harmony-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From odea...@apache.org
Subject svn commit: r988591 - /harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
Date Tue, 24 Aug 2010 15:23:09 GMT
Author: odeakin
Date: Tue Aug 24 15:23:08 2010
New Revision: 988591

URL: http://svn.apache.org/viewvc?rev=988591&view=rev
Log:
For 1024 (or greater) bit keys use DSA generation and convert to DH as this is much faster
than direct DH generation.

Modified:
    harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c

Modified: harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
URL: http://svn.apache.org/viewvc/harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c?rev=988591&r1=988590&r2=988591&view=diff
==============================================================================
--- harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
(original)
+++ harmony/enhanced/java/branches/omd/classlib/modules/x-net/src/main/native/jsse/shared/sslParameters.c
Tue Aug 24 15:23:08 2010
@@ -117,11 +117,24 @@ JNIEXPORT jobjectArray JNICALL Java_org_
     return stringArray;
 }
 
-// Callback for DH key exchange.
-// Just uses the OpenSSL DH_generate_parameters to create a prime of the appropriate size
+// Callback for DH params generation
+// TODO: Would pregenerated params do? e.g. get_rfc2409_prime_768() etc.
 DH *tmp_dh_callback(SSL *s, int is_export, int keylength)
 {
-    return DH_generate_parameters(keylength, 5, NULL, NULL);
+    DH *dh;
+
+    // For key lengths under 1024 generate the DH params directly
+    // For 1024 (or greater) use DSA generation for performance
+    if (keylength < 1024) {
+        dh = DH_generate_parameters(keylength, 5, NULL, NULL);
+    } else {
+        DSA *dsa = DSA_generate_parameters(1024, NULL, 0, NULL, NULL, NULL, NULL);
+        dh = DSA_dup_DH(dsa);
+        DSA_free(dsa);
+    }  
+
+    // TODO: Throw an exception if dh is NULL?
+    return dh;
 }
 
 JNIEXPORT jlong JNICALL Java_org_apache_harmony_xnet_provider_jsse_SSLParameters_initialiseContext



Mime
View raw message