diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec')
5 files changed, 413 insertions, 902 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java deleted file mode 100644 index fbeb8f0..0000000 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java +++ /dev/null @@ -1,553 +0,0 @@ -package org.bouncycastle.jcajce.provider.asymmetric.ec; - -import java.io.ByteArrayOutputStream; -import java.security.AlgorithmParameters; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SecureRandom; -import java.security.spec.AlgorithmParameterSpec; - -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.CipherSpi; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.ShortBufferException; - -import org.bouncycastle.crypto.CipherParameters; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.crypto.KeyEncoder; -import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; -import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.crypto.engines.AESEngine; -import org.bouncycastle.crypto.engines.DESedeEngine; -import org.bouncycastle.crypto.engines.IESEngine; -import org.bouncycastle.crypto.generators.ECKeyPairGenerator; -import org.bouncycastle.crypto.generators.EphemeralKeyPairGenerator; -import org.bouncycastle.crypto.generators.KDF2BytesGenerator; -import org.bouncycastle.crypto.macs.HMac; -import org.bouncycastle.crypto.modes.CBCBlockCipher; -import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher; -import org.bouncycastle.crypto.params.AsymmetricKeyParameter; -import org.bouncycastle.crypto.params.ECDomainParameters; -import org.bouncycastle.crypto.params.ECKeyGenerationParameters; -import org.bouncycastle.crypto.params.ECKeyParameters; -import org.bouncycastle.crypto.params.ECPublicKeyParameters; -import org.bouncycastle.crypto.params.IESWithCipherParameters; -import org.bouncycastle.crypto.params.ParametersWithIV; -import org.bouncycastle.crypto.parsers.ECIESPublicKeyParser; -import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; -import org.bouncycastle.jcajce.provider.asymmetric.util.IESUtil; -import org.bouncycastle.jcajce.util.BCJcaJceHelper; -import org.bouncycastle.jcajce.util.JcaJceHelper; -import org.bouncycastle.jce.interfaces.ECKey; -import org.bouncycastle.jce.interfaces.IESKey; -import org.bouncycastle.jce.spec.IESParameterSpec; -import org.bouncycastle.util.Strings; - - -public class IESCipher - extends CipherSpi -{ - private final JcaJceHelper helper = new BCJcaJceHelper(); - - private int ivLength; - private IESEngine engine; - private int state = -1; - private ByteArrayOutputStream buffer = new ByteArrayOutputStream(); - private AlgorithmParameters engineParam = null; - private IESParameterSpec engineSpec = null; - private AsymmetricKeyParameter key; - private SecureRandom random; - private boolean dhaesMode = false; - private AsymmetricKeyParameter otherKeyParameter = null; - - public IESCipher(IESEngine engine) - { - this.engine = engine; - this.ivLength = 0; - } - - public IESCipher(IESEngine engine, int ivLength) - { - this.engine = engine; - this.ivLength = ivLength; - } - - public int engineGetBlockSize() - { - if (engine.getCipher() != null) - { - return engine.getCipher().getBlockSize(); - } - else - { - return 0; - } - } - - - public int engineGetKeySize(Key key) - { - if (key instanceof ECKey) - { - return ((ECKey)key).getParameters().getCurve().getFieldSize(); - } - else - { - throw new IllegalArgumentException("not an EC key"); - } - } - - - public byte[] engineGetIV() - { - return null; - } - - public AlgorithmParameters engineGetParameters() - { - if (engineParam == null && engineSpec != null) - { - try - { - engineParam = helper.createAlgorithmParameters("IES"); - engineParam.init(engineSpec); - } - catch (Exception e) - { - throw new RuntimeException(e.toString()); - } - } - - return engineParam; - } - - - public void engineSetMode(String mode) - throws NoSuchAlgorithmException - { - String modeName = Strings.toUpperCase(mode); - - if (modeName.equals("NONE")) - { - dhaesMode = false; - } - else if (modeName.equals("DHAES")) - { - dhaesMode = true; - } - else - { - throw new IllegalArgumentException("can't support mode " + mode); - } - } - - - public int engineGetOutputSize(int inputLen) - { - int len1, len2, len3; - - len1 = engine.getMac().getMacSize(); - - if (key != null) - { - len2 = 1 + 2 * (((ECKey)key).getParameters().getCurve().getFieldSize() + 7) / 8; - } - else - { - throw new IllegalStateException("cipher not initialised"); - } - - if (engine.getCipher() == null) - { - len3 = inputLen; - } - else if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) - { - len3 = engine.getCipher().getOutputSize(inputLen); - } - else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) - { - len3 = engine.getCipher().getOutputSize(inputLen - len1 - len2); - } - else - { - throw new IllegalStateException("cipher not initialised"); - } - - if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) - { - return buffer.size() + len1 + len2 + len3; - } - else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) - { - return buffer.size() - len1 - len2 + len3; - } - else - { - throw new IllegalStateException("cipher not initialised"); - } - - } - - public void engineSetPadding(String padding) - throws NoSuchPaddingException - { - String paddingName = Strings.toUpperCase(padding); - - // TDOD: make this meaningful... - if (paddingName.equals("NOPADDING")) - { - - } - else if (paddingName.equals("PKCS5PADDING") || paddingName.equals("PKCS7PADDING")) - { - - } - else - { - throw new NoSuchPaddingException("padding not available with IESCipher"); - } - } - - - // Initialisation methods - - public void engineInit( - int opmode, - Key key, - AlgorithmParameters params, - SecureRandom random) - throws InvalidKeyException, InvalidAlgorithmParameterException - { - AlgorithmParameterSpec paramSpec = null; - - if (params != null) - { - try - { - paramSpec = params.getParameterSpec(IESParameterSpec.class); - } - catch (Exception e) - { - throw new InvalidAlgorithmParameterException("cannot recognise parameters: " + e.toString()); - } - } - - engineParam = params; - engineInit(opmode, key, paramSpec, random); - - } - - - public void engineInit( - int opmode, - Key key, - AlgorithmParameterSpec engineSpec, - SecureRandom random) - throws InvalidAlgorithmParameterException, InvalidKeyException - { - otherKeyParameter = null; - - // Use default parameters (including cipher key size) if none are specified - if (engineSpec == null) - { - this.engineSpec = IESUtil.guessParameterSpec(engine); - } - else if (engineSpec instanceof IESParameterSpec) - { - this.engineSpec = (IESParameterSpec)engineSpec; - } - else - { - throw new InvalidAlgorithmParameterException("must be passed IES parameters"); - } - - byte[] nonce = this.engineSpec.getNonce(); - - if (nonce != null) - { - if (ivLength == 0) - { - throw new InvalidAlgorithmParameterException("NONCE present in IES Parameters when none required"); - } - else if (nonce.length != ivLength) - { - throw new InvalidAlgorithmParameterException("NONCE in IES Parameters needs to be " + ivLength + " bytes long"); - } - } - - // Parse the recipient's key - if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE) - { - if (key instanceof PublicKey) - { - this.key = ECUtil.generatePublicKeyParameter((PublicKey)key); - } - else if (key instanceof IESKey) - { - IESKey ieKey = (IESKey)key; - - this.key = ECUtil.generatePublicKeyParameter(ieKey.getPublic()); - this.otherKeyParameter = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate()); - } - else - { - throw new InvalidKeyException("must be passed recipient's public EC key for encryption"); - } - } - else if (opmode == Cipher.DECRYPT_MODE || opmode == Cipher.UNWRAP_MODE) - { - if (key instanceof PrivateKey) - { - this.key = ECUtil.generatePrivateKeyParameter((PrivateKey)key); - } - else if (key instanceof IESKey) - { - IESKey ieKey = (IESKey)key; - - this.otherKeyParameter = ECUtil.generatePublicKeyParameter(ieKey.getPublic()); - this.key = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate()); - } - else - { - throw new InvalidKeyException("must be passed recipient's private EC key for decryption"); - } - } - else - { - throw new InvalidKeyException("must be passed EC key"); - } - - - this.random = random; - this.state = opmode; - buffer.reset(); - - } - - - public void engineInit( - int opmode, - Key key, - SecureRandom random) - throws InvalidKeyException - { - try - { - engineInit(opmode, key, (AlgorithmParameterSpec)null, random); - } - catch (InvalidAlgorithmParameterException e) - { - throw new IllegalArgumentException("can't handle supplied parameter spec"); - } - - } - - - // Update methods - buffer the input - - public byte[] engineUpdate( - byte[] input, - int inputOffset, - int inputLen) - { - buffer.write(input, inputOffset, inputLen); - return null; - } - - - public int engineUpdate( - byte[] input, - int inputOffset, - int inputLen, - byte[] output, - int outputOffset) - { - buffer.write(input, inputOffset, inputLen); - return 0; - } - - - // Finalisation methods - - public byte[] engineDoFinal( - byte[] input, - int inputOffset, - int inputLen) - throws IllegalBlockSizeException, BadPaddingException - { - if (inputLen != 0) - { - buffer.write(input, inputOffset, inputLen); - } - - final byte[] in = buffer.toByteArray(); - buffer.reset(); - - // Convert parameters for use in IESEngine - CipherParameters params = new IESWithCipherParameters(engineSpec.getDerivationV(), - engineSpec.getEncodingV(), - engineSpec.getMacKeySize(), - engineSpec.getCipherKeySize()); - - if (engineSpec.getNonce() != null) - { - params = new ParametersWithIV(params, engineSpec.getNonce()); - } - - final ECDomainParameters ecParams = ((ECKeyParameters)key).getParameters(); - - final byte[] V; - - if (otherKeyParameter != null) - { - try - { - if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) - { - engine.init(true, otherKeyParameter, key, params); - } - else - { - engine.init(false, key, otherKeyParameter, params); - } - return engine.processBlock(in, 0, in.length); - } - catch (Exception e) - { - throw new BadPaddingException(e.getMessage()); - } - } - - if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) - { - // Generate the ephemeral key pair - ECKeyPairGenerator gen = new ECKeyPairGenerator(); - gen.init(new ECKeyGenerationParameters(ecParams, random)); - - final boolean usePointCompression = engineSpec.getPointCompression(); - EphemeralKeyPairGenerator kGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder() - { - public byte[] getEncoded(AsymmetricKeyParameter keyParameter) - { - return ((ECPublicKeyParameters)keyParameter).getQ().getEncoded(usePointCompression); - } - }); - - // Encrypt the buffer - try - { - engine.init(key, params, kGen); - - return engine.processBlock(in, 0, in.length); - } - catch (Exception e) - { - throw new BadPaddingException(e.getMessage()); - } - - } - else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) - { - // Decrypt the buffer - try - { - engine.init(key, params, new ECIESPublicKeyParser(ecParams)); - - return engine.processBlock(in, 0, in.length); - } - catch (InvalidCipherTextException e) - { - throw new BadPaddingException(e.getMessage()); - } - } - else - { - throw new IllegalStateException("cipher not initialised"); - } - - } - - public int engineDoFinal( - byte[] input, - int inputOffset, - int inputLength, - byte[] output, - int outputOffset) - throws ShortBufferException, IllegalBlockSizeException, BadPaddingException - { - - byte[] buf = engineDoFinal(input, inputOffset, inputLength); - System.arraycopy(buf, 0, output, outputOffset, buf.length); - return buf.length; - } - - /** - * Classes that inherit from us - */ - - static public class ECIES - extends IESCipher - { - public ECIES() - { - super(new IESEngine(new ECDHBasicAgreement(), - new KDF2BytesGenerator(new SHA1Digest()), - new HMac(new SHA1Digest()))); - } - } - - static public class ECIESwithDESede - extends IESCipher - { - public ECIESwithDESede() - { - super(new IESEngine(new ECDHBasicAgreement(), - new KDF2BytesGenerator(new SHA1Digest()), - new HMac(new SHA1Digest()), - new PaddedBufferedBlockCipher(new DESedeEngine()))); - } - } - - static public class ECIESwithAES - extends IESCipher - { - public ECIESwithAES() - { - super(new IESEngine(new ECDHBasicAgreement(), - new KDF2BytesGenerator(new SHA1Digest()), - new HMac(new SHA1Digest()), - new PaddedBufferedBlockCipher(new AESEngine()))); - } - } - - static public class ECIESwithDESedeCBC - extends IESCipher - { - public ECIESwithDESedeCBC() - { - super(new IESEngine(new ECDHBasicAgreement(), - new KDF2BytesGenerator(new SHA1Digest()), - new HMac(new SHA1Digest()), - new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()))), 8); - } - } - - static public class ECIESwithAESCBC - extends IESCipher - { - public ECIESwithAESCBC() - { - super(new IESEngine(new ECDHBasicAgreement(), - new KDF2BytesGenerator(new SHA1Digest()), - new HMac(new SHA1Digest()), - new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()))), 16); - } - } -} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java index 4ea57fe..3dbe004 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java @@ -24,22 +24,28 @@ import org.bouncycastle.crypto.BasicAgreement; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DerivationFunction; import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; -import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; -import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; -import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; -import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; +// BEGIN android-removed +// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; +// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; +// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; +// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; +// END android-removed import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.crypto.params.DESParameters; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -import org.bouncycastle.crypto.params.MQVPrivateParameters; -import org.bouncycastle.crypto.params.MQVPublicParameters; +// BEGIN android-removed +// import org.bouncycastle.crypto.params.MQVPrivateParameters; +// import org.bouncycastle.crypto.params.MQVPublicParameters; +// END android-removed import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; import org.bouncycastle.jce.interfaces.ECPrivateKey; import org.bouncycastle.jce.interfaces.ECPublicKey; -import org.bouncycastle.jce.interfaces.MQVPrivateKey; -import org.bouncycastle.jce.interfaces.MQVPublicKey; +// BEGIN android-removed +// import org.bouncycastle.jce.interfaces.MQVPrivateKey; +// import org.bouncycastle.jce.interfaces.MQVPublicKey; +// END android-removed import org.bouncycastle.util.Integers; import org.bouncycastle.util.Strings; @@ -89,7 +95,9 @@ public class KeyAgreementSpi private BigInteger result; private ECDomainParameters parameters; private BasicAgreement agreement; - private DerivationFunction kdf; + // BEGIN android-removed + // private DerivationFunction kdf; + // END android-removed private byte[] bigIntToBytes( BigInteger r) @@ -104,7 +112,9 @@ public class KeyAgreementSpi { this.kaAlgorithm = kaAlgorithm; this.agreement = agreement; - this.kdf = kdf; + // BEGIN android-removed + // this.kdf = kdf; + // END android-removed } protected Key engineDoPhase( @@ -123,25 +133,27 @@ public class KeyAgreementSpi } CipherParameters pubKey; - if (agreement instanceof ECMQVBasicAgreement) - { - if (!(key instanceof MQVPublicKey)) - { - throw new InvalidKeyException(kaAlgorithm + " key agreement requires " - + getSimpleName(MQVPublicKey.class) + " for doPhase"); - } - - MQVPublicKey mqvPubKey = (MQVPublicKey)key; - ECPublicKeyParameters staticKey = (ECPublicKeyParameters) - ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); - ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) - ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); - - pubKey = new MQVPublicParameters(staticKey, ephemKey); - - // TODO Validate that all the keys are using the same parameters? - } - else + // BEGIN android-removed + // if (agreement instanceof ECMQVBasicAgreement) + // { + // if (!(key instanceof MQVPublicKey)) + // { + // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + // + getSimpleName(MQVPublicKey.class) + " for doPhase"); + // } + // + // MQVPublicKey mqvPubKey = (MQVPublicKey)key; + // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) + // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); + // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) + // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); + // + // pubKey = new MQVPublicParameters(staticKey, ephemKey); + // + // // TODO Validate that all the keys are using the same parameters? + // } + // else + // END android-removed { if (!(key instanceof PublicKey)) { @@ -162,11 +174,13 @@ public class KeyAgreementSpi protected byte[] engineGenerateSecret() throws IllegalStateException { - if (kdf != null) - { - throw new UnsupportedOperationException( - "KDF can only be used when algorithm is known"); - } + // BEGIN android-removed + // if (kdf != null) + // { + // throw new UnsupportedOperationException( + // "KDF can only be used when algorithm is known"); + // } + // END android-removed return bigIntToBytes(result); } @@ -201,23 +215,25 @@ public class KeyAgreementSpi oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId(); } - if (kdf != null) - { - if (!algorithms.containsKey(oidAlgorithm)) - { - throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); - } - - int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); - - DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); - - byte[] keyBytes = new byte[keySize / 8]; - kdf.init(params); - kdf.generateBytes(keyBytes, 0, keyBytes.length); - secret = keyBytes; - } - else + // BEGIN android-removed + // if (kdf != null) + // { + // if (!algorithms.containsKey(oidAlgorithm)) + // { + // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); + // } + // + // int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); + // + // DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); + // + // byte[] keyBytes = new byte[keySize / 8]; + // kdf.init(params); + // kdf.generateBytes(keyBytes, 0, keyBytes.length); + // secret = keyBytes; + // } + // else + // END android-removed { if (algorithms.containsKey(oidAlgorithm)) { @@ -264,35 +280,37 @@ public class KeyAgreementSpi private void initFromKey(Key key) throws InvalidKeyException { - if (agreement instanceof ECMQVBasicAgreement) - { - if (!(key instanceof MQVPrivateKey)) - { - throw new InvalidKeyException(kaAlgorithm + " key agreement requires " - + getSimpleName(MQVPrivateKey.class) + " for initialisation"); - } - - MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; - ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) - ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); - ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) - ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); - - ECPublicKeyParameters ephemPubKey = null; - if (mqvPrivKey.getEphemeralPublicKey() != null) - { - ephemPubKey = (ECPublicKeyParameters) - ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); - } - - MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); - this.parameters = staticPrivKey.getParameters(); - - // TODO Validate that all the keys are using the same parameters? - - agreement.init(localParams); - } - else + // BEGIN android-removed + // if (agreement instanceof ECMQVBasicAgreement) + // { + // if (!(key instanceof MQVPrivateKey)) + // { + // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); + // } + // + // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; + // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) + // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); + // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) + // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); + // + // ECPublicKeyParameters ephemPubKey = null; + // if (mqvPrivKey.getEphemeralPublicKey() != null) + // { + // ephemPubKey = (ECPublicKeyParameters) + // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); + // } + // + // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); + // this.parameters = staticPrivKey.getParameters(); + // + // // TODO Validate that all the keys are using the same parameters? + // + // agreement.init(localParams); + // } + // else + // END android-removed { if (!(key instanceof PrivateKey)) { @@ -323,39 +341,41 @@ public class KeyAgreementSpi } } - public static class DHC - extends KeyAgreementSpi - { - public DHC() - { - super("ECDHC", new ECDHCBasicAgreement(), null); - } - } - - public static class MQV - extends KeyAgreementSpi - { - public MQV() - { - super("ECMQV", new ECMQVBasicAgreement(), null); - } - } - - public static class DHwithSHA1KDF - extends KeyAgreementSpi - { - public DHwithSHA1KDF() - { - super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); - } - } - - public static class MQVwithSHA1KDF - extends KeyAgreementSpi - { - public MQVwithSHA1KDF() - { - super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); - } - } + // BEGIN android-removed + // public static class DHC + // extends KeyAgreementSpi + // { + // public DHC() + // { + // super("ECDHC", new ECDHCBasicAgreement(), null); + // } + // } + // + // public static class MQV + // extends KeyAgreementSpi + // { + // public MQV() + // { + // super("ECMQV", new ECMQVBasicAgreement(), null); + // } + // } + // + // public static class DHwithSHA1KDF + // extends KeyAgreementSpi + // { + // public DHwithSHA1KDF() + // { + // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); + // } + // } + // + // public static class MQVwithSHA1KDF + // extends KeyAgreementSpi + // { + // public MQVwithSHA1KDF() + // { + // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); + // } + // } + // END android-removed } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java index 20555c2..5769bac 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java @@ -201,14 +201,16 @@ public class KeyFactorySpi } } - public static class ECGOST3410 - extends KeyFactorySpi - { - public ECGOST3410() - { - super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); - } - } + // BEGIN android-removed + // public static class ECGOST3410 + // extends KeyFactorySpi + // { + // public ECGOST3410() + // { + // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); + // } + // } + // END android-removed public static class ECDH extends KeyFactorySpi diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java index ae9be26..d858518 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java @@ -42,7 +42,9 @@ public abstract class KeyPairGeneratorSpi ECKeyGenerationParameters param; ECKeyPairGenerator engine = new ECKeyPairGenerator(); Object ecParams = null; - int strength = 239; + // BEGIN android-changed + int strength = 256; + // BEGIN android-changed int certainty = 50; SecureRandom random = new SecureRandom(); boolean initialised = false; @@ -84,7 +86,13 @@ public abstract class KeyPairGeneratorSpi SecureRandom random) { this.strength = strength; + // BEGIN android-added + if (random != null) { + // END android-added this.random = random; + // BEGIN android-added + } + // END android-added ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); if (ecParams == null) @@ -107,6 +115,11 @@ public abstract class KeyPairGeneratorSpi SecureRandom random) throws InvalidAlgorithmParameterException { + // BEGIN android-added + if (random == null) { + random = this.random; + } + // END android-added if (params == null) { ECParameterSpec implicitCA = configuration.getEcImplicitlyCa(); @@ -267,4 +280,4 @@ public abstract class KeyPairGeneratorSpi super("ECMQV", BouncyCastleProvider.CONFIGURATION); } } -}
\ No newline at end of file +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java index 5e2bb4e..26811d1 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java @@ -16,16 +16,23 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; -import org.bouncycastle.crypto.digests.RIPEMD160Digest; -import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.crypto.digests.SHA224Digest; -import org.bouncycastle.crypto.digests.SHA256Digest; -import org.bouncycastle.crypto.digests.SHA384Digest; -import org.bouncycastle.crypto.digests.SHA512Digest; +// BEGIN android-added +import org.bouncycastle.crypto.digests.AndroidDigestFactory; +// END android-added +// BEGIN android-removed +// import org.bouncycastle.crypto.digests.RIPEMD160Digest; +// import org.bouncycastle.crypto.digests.SHA1Digest; +// import org.bouncycastle.crypto.digests.SHA224Digest; +// import org.bouncycastle.crypto.digests.SHA256Digest; +// import org.bouncycastle.crypto.digests.SHA384Digest; +// import org.bouncycastle.crypto.digests.SHA512Digest; +// END android-removed import org.bouncycastle.crypto.params.ParametersWithRandom; import org.bouncycastle.crypto.signers.ECDSASigner; -import org.bouncycastle.crypto.signers.ECNRSigner; -import org.bouncycastle.crypto.signers.HMacDSAKCalculator; +// BEGIN android-removed +// import org.bouncycastle.crypto.signers.ECNRSigner; +// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; +// END android-removed import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; @@ -70,18 +77,22 @@ public class SignatureSpi { public ecDSA() { - super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); + // BEGIN android-changed + super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); + // END android-changed } } - static public class ecDetDSA - extends SignatureSpi - { - public ecDetDSA() - { - super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); - } - } + // BEGIN android-removed + // static public class ecDetDSA + // extends SignatureSpi + // { + // public ecDetDSA() + // { + // super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); + // } + // } + // END android-removed static public class ecDSAnone extends SignatureSpi @@ -97,180 +108,196 @@ public class SignatureSpi { public ecDSA224() { - super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); + // BEGIN android-changed + super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); + // END android-changed } } - static public class ecDetDSA224 - extends SignatureSpi - { - public ecDetDSA224() - { - super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); - } - } + // BEGIN android-removed + // static public class ecDetDSA224 + // extends SignatureSpi + // { + // public ecDetDSA224() + // { + // super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); + // } + // } + // END android-removed static public class ecDSA256 extends SignatureSpi { public ecDSA256() { - super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); + // BEGIN android-changed + super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); + // END android-changed } } - static public class ecDetDSA256 - extends SignatureSpi - { - public ecDetDSA256() - { - super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); - } - } + // BEGIN android-removed + // static public class ecDetDSA256 + // extends SignatureSpi + // { + // public ecDetDSA256() + // { + // super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); + // } + // } + // END android-removed static public class ecDSA384 extends SignatureSpi { public ecDSA384() { - super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); + // BEGIN android-changed + super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); + // END android-changed } } - static public class ecDetDSA384 - extends SignatureSpi - { - public ecDetDSA384() - { - super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); - } - } + // BEGIN android-removed + // static public class ecDetDSA384 + // extends SignatureSpi + // { + // public ecDetDSA384() + // { + // super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); + // } + // } + // END android-removed static public class ecDSA512 extends SignatureSpi { public ecDSA512() { - super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); - } - } - - static public class ecDetDSA512 - extends SignatureSpi - { - public ecDetDSA512() - { - super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); + // BEGIN android-changed + super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); + // END android-changed } } - static public class ecDSARipeMD160 - extends SignatureSpi - { - public ecDSARipeMD160() - { - super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); - } - } - - static public class ecNR - extends SignatureSpi - { - public ecNR() - { - super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecNR224 - extends SignatureSpi - { - public ecNR224() - { - super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecNR256 - extends SignatureSpi - { - public ecNR256() - { - super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecNR384 - extends SignatureSpi - { - public ecNR384() - { - super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecNR512 - extends SignatureSpi - { - public ecNR512() - { - super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); - } - } - - static public class ecCVCDSA - extends SignatureSpi - { - public ecCVCDSA() - { - super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); - } - } - - static public class ecCVCDSA224 - extends SignatureSpi - { - public ecCVCDSA224() - { - super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); - } - } - - static public class ecCVCDSA256 - extends SignatureSpi - { - public ecCVCDSA256() - { - super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); - } - } - - static public class ecCVCDSA384 - extends SignatureSpi - { - public ecCVCDSA384() - { - super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); - } - } - - static public class ecCVCDSA512 - extends SignatureSpi - { - public ecCVCDSA512() - { - super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); - } - } - - static public class ecPlainDSARP160 - extends SignatureSpi - { - public ecPlainDSARP160() - { - super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); - } - } + // BEGIN android-removed + // static public class ecDetDSA512 + // extends SignatureSpi + // { + // public ecDetDSA512() + // { + // super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); + // } + // } + // + // static public class ecDSARipeMD160 + // extends SignatureSpi + // { + // public ecDSARipeMD160() + // { + // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR + // extends SignatureSpi + // { + // public ecNR() + // { + // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR224 + // extends SignatureSpi + // { + // public ecNR224() + // { + // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR256 + // extends SignatureSpi + // { + // public ecNR256() + // { + // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR384 + // extends SignatureSpi + // { + // public ecNR384() + // { + // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecNR512 + // extends SignatureSpi + // { + // public ecNR512() + // { + // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); + // } + // } + // + // static public class ecCVCDSA + // extends SignatureSpi + // { + // public ecCVCDSA() + // { + // super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); + // } + // } + // + // static public class ecCVCDSA224 + // extends SignatureSpi + // { + // public ecCVCDSA224() + // { + // super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); + // } + // } + // + // static public class ecCVCDSA256 + // extends SignatureSpi + // { + // public ecCVCDSA256() + // { + // super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); + // } + // } + // + // static public class ecCVCDSA384 + // extends SignatureSpi + // { + // public ecCVCDSA384() + // { + // super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); + // } + // } + // + // static public class ecCVCDSA512 + // extends SignatureSpi + // { + // public ecCVCDSA512() + // { + // super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); + // } + // } + // + // static public class ecPlainDSARP160 + // extends SignatureSpi + // { + // public ecPlainDSARP160() + // { + // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); + // } + // } + // END android-removed private static class StdDSAEncoder implements DSAEncoder @@ -302,66 +329,68 @@ public class SignatureSpi } } - private static class PlainDSAEncoder - implements DSAEncoder - { - public byte[] encode( - BigInteger r, - BigInteger s) - throws IOException - { - byte[] first = makeUnsigned(r); - byte[] second = makeUnsigned(s); - byte[] res; - - if (first.length > second.length) - { - res = new byte[first.length * 2]; - } - else - { - res = new byte[second.length * 2]; - } - - System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); - System.arraycopy(second, 0, res, res.length - second.length, second.length); - - return res; - } - - - private byte[] makeUnsigned(BigInteger val) - { - byte[] res = val.toByteArray(); - - if (res[0] == 0) - { - byte[] tmp = new byte[res.length - 1]; - - System.arraycopy(res, 1, tmp, 0, tmp.length); - - return tmp; - } - - return res; - } - - public BigInteger[] decode( - byte[] encoding) - throws IOException - { - BigInteger[] sig = new BigInteger[2]; - - byte[] first = new byte[encoding.length / 2]; - byte[] second = new byte[encoding.length / 2]; - - System.arraycopy(encoding, 0, first, 0, first.length); - System.arraycopy(encoding, first.length, second, 0, second.length); - - sig[0] = new BigInteger(1, first); - sig[1] = new BigInteger(1, second); - - return sig; - } - } -}
\ No newline at end of file + // BEGIN android-removed + // private static class PlainDSAEncoder + // implements DSAEncoder + // { + // public byte[] encode( + // BigInteger r, + // BigInteger s) + // throws IOException + // { + // byte[] first = makeUnsigned(r); + // byte[] second = makeUnsigned(s); + // byte[] res; + // + // if (first.length > second.length) + // { + // res = new byte[first.length * 2]; + // } + // else + // { + // res = new byte[second.length * 2]; + // } + // + // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); + // System.arraycopy(second, 0, res, res.length - second.length, second.length); + // + // return res; + // } + // + // + // private byte[] makeUnsigned(BigInteger val) + // { + // byte[] res = val.toByteArray(); + // + // if (res[0] == 0) + // { + // byte[] tmp = new byte[res.length - 1]; + // + // System.arraycopy(res, 1, tmp, 0, tmp.length); + // + // return tmp; + // } + // + // return res; + // } + // + // public BigInteger[] decode( + // byte[] encoding) + // throws IOException + // { + // BigInteger[] sig = new BigInteger[2]; + // + // byte[] first = new byte[encoding.length / 2]; + // byte[] second = new byte[encoding.length / 2]; + // + // System.arraycopy(encoding, 0, first, 0, first.length); + // System.arraycopy(encoding, first.length, second, 0, second.length); + // + // sig[0] = new BigInteger(1, first); + // sig[1] = new BigInteger(1, second); + // + // return sig; + // } + // } + // END android-removed +} |