = "sun.security.provider.NativeSHA";
305-
providerSHA224 = "sun.security.provider.NativeSHA2$SHA224";
306-
providerSHA256 = "sun.security.provider.NativeSHA2$SHA256";
307-
providerSHA384 = "sun.security.provider.NativeSHA5$SHA384";
308-
providerSHA512 = "sun.security.provider.NativeSHA5$SHA512";
309344
} else {
310345
providerSHA = "sun.security.provider.SHA";
346+
}
347+
348+
if (useNativeSHA224 && NativeCrypto.isAllowedAndLoaded()) {
349+
providerSHA224 = "sun.security.provider.NativeSHA2$SHA224";
350+
} else {
311351
providerSHA224 = "sun.security.provider.SHA2$SHA224";
352+
}
353+
354+
if (useNativeSHA256 && NativeCrypto.isAllowedAndLoaded()) {
355+
providerSHA256 = "sun.security.provider.NativeSHA2$SHA256";
356+
} else {
312357
providerSHA256 = "sun.security.provider.SHA2$SHA256";
358+
}
359+
360+
if (useNativeSHA384 && NativeCrypto.isAllowedAndLoaded()) {
361+
providerSHA384 = "sun.security.provider.NativeSHA5$SHA384";
362+
} else {
313363
providerSHA384 = "sun.security.provider.SHA5$SHA384";
364+
}
365+
366+
if (useNativeSHA512 && NativeCrypto.isAllowedAndLoaded()) {
367+
providerSHA512 = "sun.security.provider.NativeSHA5$SHA512";
368+
} else {
314369
providerSHA512 = "sun.security.provider.SHA5$SHA512";
315370
}
371+
316372
addWithAlias(p, "MessageDigest", "MD2", "sun.security.provider.MD2",
317373
attrs);
318374
addWithAlias(p, "MessageDigest", "MD5", providerMD5,

0 commit comments

Comments
 (0)