Skip to content

Commit

Permalink
Merge pull request ibmruntimes#825 from KostasTsiounis/split_digest_f…
Browse files Browse the repository at this point in the history
…lags

Add more granular digest flags
  • Loading branch information
keithc-ca authored Oct 18, 2024
2 parents 52fb317 + c594171 commit bc4ecab
Showing 1 changed file with 65 additions and 10 deletions.
75 changes: 65 additions & 10 deletions src/java.base/share/classes/sun/security/provider/SunEntries.java
Original file line number Diff line number Diff line change
Expand Up @@ -86,10 +86,49 @@

public final class SunEntries {

/* The property 'jdk.nativeDigest' is used to control enablement of the native
* digest implementation.
*/
private static final boolean useNativeDigest = NativeCrypto.isAlgorithmEnabled("jdk.nativeDigest", "MessageDigest");
private static final boolean useNativeMD5;
private static final boolean useNativeSHA;
private static final boolean useNativeSHA224;
private static final boolean useNativeSHA256;
private static final boolean useNativeSHA384;
private static final boolean useNativeSHA512;

static {
/* The property 'jdk.nativeDigest' is used to control enablement of all native
* digest implementations.
*/
boolean useNativeDigest = NativeCrypto.isAlgorithmEnabled("jdk.nativeDigest", "MessageDigest");

/* The property 'jdk.nativeMD5' is used to control enablement of the native
* MD5 implementation.
*/
useNativeMD5 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeMD5", "MD5");

/* The property 'jdk.nativeSHA' is used to control enablement of the native
* SHA implementation.
*/
useNativeSHA = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA", "SHA");

/* The property 'jdk.nativeSHA224' is used to control enablement of the native
* SHA-224 implementation.
*/
useNativeSHA224 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA224", "SHA-224");

/* The property 'jdk.nativeSHA256' is used to control enablement of the native
* SHA-256 implementation.
*/
useNativeSHA256 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA256", "SHA-256");

/* The property 'jdk.nativeSHA384' is used to control enablement of the native
* SHA-384 implementation.
*/
useNativeSHA384 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA384", "SHA-384");

/* The property 'jdk.nativeSHA512' is used to control enablement of the native
* SHA-512 implementation.
*/
useNativeSHA512 = useNativeDigest && NativeCrypto.isAlgorithmEnabled("jdk.nativeSHA512", "SHA-512");
}

// Flag indicating whether the operating system is AIX.
private static final boolean isAIX = "AIX".equals(GetPropertyAction.privilegedGetProperty("os.name"));
Expand Down Expand Up @@ -204,7 +243,7 @@ public final class SunEntries {
* enabled or not.
*/
/* Don't use native MD5 on AIX due to an observed performance regression. */
if (useNativeDigest
if (useNativeMD5
&& NativeCrypto.isAllowedAndLoaded()
&& NativeCrypto.isMD5Available()
&& !isAIX
Expand All @@ -214,17 +253,33 @@ public final class SunEntries {
providerMD5 = "sun.security.provider.MD5";
}

if (useNativeDigest && NativeCrypto.isAllowedAndLoaded()) {
if (useNativeSHA && NativeCrypto.isAllowedAndLoaded()) {
providerSHA = "sun.security.provider.NativeSHA";
providerSHA224 = "sun.security.provider.NativeSHA2$SHA224";
providerSHA256 = "sun.security.provider.NativeSHA2$SHA256";
providerSHA384 = "sun.security.provider.NativeSHA5$SHA384";
providerSHA512 = "sun.security.provider.NativeSHA5$SHA512";
} else {
providerSHA = "sun.security.provider.SHA";
}

if (useNativeSHA224 && NativeCrypto.isAllowedAndLoaded()) {
providerSHA224 = "sun.security.provider.NativeSHA2$SHA224";
} else {
providerSHA224 = "sun.security.provider.SHA2$SHA224";
}

if (useNativeSHA256 && NativeCrypto.isAllowedAndLoaded()) {
providerSHA256 = "sun.security.provider.NativeSHA2$SHA256";
} else {
providerSHA256 = "sun.security.provider.SHA2$SHA256";
}

if (useNativeSHA384 && NativeCrypto.isAllowedAndLoaded()) {
providerSHA384 = "sun.security.provider.NativeSHA5$SHA384";
} else {
providerSHA384 = "sun.security.provider.SHA5$SHA384";
}

if (useNativeSHA512 && NativeCrypto.isAllowedAndLoaded()) {
providerSHA512 = "sun.security.provider.NativeSHA5$SHA512";
} else {
providerSHA512 = "sun.security.provider.SHA5$SHA512";
}

Expand Down

0 comments on commit bc4ecab

Please sign in to comment.