diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric')
23 files changed, 153 insertions, 126 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java index 8055576..ba7dd80 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java @@ -31,6 +31,14 @@ public class DH provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.DIFFIEHELLMAN", "DH"); provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); + + // BEGIN android-removed + // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); + // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); + // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); + // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); + // provider.addAlgorithm("KeyPairGenerator.IES", PREFIX + "KeyPairGeneratorSpi"); + // END android-removed } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java index 830334b..b908f58 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java @@ -53,6 +53,7 @@ public class DSA provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); + provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); // END android-changed @@ -60,6 +61,10 @@ public class DSA for (int i = 0; i != DSAUtil.dsaOids.length; i++) { + // BEGIN android-changed + provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); + // END android-changed + registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java index bacb6d6..8f93a68 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java @@ -59,6 +59,12 @@ public class EC // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); + // + // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); + // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); + // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); + // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); + // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); // END android-removed provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java index 3037069..d570cf6 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java @@ -122,17 +122,13 @@ public class RSA // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); // } // - // // BEGIN android-changed // if (provider.hasAlgorithm("MessageDigest", "MD4")) - // // END android-changed // { // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); // } // END android-removed - // BEGIN android-changed if (provider.hasAlgorithm("MessageDigest", "MD5")) - // END android-changed { addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); // BEGIN android-removed diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPrivateKey.java index 332e2eb..d5516dc 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPrivateKey.java @@ -15,7 +15,6 @@ import org.bouncycastle.asn1.ASN1Encoding; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.pkcs.DHParameter; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; @@ -180,7 +179,7 @@ public class BCDHPrivateKey } public ASN1Encodable getBagAttribute( - DERObjectIdentifier oid) + ASN1ObjectIdentifier oid) { return attrCarrier.getBagAttribute(oid); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java index 5a66ffb..c9462a6 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java @@ -16,6 +16,7 @@ import javax.crypto.spec.DHParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.crypto.params.DESParameters; +import org.bouncycastle.util.Integers; import org.bouncycastle.util.Strings; /** @@ -35,12 +36,10 @@ public class KeyAgreementSpi static { - // BEGIN android-changed - Integer i64 = Integer.valueOf(64); - Integer i192 = Integer.valueOf(192); - Integer i128 = Integer.valueOf(128); - Integer i256 = Integer.valueOf(256); - // END android-changed + Integer i64 = Integers.valueOf(64); + Integer i192 = Integers.valueOf(192); + Integer i128 = Integers.valueOf(128); + Integer i256 = Integers.valueOf(256); algorithms.put("DES", i64); algorithms.put("DESEDE", i192); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java index 69d5703..48da020 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java @@ -16,11 +16,13 @@ import org.bouncycastle.crypto.params.DHParameters; import org.bouncycastle.crypto.params.DHPrivateKeyParameters; import org.bouncycastle.crypto.params.DHPublicKeyParameters; import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.util.Integers; public class KeyPairGeneratorSpi extends java.security.KeyPairGenerator { private static Hashtable params = new Hashtable(); + private static Object lock = new Object(); DHKeyGenerationParameters param; DHBasicKeyPairGenerator engine = new DHBasicKeyPairGenerator(); @@ -63,9 +65,7 @@ public class KeyPairGeneratorSpi { if (!initialised) { - // BEGIN android-changed - Integer paramStrength = Integer.valueOf(strength); - // END android-changed + Integer paramStrength = Integers.valueOf(strength); if (params.containsKey(paramStrength)) { @@ -73,21 +73,34 @@ public class KeyPairGeneratorSpi } else { - DHParameterSpec dhParams = BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(); + DHParameterSpec dhParams = BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(strength); - if (dhParams != null && dhParams.getP().bitLength() == strength) + if (dhParams != null) { param = new DHKeyGenerationParameters(random, new DHParameters(dhParams.getP(), dhParams.getG(), null, dhParams.getL())); } else { - DHParametersGenerator pGen = new DHParametersGenerator(); - - pGen.init(strength, certainty, random); - - param = new DHKeyGenerationParameters(random, pGen.generateParameters()); - - params.put(paramStrength, param); + synchronized (lock) + { + // we do the check again in case we were blocked by a generator for + // our key size. + if (params.containsKey(paramStrength)) + { + param = (DHKeyGenerationParameters)params.get(paramStrength); + } + else + { + + DHParametersGenerator pGen = new DHParametersGenerator(); + + pGen.init(strength, certainty, random); + + param = new DHKeyGenerationParameters(random, pGen.generateParameters()); + + params.put(paramStrength, param); + } + } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParametersSpi.java index 6dfb8fb..1ddb815 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParametersSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParametersSpi.java @@ -97,7 +97,7 @@ public class AlgorithmParametersSpi { try { - DSAParameter dsaP = new DSAParameter((ASN1Sequence)ASN1Primitive.fromByteArray(params)); + DSAParameter dsaP = DSAParameter.getInstance(ASN1Primitive.fromByteArray(params)); currentSpec = new DSAParameterSpec(dsaP.getP(), dsaP.getQ(), dsaP.getG()); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPrivateKey.java index f67d12d..0fb4bd9 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPrivateKey.java @@ -13,7 +13,6 @@ import java.util.Enumeration; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1Integer; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.DSAParameter; @@ -135,7 +134,7 @@ public class BCDSAPrivateKey } public ASN1Encodable getBagAttribute( - DERObjectIdentifier oid) + ASN1ObjectIdentifier oid) { return attrCarrier.getBagAttribute(oid); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java index d3f1675..f34f482 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java @@ -417,7 +417,7 @@ public class BCECPrivateKey } public ASN1Encodable getBagAttribute( - DERObjectIdentifier oid) + ASN1ObjectIdentifier oid) { return attrCarrier.getBagAttribute(oid); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java index 80ff2af..820bf4b 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java @@ -9,10 +9,12 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier; // import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; // END android-removed import org.bouncycastle.asn1.nist.NISTNamedCurves; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.asn1.sec.SECNamedCurves; // BEGIN android-removed // import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; // END android-removed +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x9.X962NamedCurves; import org.bouncycastle.asn1.x9.X9ECParameters; import org.bouncycastle.crypto.params.AsymmetricKeyParameter; @@ -132,6 +134,30 @@ public class ECUtil EC5Util.convertPoint(pubKey.getParams(), pubKey.getW(), false), new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed())); } + else + { + // see if we can build a key from key.getEncoded() + try + { + byte[] bytes = key.getEncoded(); + + if (bytes == null) + { + throw new InvalidKeyException("no encoding for EC public key"); + } + + PublicKey publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes)); + + if (publicKey instanceof java.security.interfaces.ECPublicKey) + { + return ECUtil.generatePublicKeyParameter(publicKey); + } + } + catch (Exception e) + { + throw new InvalidKeyException("cannot identify EC public key: " + e.toString()); + } + } throw new InvalidKeyException("cannot identify EC public key."); } @@ -154,7 +180,39 @@ public class ECUtil k.getD(), new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed())); } - + else if (key instanceof java.security.interfaces.ECPrivateKey) + { + java.security.interfaces.ECPrivateKey privKey = (java.security.interfaces.ECPrivateKey)key; + ECParameterSpec s = EC5Util.convertSpec(privKey.getParams(), false); + return new ECPrivateKeyParameters( + privKey.getS(), + new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed())); + } + else + { + // see if we can build a key from key.getEncoded() + try + { + byte[] bytes = key.getEncoded(); + + if (bytes == null) + { + throw new InvalidKeyException("no encoding for EC private key"); + } + + PrivateKey privateKey = BouncyCastleProvider.getPrivateKey(PrivateKeyInfo.getInstance(bytes)); + + if (privateKey instanceof java.security.interfaces.ECPrivateKey) + { + return ECUtil.generatePrivateKeyParameter(privateKey); + } + } + catch (Exception e) + { + throw new InvalidKeyException("cannot identify EC private key: " + e.toString()); + } + } + throw new InvalidKeyException("can't identify EC private key."); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java index 38a7143..cade228 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java @@ -43,6 +43,7 @@ import org.bouncycastle.jce.interfaces.ECPublicKey; // import org.bouncycastle.jce.interfaces.MQVPrivateKey; // import org.bouncycastle.jce.interfaces.MQVPublicKey; // END android-removed +import org.bouncycastle.util.Integers; /** * Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363 @@ -58,11 +59,9 @@ public class KeyAgreementSpi static { - // BEGIN android-changed - Integer i128 = Integer.valueOf(128); - Integer i192 = Integer.valueOf(192); - Integer i256 = Integer.valueOf(256); - // END android-changed + Integer i128 = Integers.valueOf(128); + Integer i192 = Integers.valueOf(192); + Integer i256 = Integers.valueOf(256); algorithms.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), i128); algorithms.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), i192); @@ -137,7 +136,7 @@ public class KeyAgreementSpi // else // END android-removed { - if (!(key instanceof ECPublicKey)) + if (!(key instanceof PublicKey)) { throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + getSimpleName(ECPublicKey.class) + " for doPhase"); @@ -222,6 +221,12 @@ public class KeyAgreementSpi SecureRandom random) throws InvalidKeyException, InvalidAlgorithmParameterException { + // BEGIN android-added + if (params != null) + { + throw new InvalidAlgorithmParameterException("No algorithm parameters supported"); + } + // END android-added initFromKey(key); } @@ -268,7 +273,7 @@ public class KeyAgreementSpi // else // END android-removed { - if (!(key instanceof ECPrivateKey)) + if (!(key instanceof PrivateKey)) { throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + getSimpleName(ECPrivateKey.class) + " for initialisation"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java index 31090ae..4cbefb6 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java @@ -30,6 +30,7 @@ import org.bouncycastle.jce.spec.ECNamedCurveSpec; import org.bouncycastle.jce.spec.ECParameterSpec; import org.bouncycastle.math.ec.ECCurve; import org.bouncycastle.math.ec.ECPoint; +import org.bouncycastle.util.Integers; public abstract class KeyPairGeneratorSpi extends java.security.KeyPairGenerator @@ -57,15 +58,13 @@ public abstract class KeyPairGeneratorSpi static { ecParameters = new Hashtable(); - // BEGIN android-changed - ecParameters.put(Integer.valueOf(192), new ECGenParameterSpec("prime192v1")); // a.k.a P-192 - ecParameters.put(Integer.valueOf(239), new ECGenParameterSpec("prime239v1")); - ecParameters.put(Integer.valueOf(256), new ECGenParameterSpec("prime256v1")); // a.k.a P-256 + ecParameters.put(Integers.valueOf(192), new ECGenParameterSpec("prime192v1")); // a.k.a P-192 + ecParameters.put(Integers.valueOf(239), new ECGenParameterSpec("prime239v1")); + ecParameters.put(Integers.valueOf(256), new ECGenParameterSpec("prime256v1")); // a.k.a P-256 - ecParameters.put(Integer.valueOf(224), new ECGenParameterSpec("P-224")); - ecParameters.put(Integer.valueOf(384), new ECGenParameterSpec("P-384")); - ecParameters.put(Integer.valueOf(521), new ECGenParameterSpec("P-521")); - // END android-changed + ecParameters.put(Integers.valueOf(224), new ECGenParameterSpec("P-224")); + ecParameters.put(Integers.valueOf(384), new ECGenParameterSpec("P-384")); + ecParameters.put(Integers.valueOf(521), new ECGenParameterSpec("P-521")); } public EC() @@ -96,9 +95,7 @@ public abstract class KeyPairGeneratorSpi // BEGIN android-added } // END android-added - // BEGIN android-changed - ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integer.valueOf(strength)); - // END android-changed + ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); if (ecParams != null) { @@ -252,15 +249,7 @@ public abstract class KeyPairGeneratorSpi { if (!initialised) { - // BEGIN android-removed - // throw new IllegalStateException("EC Key Pair Generator not initialised"); - // END android-removed - // BEGIN android-added - /* - * KeyPairGenerator documentation says that a default initialization must be provided - */ - initialize(192, random); - // END android-added + initialize(strength, new SecureRandom()); } AsymmetricCipherKeyPair pair = engine.generateKeyPair(); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java index a92b7da..86a407c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java @@ -5,7 +5,6 @@ import java.math.BigInteger; import java.security.InvalidKeyException; import java.security.PrivateKey; import java.security.PublicKey; -import java.security.interfaces.ECPublicKey; import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1Encoding; @@ -13,7 +12,6 @@ import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERInteger; import org.bouncycastle.asn1.DERSequence; -import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; @@ -36,8 +34,6 @@ import org.bouncycastle.crypto.signers.ECDSASigner; // END android-removed import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; -import org.bouncycastle.jce.interfaces.ECKey; -import org.bouncycastle.jce.provider.BouncyCastleProvider; public class SignatureSpi extends DSABase @@ -50,34 +46,7 @@ public class SignatureSpi protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException { - CipherParameters param; - - if (publicKey instanceof ECPublicKey) - { - param = ECUtil.generatePublicKeyParameter(publicKey); - } - else - { - try - { - byte[] bytes = publicKey.getEncoded(); - - publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes)); - - if (publicKey instanceof ECPublicKey) - { - param = ECUtil.generatePublicKeyParameter(publicKey); - } - else - { - throw new InvalidKeyException("can't recognise key type in ECDSA based signer"); - } - } - catch (Exception e) - { - throw new InvalidKeyException("can't recognise key type in ECDSA based signer"); - } - } + CipherParameters param = ECUtil.generatePublicKeyParameter(publicKey); digest.reset(); signer.init(false, param); @@ -87,16 +56,7 @@ public class SignatureSpi PrivateKey privateKey) throws InvalidKeyException { - CipherParameters param; - - if (privateKey instanceof ECKey) - { - param = ECUtil.generatePrivateKeyParameter(privateKey); - } - else - { - throw new InvalidKeyException("can't recognise key type in ECDSA based signer"); - } + CipherParameters param = ECUtil.generatePrivateKeyParameter(privateKey); digest.reset(); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java index 99ac36c..baee6d5 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java @@ -55,15 +55,11 @@ public abstract class AlgorithmParametersSpi { AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( DigestFactory.getOID(currentSpec.getDigestAlgorithm()), - // BEGIN android-changed DERNull.INSTANCE); - // END android-changed MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)currentSpec.getMGFParameters(); AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( PKCSObjectIdentifiers.id_mgf1, - // BEGIN android-changed new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE)); - // END android-changed PSource.PSpecified pSource = (PSource.PSpecified)currentSpec.getPSource(); AlgorithmIdentifier pSourceAlgorithm = new AlgorithmIdentifier( PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(pSource.getValue())); @@ -174,15 +170,11 @@ public abstract class AlgorithmParametersSpi PSSParameterSpec pssSpec = currentSpec; AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier( DigestFactory.getOID(pssSpec.getDigestAlgorithm()), - // BEGIN android-changed DERNull.INSTANCE); - // END android-changed MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)pssSpec.getMGFParameters(); AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier( PKCSObjectIdentifiers.id_mgf1, - // BEGIN android-changed new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE)); - // END android-changed RSASSAPSSparams pssP = new RSASSAPSSparams(hashAlgorithm, maskGenAlgorithm, new ASN1Integer(pssSpec.getSaltLength()), new ASN1Integer(pssSpec.getTrailerField())); return pssP.getEncoded("DER"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java index b0aa66e..9b70d74 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java @@ -127,9 +127,7 @@ public class BCRSAPrivateCrtKey */ public byte[] getEncoded() { - // BEGIN android-changed return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPrivateKey(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient())); - // END android-changed } /** diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java index 6643f13..0aa81b4 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java @@ -11,7 +11,6 @@ import java.util.Enumeration; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.DERNull; -import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.crypto.params.RSAKeyParameters; @@ -78,9 +77,7 @@ public class BCRSAPrivateKey public byte[] getEncoded() { - // BEGIN android-changed return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPrivateKey(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO)); - // END android-changed } public boolean equals(Object o) @@ -114,7 +111,7 @@ public class BCRSAPrivateKey } public ASN1Encodable getBagAttribute( - DERObjectIdentifier oid) + ASN1ObjectIdentifier oid) { return attrCarrier.getBagAttribute(oid); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java index e57da4a..ce0e603 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java @@ -89,9 +89,7 @@ public class BCRSAPublicKey public byte[] getEncoded() { - // BEGIN android-changed return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPublicKey(getModulus(), getPublicExponent())); - // END android-changed } public int hashCode() diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java index 1f53f5a..d0a60f6 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java @@ -328,6 +328,8 @@ public class CipherSpi } } + bOut.reset(); + switch (opmode) { case Cipher.ENCRYPT_MODE: @@ -510,7 +512,6 @@ public class CipherSpi try { byte[] bytes = bOut.toByteArray(); - bOut.reset(); out = cipher.processBlock(bytes, 0, bytes.length); } @@ -518,6 +519,10 @@ public class CipherSpi { throw new BadPaddingException(e.getMessage()); } + finally + { + bOut.reset(); + } for (int i = 0; i != out.length; i++) { diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java index 621069a..490bf4e 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java @@ -27,9 +27,7 @@ public abstract class BaseKeyFactorySpi { return generatePrivate(PrivateKeyInfo.getInstance(((PKCS8EncodedKeySpec)keySpec).getEncoded())); } - // BEGIN android-changed catch (Exception e) - // END android-changed { throw new InvalidKeySpecException("encoded key spec not recognised"); } @@ -50,9 +48,7 @@ public abstract class BaseKeyFactorySpi { return generatePublic(SubjectPublicKeyInfo.getInstance(((X509EncodedKeySpec)keySpec).getEncoded())); } - // BEGIN android-changed catch (Exception e) - // END android-changed { throw new InvalidKeySpecException("encoded key spec not recognised"); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/PKCS12BagAttributeCarrierImpl.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/PKCS12BagAttributeCarrierImpl.java index 06ccd66..532554d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/PKCS12BagAttributeCarrierImpl.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/PKCS12BagAttributeCarrierImpl.java @@ -48,7 +48,7 @@ public class PKCS12BagAttributeCarrierImpl } public ASN1Encodable getBagAttribute( - DERObjectIdentifier oid) + ASN1ObjectIdentifier oid) { return (ASN1Encodable)pkcs12Attributes.get(oid); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java index 33f3db7..5b79864 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java @@ -22,8 +22,8 @@ import org.bouncycastle.asn1.ASN1Set; import org.bouncycastle.asn1.ASN1TaggedObject; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.SignedData; +import org.bouncycastle.asn1.x509.Certificate; import org.bouncycastle.asn1.x509.CertificateList; -import org.bouncycastle.asn1.x509.X509CertificateStructure; import org.bouncycastle.jce.provider.X509CRLObject; import org.bouncycastle.jce.provider.X509CertificateObject; @@ -67,7 +67,7 @@ public class CertificateFactory } return new X509CertificateObject( - X509CertificateStructure.getInstance(seq)); + Certificate.getInstance(seq)); } private java.security.cert.Certificate getCertificate() @@ -82,7 +82,7 @@ public class CertificateFactory if (obj instanceof ASN1Sequence) { return new X509CertificateObject( - X509CertificateStructure.getInstance(obj)); + Certificate.getInstance(obj)); } } } @@ -99,7 +99,7 @@ public class CertificateFactory if (seq != null) { return new X509CertificateObject( - X509CertificateStructure.getInstance(seq)); + Certificate.getInstance(seq)); } return null; @@ -334,7 +334,9 @@ public class CertificateFactory public Iterator engineGetCertPathEncodings() { - return null; // TODO: PKIXCertPath.certPathEncodings.iterator(); + // BEGIN android-changed + return PKIXCertPath.certPathEncodings.iterator(); + // END android-changed } public CertPath engineGenerateCertPath( diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java index e13412d..9b14731 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java @@ -53,7 +53,9 @@ public class PKIXCertPath { List encodings = new ArrayList(); encodings.add("PkiPath"); - encodings.add("PEM"); + // BEGIN android-removed + // encodings.add("PEM"); + // END android-removed encodings.add("PKCS7"); certPathEncodings = Collections.unmodifiableList(encodings); } |