summaryrefslogtreecommitdiffstats
path: root/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric
diff options
context:
space:
mode:
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric')
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java7
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java7
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java31
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java52
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java24
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java275
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java84
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java39
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java6
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java51
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java46
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java304
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java288
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java47
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java8
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLEntryObject.java23
-rw-r--r--bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLObject.java65
17 files changed, 689 insertions, 668 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
index 3e16254..2efffbf 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
@@ -32,6 +32,13 @@ public class DSA
provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA");
+ provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
+ provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
+ provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
+ provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256");
+ provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384");
+ provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512");
+
addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224);
addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256);
addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java
index 4c2ca28..d06e05c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java
@@ -67,6 +67,13 @@ public class EC
provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA");
provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
+ provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
+ provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA");
+ provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224");
+ provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256");
+ provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384");
+ provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512");
+
addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224);
addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256);
addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384);
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
index c9462a6..f2b5314 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
@@ -50,17 +50,34 @@ public class KeyAgreementSpi
private byte[] bigIntToBytes(
BigInteger r)
{
+ //
+ // RFC 2631 (2.1.2) specifies that the secret should be padded with leading zeros if necessary
+ // must be the same length as p
+ //
+ int expectedLength = (p.bitLength() + 7) / 8;
+
byte[] tmp = r.toByteArray();
-
- if (tmp[0] == 0)
+
+ if (tmp.length == expectedLength)
+ {
+ return tmp;
+ }
+
+ if (tmp[0] == 0 && tmp.length == expectedLength + 1)
{
- byte[] ntmp = new byte[tmp.length - 1];
+ byte[] rv = new byte[tmp.length - 1];
- System.arraycopy(tmp, 1, ntmp, 0, ntmp.length);
- return ntmp;
+ System.arraycopy(tmp, 1, rv, 0, rv.length);
+ return rv;
}
-
- return tmp;
+
+ // tmp must be shorter than expectedLength
+ // pad to the left with zeros.
+ byte[] rv = new byte[expectedLength];
+
+ System.arraycopy(tmp, 0, rv, rv.length - tmp.length, tmp.length);
+
+ return rv;
}
protected Key engineDoPhase(
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
index ef12b4f..ade49b3 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
@@ -29,6 +29,7 @@ import org.bouncycastle.crypto.digests.SHA256Digest;
import org.bouncycastle.crypto.digests.SHA384Digest;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.params.ParametersWithRandom;
+import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
public class DSASigner
extends SignatureSpi
@@ -220,6 +221,15 @@ public class DSASigner
}
}
+ static public class detDSA
+ extends DSASigner
+ {
+ public detDSA()
+ {
+ super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest())));
+ }
+ }
+
static public class dsa224
extends DSASigner
{
@@ -228,7 +238,16 @@ public class DSASigner
super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner());
}
}
-
+
+ static public class detDSA224
+ extends DSASigner
+ {
+ public detDSA224()
+ {
+ super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest())));
+ }
+ }
+
static public class dsa256
extends DSASigner
{
@@ -237,7 +256,16 @@ public class DSASigner
super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner());
}
}
-
+
+ static public class detDSA256
+ extends DSASigner
+ {
+ public detDSA256()
+ {
+ super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest())));
+ }
+ }
+
static public class dsa384
extends DSASigner
{
@@ -246,7 +274,16 @@ public class DSASigner
super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner());
}
}
-
+
+ static public class detDSA384
+ extends DSASigner
+ {
+ public detDSA384()
+ {
+ super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest())));
+ }
+ }
+
static public class dsa512
extends DSASigner
{
@@ -256,6 +293,15 @@ public class DSASigner
}
}
+ static public class detDSA512
+ extends DSASigner
+ {
+ public detDSA512()
+ {
+ super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest())));
+ }
+ }
+
static public class noneDSA
extends DSASigner
{
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java
index 56fe741..9b7e797 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java
@@ -119,8 +119,8 @@ public class BCDSTU4145PrivateKey
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
dp.getN(),
dp.getH().intValue());
}
@@ -150,8 +150,8 @@ public class BCDSTU4145PrivateKey
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
dp.getN(),
dp.getH().intValue());
}
@@ -162,8 +162,8 @@ public class BCDSTU4145PrivateKey
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
- spec.getG().getX().toBigInteger(),
- spec.getG().getY().toBigInteger()),
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
spec.getN(),
spec.getH().intValue());
}
@@ -206,8 +206,8 @@ public class BCDSTU4145PrivateKey
oid.getId(),
ellipticCurve,
new ECPoint(
- gParam.getG().getX().toBigInteger(),
- gParam.getG().getY().toBigInteger()),
+ gParam.getG().getAffineXCoord().toBigInteger(),
+ gParam.getG().getAffineYCoord().toBigInteger()),
gParam.getN(),
gParam.getH());
}
@@ -219,8 +219,8 @@ public class BCDSTU4145PrivateKey
ECUtil.getCurveName(oid),
ellipticCurve,
new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
+ ecP.getG().getAffineXCoord().toBigInteger(),
+ ecP.getG().getAffineYCoord().toBigInteger()),
ecP.getN(),
ecP.getH());
}
@@ -237,8 +237,8 @@ public class BCDSTU4145PrivateKey
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
+ ecP.getG().getAffineXCoord().toBigInteger(),
+ ecP.getG().getAffineYCoord().toBigInteger()),
ecP.getN(),
ecP.getH().intValue());
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java
index a060ae6..c641ee9 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java
@@ -16,7 +16,6 @@ import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.ua.DSTU4145BinaryField;
import org.bouncycastle.asn1.ua.DSTU4145ECBinary;
@@ -28,13 +27,9 @@ import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962Parameters;
import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ECPoint;
-import org.bouncycastle.asn1.x9.X9IntegerConverter;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
import org.bouncycastle.jce.interfaces.ECPointEncoder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -88,7 +83,7 @@ public class BCDSTU4145PublicKey
{
org.bouncycastle.jce.spec.ECParameterSpec s = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
- q = s.getCurve().createPoint(q.getX().toBigInteger(), q.getY().toBigInteger(), false);
+ q = s.getCurve().createPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger());
}
this.ecSpec = null;
}
@@ -157,8 +152,8 @@ public class BCDSTU4145PublicKey
return new ECParameterSpec(
ellipticCurve,
new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
dp.getN(),
dp.getH().intValue());
}
@@ -191,155 +186,79 @@ public class BCDSTU4145PublicKey
private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
{
- if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145be) || info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
- {
- DERBitString bits = info.getPublicKeyData();
- ASN1OctetString key;
- this.algorithm = "DSTU4145";
-
- try
- {
- key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
- }
- catch (IOException ex)
- {
- throw new IllegalArgumentException("error recovering public key");
- }
-
- byte[] keyEnc = key.getOctets();
-
- if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
- {
- reverseBytes(keyEnc);
- }
-
- dstuParams = DSTU4145Params.getInstance((ASN1Sequence)info.getAlgorithm().getParameters());
+ DERBitString bits = info.getPublicKeyData();
+ ASN1OctetString key;
+ this.algorithm = "DSTU4145";
- //ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
- org.bouncycastle.jce.spec.ECParameterSpec spec = null;
- if (dstuParams.isNamedCurve())
- {
- ASN1ObjectIdentifier curveOid = dstuParams.getNamedCurve();
- ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(curveOid);
+ try
+ {
+ key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
+ }
+ catch (IOException ex)
+ {
+ throw new IllegalArgumentException("error recovering public key");
+ }
- spec = new ECNamedCurveParameterSpec(curveOid.getId(), ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
- }
- else
- {
- DSTU4145ECBinary binary = dstuParams.getECBinary();
- byte[] b_bytes = binary.getB();
- if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
- {
- reverseBytes(b_bytes);
- }
- DSTU4145BinaryField field = binary.getField();
- ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes));
- byte[] g_bytes = binary.getG();
- if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
- {
- reverseBytes(g_bytes);
- }
- spec = new org.bouncycastle.jce.spec.ECParameterSpec(curve, DSTU4145PointEncoder.decodePoint(curve, g_bytes), binary.getN());
- }
+ byte[] keyEnc = key.getOctets();
- ECCurve curve = spec.getCurve();
- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
+ if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
+ {
+ reverseBytes(keyEnc);
+ }
- //this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
- this.q = DSTU4145PointEncoder.decodePoint(curve, keyEnc);
+ dstuParams = DSTU4145Params.getInstance((ASN1Sequence)info.getAlgorithm().getParameters());
- if (dstuParams.isNamedCurve())
- {
- ecSpec = new ECNamedCurveSpec(
- dstuParams.getNamedCurve().getId(),
- ellipticCurve,
- new ECPoint(
- spec.getG().getX().toBigInteger(),
- spec.getG().getY().toBigInteger()),
- spec.getN(), spec.getH());
- }
- else
- {
- ecSpec = new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- spec.getG().getX().toBigInteger(),
- spec.getG().getY().toBigInteger()),
- spec.getN(), spec.getH().intValue());
- }
+ //ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
+ org.bouncycastle.jce.spec.ECParameterSpec spec = null;
+ if (dstuParams.isNamedCurve())
+ {
+ ASN1ObjectIdentifier curveOid = dstuParams.getNamedCurve();
+ ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(curveOid);
+ spec = new ECNamedCurveParameterSpec(curveOid.getId(), ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
}
else
{
- X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithm().getParameters());
- ECCurve curve;
- EllipticCurve ellipticCurve;
-
- if (params.isNamedCurve())
- {
- ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)params.getParameters();
- X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
-
- curve = ecP.getCurve();
- ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
-
- ecSpec = new ECNamedCurveSpec(
- ECUtil.getCurveName(oid),
- ellipticCurve,
- new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
- ecP.getN(),
- ecP.getH());
- }
- else if (params.isImplicitlyCA())
+ DSTU4145ECBinary binary = dstuParams.getECBinary();
+ byte[] b_bytes = binary.getB();
+ if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
{
- ecSpec = null;
- curve = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getCurve();
+ reverseBytes(b_bytes);
}
- else
+ DSTU4145BinaryField field = binary.getField();
+ ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes));
+ byte[] g_bytes = binary.getG();
+ if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
{
- X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
-
- curve = ecP.getCurve();
- ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
-
- this.ecSpec = new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
- ecP.getN(),
- ecP.getH().intValue());
+ reverseBytes(g_bytes);
}
+ spec = new org.bouncycastle.jce.spec.ECParameterSpec(curve, DSTU4145PointEncoder.decodePoint(curve, g_bytes), binary.getN());
+ }
- DERBitString bits = info.getPublicKeyData();
- byte[] data = bits.getBytes();
- ASN1OctetString key = new DEROctetString(data);
+ ECCurve curve = spec.getCurve();
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
- //
- // extra octet string - one of our old certs...
- //
- if (data[0] == 0x04 && data[1] == data.length - 2
- && (data[2] == 0x02 || data[2] == 0x03))
- {
- int qLength = new X9IntegerConverter().getByteLength(curve);
-
- if (qLength >= data.length - 3)
- {
- try
- {
- key = (ASN1OctetString)ASN1Primitive.fromByteArray(data);
- }
- catch (IOException ex)
- {
- throw new IllegalArgumentException("error recovering public key");
- }
- }
- }
- X9ECPoint derQ = new X9ECPoint(curve, key);
+ //this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
+ this.q = DSTU4145PointEncoder.decodePoint(curve, keyEnc);
- this.q = derQ.getPoint();
+ if (dstuParams.isNamedCurve())
+ {
+ ecSpec = new ECNamedCurveSpec(
+ dstuParams.getNamedCurve().getId(),
+ ellipticCurve,
+ new ECPoint(
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
+ spec.getN(), spec.getH());
+ }
+ else
+ {
+ ecSpec = new ECParameterSpec(
+ ellipticCurve,
+ new ECPoint(
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
+ spec.getN(), spec.getH().intValue());
}
}
@@ -370,61 +289,18 @@ public class BCDSTU4145PublicKey
ASN1Encodable params;
SubjectPublicKeyInfo info;
- if (algorithm.equals("DSTU4145"))
+ if (dstuParams != null)
{
- if (dstuParams != null)
- {
- params = dstuParams;
- }
- else
- {
- if (ecSpec instanceof ECNamedCurveSpec)
- {
- params = new DSTU4145Params(new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName()));
- }
- else
- { // strictly speaking this may not be applicable...
- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
- X9ECParameters ecP = new X9ECParameters(
- curve,
- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
- ecSpec.getOrder(),
- BigInteger.valueOf(ecSpec.getCofactor()),
- ecSpec.getCurve().getSeed());
-
- params = new X962Parameters(ecP);
- }
- }
-
- byte[] encKey = DSTU4145PointEncoder.encodePoint(this.q);
-
- try
- {
- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(UAObjectIdentifiers.dstu4145be, params), new DEROctetString(encKey));
- }
- catch (IOException e)
- {
- return null;
- }
+ params = dstuParams;
}
else
{
if (ecSpec instanceof ECNamedCurveSpec)
{
- ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
- if (curveOid == null)
- {
- curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
- }
- params = new X962Parameters(curveOid);
- }
- else if (ecSpec == null)
- {
- params = new X962Parameters(DERNull.INSTANCE);
+ params = new DSTU4145Params(new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName()));
}
else
- {
+ { // strictly speaking this may not be applicable...
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(
@@ -436,12 +312,17 @@ public class BCDSTU4145PublicKey
params = new X962Parameters(ecP);
}
+ }
- ECCurve curve = this.engineGetQ().getCurve();
- ASN1OctetString p = (ASN1OctetString)
- new X9ECPoint(curve.createPoint(this.getQ().getX().toBigInteger(), this.getQ().getY().toBigInteger(), withCompression)).toASN1Primitive();
+ byte[] encKey = DSTU4145PointEncoder.encodePoint(this.q);
- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
+ try
+ {
+ info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(UAObjectIdentifiers.dstu4145be, params), new DEROctetString(encKey));
+ }
+ catch (IOException e)
+ {
+ return null;
}
return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
@@ -464,7 +345,7 @@ public class BCDSTU4145PublicKey
public ECPoint getW()
{
- return new ECPoint(q.getX().toBigInteger(), q.getY().toBigInteger());
+ return new ECPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger());
}
public org.bouncycastle.math.ec.ECPoint getQ()
@@ -473,11 +354,11 @@ public class BCDSTU4145PublicKey
{
if (q instanceof org.bouncycastle.math.ec.ECPoint.Fp)
{
- return new org.bouncycastle.math.ec.ECPoint.Fp(null, q.getX(), q.getY());
+ return new org.bouncycastle.math.ec.ECPoint.Fp(null, q.getAffineXCoord(), q.getAffineYCoord());
}
else
{
- return new org.bouncycastle.math.ec.ECPoint.F2m(null, q.getX(), q.getY());
+ return new org.bouncycastle.math.ec.ECPoint.F2m(null, q.getAffineXCoord(), q.getAffineYCoord());
}
}
@@ -505,8 +386,8 @@ public class BCDSTU4145PublicKey
String nl = System.getProperty("line.separator");
buf.append("EC Public Key").append(nl);
- buf.append(" X: ").append(this.q.getX().toBigInteger().toString(16)).append(nl);
- buf.append(" Y: ").append(this.q.getY().toBigInteger().toString(16)).append(nl);
+ buf.append(" X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl);
+ buf.append(" Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl);
return buf.toString();
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java
index ac04d3c..45d5b08 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java
@@ -13,14 +13,11 @@ import java.util.Enumeration;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Encoding;
+import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DERObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
@@ -138,8 +135,8 @@ public class BCECPrivateKey
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
dp.getN(),
dp.getH().intValue());
}
@@ -171,22 +168,16 @@ public class BCECPrivateKey
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
dp.getN(),
dp.getH().intValue());
}
else
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
- this.ecSpec = new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- spec.getG().getX().toBigInteger(),
- spec.getG().getY().toBigInteger()),
- spec.getN(),
- spec.getH().intValue());
+
+ this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec);
}
publicKey = getPublicKeyDetails(pubKey);
@@ -223,34 +214,16 @@ public class BCECPrivateKey
{
ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
-
- if (ecP == null) // GOST Curve
- {
- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
-
- ecSpec = new ECNamedCurveSpec(
- ECGOST3410NamedCurves.getName(oid),
- ellipticCurve,
- new ECPoint(
- gParam.getG().getX().toBigInteger(),
- gParam.getG().getY().toBigInteger()),
- gParam.getN(),
- gParam.getH());
- }
- else
- {
- EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
-
- ecSpec = new ECNamedCurveSpec(
- ECUtil.getCurveName(oid),
- ellipticCurve,
- new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
- ecP.getN(),
- ecP.getH());
- }
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
+
+ ecSpec = new ECNamedCurveSpec(
+ ECUtil.getCurveName(oid),
+ ellipticCurve,
+ new ECPoint(
+ ecP.getG().getAffineXCoord().toBigInteger(),
+ ecP.getG().getAffineYCoord().toBigInteger()),
+ ecP.getN(),
+ ecP.getH());
}
else if (params.isImplicitlyCA())
{
@@ -264,16 +237,16 @@ public class BCECPrivateKey
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
+ ecP.getG().getAffineXCoord().toBigInteger(),
+ ecP.getG().getAffineYCoord().toBigInteger()),
ecP.getN(),
ecP.getH().intValue());
}
ASN1Encodable privKey = info.parsePrivateKey();
- if (privKey instanceof DERInteger)
+ if (privKey instanceof ASN1Integer)
{
- DERInteger derD = DERInteger.getInstance(privKey);
+ ASN1Integer derD = ASN1Integer.getInstance(privKey);
this.d = derD.getValue();
}
@@ -313,11 +286,12 @@ public class BCECPrivateKey
if (ecSpec instanceof ECNamedCurveSpec)
{
- DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
+ ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
if (curveOid == null) // guess it's the OID
{
- curveOid = new DERObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
+ curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
}
+
params = new X962Parameters(curveOid);
}
else if (ecSpec == null)
@@ -352,15 +326,7 @@ public class BCECPrivateKey
try
{
- if (algorithm.equals("ECGOST3410"))
- {
- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
- }
- else
- {
-
- info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
- }
+ info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), keyStructure);
return info.getEncoded(ASN1Encoding.DER);
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java
index 2b61727..0eaae1d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java
@@ -90,7 +90,7 @@ public class BCECPublicKey
{
org.bouncycastle.jce.spec.ECParameterSpec s = configuration.getEcImplicitlyCa();
- q = s.getCurve().createPoint(q.getX().toBigInteger(), q.getY().toBigInteger(), false);
+ q = s.getCurve().createPoint(q.getXCoord().toBigInteger(), q.getYCoord().toBigInteger(), false);
}
this.ecSpec = null;
}
@@ -188,8 +188,8 @@ public class BCECPublicKey
return new ECParameterSpec(
ellipticCurve,
new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
dp.getN(),
dp.getH().intValue());
}
@@ -212,8 +212,8 @@ public class BCECPublicKey
ECUtil.getCurveName(oid),
ellipticCurve,
new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
+ ecP.getG().getAffineXCoord().toBigInteger(),
+ ecP.getG().getAffineYCoord().toBigInteger()),
ecP.getN(),
ecP.getH());
}
@@ -232,8 +232,8 @@ public class BCECPublicKey
this.ecSpec = new ECParameterSpec(
ellipticCurve,
new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
+ ecP.getG().getAffineXCoord().toBigInteger(),
+ ecP.getG().getAffineYCoord().toBigInteger()),
ecP.getN(),
ecP.getH().intValue());
}
@@ -310,8 +310,19 @@ public class BCECPublicKey
}
ECCurve curve = this.engineGetQ().getCurve();
- ASN1OctetString p = (ASN1OctetString)
- new X9ECPoint(curve.createPoint(this.getQ().getX().toBigInteger(), this.getQ().getY().toBigInteger(), withCompression)).toASN1Primitive();
+ ASN1OctetString p;
+
+ // stored curve is null if ImplicitlyCa
+ if (ecSpec == null)
+ {
+ p = (ASN1OctetString)
+ new X9ECPoint(curve.createPoint(this.getQ().getXCoord().toBigInteger(), this.getQ().getYCoord().toBigInteger(), withCompression)).toASN1Primitive();
+ }
+ else
+ {
+ p = (ASN1OctetString)
+ new X9ECPoint(curve.createPoint(this.getQ().getAffineXCoord().toBigInteger(), this.getQ().getAffineYCoord().toBigInteger(), withCompression)).toASN1Primitive();
+ }
info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
@@ -351,7 +362,7 @@ public class BCECPublicKey
public ECPoint getW()
{
- return new ECPoint(q.getX().toBigInteger(), q.getY().toBigInteger());
+ return new ECPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger());
}
public org.bouncycastle.math.ec.ECPoint getQ()
@@ -360,11 +371,11 @@ public class BCECPublicKey
{
if (q instanceof org.bouncycastle.math.ec.ECPoint.Fp)
{
- return new org.bouncycastle.math.ec.ECPoint.Fp(null, q.getX(), q.getY());
+ return new org.bouncycastle.math.ec.ECPoint.Fp(null, q.getAffineXCoord(), q.getAffineYCoord());
}
else
{
- return new org.bouncycastle.math.ec.ECPoint.F2m(null, q.getX(), q.getY());
+ return new org.bouncycastle.math.ec.ECPoint.F2m(null, q.getAffineXCoord(), q.getAffineYCoord());
}
}
@@ -392,8 +403,8 @@ public class BCECPublicKey
String nl = System.getProperty("line.separator");
buf.append("EC Public Key").append(nl);
- buf.append(" X: ").append(this.q.getX().toBigInteger().toString(16)).append(nl);
- buf.append(" Y: ").append(this.q.getY().toBigInteger().toString(16)).append(nl);
+ buf.append(" X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl);
+ buf.append(" Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl);
return buf.toString();
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
index c609d95..0556378 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
@@ -15,7 +15,7 @@ import javax.crypto.SecretKey;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.SecretKeySpec;
-import org.bouncycastle.asn1.DERObjectIdentifier;
+import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x9.X9IntegerConverter;
@@ -76,7 +76,7 @@ public class KeyAgreementSpi
private byte[] bigIntToBytes(
BigInteger r)
{
- return converter.integerToBytes(r, converter.getByteLength(parameters.getG().getX()));
+ return converter.integerToBytes(r, converter.getByteLength(parameters.getG().getAffineXCoord()));
}
protected KeyAgreementSpi(
@@ -185,7 +185,7 @@ public class KeyAgreementSpi
int keySize = ((Integer)algorithms.get(algorithm)).intValue();
- DHKDFParameters params = new DHKDFParameters(new DERObjectIdentifier(algorithm), keySize, secret);
+ DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(algorithm), keySize, secret);
byte[] keyBytes = new byte[keySize / 8];
kdf.init(params);
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
index 5e1a8a3..f47f8a2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
@@ -10,10 +10,7 @@ import java.security.spec.ECGenParameterSpec;
import java.util.Hashtable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTNamedCurves;
-import org.bouncycastle.asn1.sec.SECNamedCurves;
-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
-import org.bouncycastle.asn1.x9.X962NamedCurves;
+import org.bouncycastle.asn1.x9.ECNamedCurveTable;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
@@ -148,47 +145,23 @@ public abstract class KeyPairGeneratorSpi
curveName = ((ECNamedCurveGenParameterSpec)params).getName();
}
- X9ECParameters ecP = X962NamedCurves.getByName(curveName);
+ X9ECParameters ecP = ECNamedCurveTable.getByName(curveName);
if (ecP == null)
{
- ecP = SECNamedCurves.getByName(curveName);
- if (ecP == null)
+ // See if it's actually an OID string (SunJSSE ServerHandshaker setupEphemeralECDHKeys bug)
+ try
{
- ecP = NISTNamedCurves.getByName(curveName);
- }
- if (ecP == null)
- {
- ecP = TeleTrusTNamedCurves.getByName(curveName);
- }
- if (ecP == null)
- {
- // See if it's actually an OID string (SunJSSE ServerHandshaker setupEphemeralECDHKeys bug)
- try
+ ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(curveName);
+ ecP = ECNamedCurveTable.getByOID(oid);
+ if (ecP == null)
{
- ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(curveName);
- ecP = X962NamedCurves.getByOID(oid);
- if (ecP == null)
- {
- ecP = SECNamedCurves.getByOID(oid);
- }
- if (ecP == null)
- {
- ecP = NISTNamedCurves.getByOID(oid);
- }
- if (ecP == null)
- {
- ecP = TeleTrusTNamedCurves.getByOID(oid);
- }
- if (ecP == null)
- {
- throw new InvalidAlgorithmParameterException("unknown curve OID: " + curveName);
- }
- }
- catch (IllegalArgumentException ex)
- {
- throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName);
+ throw new InvalidAlgorithmParameterException("unknown curve OID: " + curveName);
}
}
+ catch (IllegalArgumentException ex)
+ {
+ throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName);
+ }
}
this.ecParams = new ECNamedCurveSpec(
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
index 29c50f4..e94746c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
@@ -25,6 +25,7 @@ import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.crypto.signers.ECNRSigner;
+import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase;
import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
@@ -73,6 +74,15 @@ public class SignatureSpi
}
}
+ static public class ecDetDSA
+ extends SignatureSpi
+ {
+ public ecDetDSA()
+ {
+ super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder());
+ }
+ }
+
static public class ecDSAnone
extends SignatureSpi
{
@@ -91,6 +101,15 @@ public class SignatureSpi
}
}
+ static public class ecDetDSA224
+ extends SignatureSpi
+ {
+ public ecDetDSA224()
+ {
+ super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder());
+ }
+ }
+
static public class ecDSA256
extends SignatureSpi
{
@@ -100,6 +119,15 @@ public class SignatureSpi
}
}
+ static public class ecDetDSA256
+ extends SignatureSpi
+ {
+ public ecDetDSA256()
+ {
+ super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder());
+ }
+ }
+
static public class ecDSA384
extends SignatureSpi
{
@@ -109,6 +137,15 @@ public class SignatureSpi
}
}
+ static public class ecDetDSA384
+ extends SignatureSpi
+ {
+ public ecDetDSA384()
+ {
+ super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder());
+ }
+ }
+
static public class ecDSA512
extends SignatureSpi
{
@@ -118,6 +155,15 @@ public class SignatureSpi
}
}
+ static public class ecDetDSA512
+ extends SignatureSpi
+ {
+ public ecDetDSA512()
+ {
+ super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder());
+ }
+ }
+
static public class ecDSARipeMD160
extends SignatureSpi
{
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java
index 88d81c0..2b1c3fa 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java
@@ -14,27 +14,32 @@ import java.util.Enumeration;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
+import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DERObjectIdentifier;
+import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962Parameters;
import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
import org.bouncycastle.jce.interfaces.ECPointEncoder;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
import org.bouncycastle.jce.spec.ECNamedCurveSpec;
import org.bouncycastle.math.ec.ECCurve;
@@ -43,10 +48,11 @@ public class BCECGOST3410PrivateKey
{
static final long serialVersionUID = 7245981689601667138L;
- private String algorithm = "ECGOST3410";
- private boolean withCompression;
+ private String algorithm = "ECGOST3410";
+ private boolean withCompression;
- private transient BigInteger d;
+ private transient GOST3410PublicKeyAlgParameters gostParams;
+ private transient BigInteger d;
private transient ECParameterSpec ecSpec;
private transient DERBitString publicKey;
private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
@@ -99,6 +105,7 @@ public class BCECGOST3410PrivateKey
this.withCompression = key.withCompression;
this.attrCarrier = key.attrCarrier;
this.publicKey = key.publicKey;
+ this.gostParams = key.gostParams;
}
public BCECGOST3410PrivateKey(
@@ -107,7 +114,7 @@ public class BCECGOST3410PrivateKey
BCECGOST3410PublicKey pubKey,
ECParameterSpec spec)
{
- ECDomainParameters dp = params.getParameters();
+ ECDomainParameters dp = params.getParameters();
this.algorithm = algorithm;
this.d = params.getD();
@@ -117,18 +124,20 @@ public class BCECGOST3410PrivateKey
EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
this.ecSpec = new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
- dp.getN(),
- dp.getH().intValue());
+ ellipticCurve,
+ new ECPoint(
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
+ dp.getN(),
+ dp.getH().intValue());
}
else
{
this.ecSpec = spec;
}
+ this.gostParams = pubKey.getGostParams();
+
publicKey = getPublicKeyDetails(pubKey);
}
@@ -138,7 +147,7 @@ public class BCECGOST3410PrivateKey
BCECGOST3410PublicKey pubKey,
org.bouncycastle.jce.spec.ECParameterSpec spec)
{
- ECDomainParameters dp = params.getParameters();
+ ECDomainParameters dp = params.getParameters();
this.algorithm = algorithm;
this.d = params.getD();
@@ -148,26 +157,28 @@ public class BCECGOST3410PrivateKey
EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
this.ecSpec = new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
- dp.getN(),
- dp.getH().intValue());
+ ellipticCurve,
+ new ECPoint(
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
+ dp.getN(),
+ dp.getH().intValue());
}
else
{
EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
+
this.ecSpec = new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- spec.getG().getX().toBigInteger(),
- spec.getG().getY().toBigInteger()),
- spec.getN(),
- spec.getH().intValue());
+ ellipticCurve,
+ new ECPoint(
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
+ spec.getN(),
+ spec.getH().intValue());
}
+ this.gostParams = pubKey.getGostParams();
+
publicKey = getPublicKeyDetails(pubKey);
}
@@ -190,72 +201,107 @@ public class BCECGOST3410PrivateKey
private void populateFromPrivKeyInfo(PrivateKeyInfo info)
throws IOException
{
- X962Parameters params = new X962Parameters((ASN1Primitive)info.getPrivateKeyAlgorithm().getParameters());
+ ASN1Primitive p = info.getPrivateKeyAlgorithm().getParameters().toASN1Primitive();
+
+ if (p instanceof ASN1Sequence && (ASN1Sequence.getInstance(p).size() == 2 || ASN1Sequence.getInstance(p).size() == 3))
+ {
+ gostParams = GOST3410PublicKeyAlgParameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
+
+ ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
- if (params.isNamedCurve())
+ ECCurve curve = spec.getCurve();
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
+
+ ecSpec = new ECNamedCurveSpec(
+ ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
+ ellipticCurve,
+ new ECPoint(
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
+ spec.getN(), spec.getH());
+
+ ASN1Encodable privKey = info.parsePrivateKey();
+
+ byte[] encVal = ASN1OctetString.getInstance(privKey).getOctets();
+ byte[] dVal = new byte[encVal.length];
+
+ for (int i = 0; i != encVal.length; i++)
+ {
+ dVal[i] = encVal[encVal.length - 1 - i];
+ }
+
+ this.d = new BigInteger(1, dVal);
+ }
+ else
{
- ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
- X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
+ // for backwards compatibility
+ X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
- if (ecP == null) // GOST Curve
+ if (params.isNamedCurve())
{
- ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
- EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
+ ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
+ X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
- ecSpec = new ECNamedCurveSpec(
+ if (ecP == null) // GOST Curve
+ {
+ ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
+
+ ecSpec = new ECNamedCurveSpec(
ECGOST3410NamedCurves.getName(oid),
ellipticCurve,
new ECPoint(
- gParam.getG().getX().toBigInteger(),
- gParam.getG().getY().toBigInteger()),
+ gParam.getG().getAffineXCoord().toBigInteger(),
+ gParam.getG().getAffineYCoord().toBigInteger()),
gParam.getN(),
gParam.getH());
- }
- else
- {
- EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
+ }
+ else
+ {
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
- ecSpec = new ECNamedCurveSpec(
+ ecSpec = new ECNamedCurveSpec(
ECUtil.getCurveName(oid),
ellipticCurve,
new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
+ ecP.getG().getAffineXCoord().toBigInteger(),
+ ecP.getG().getAffineYCoord().toBigInteger()),
ecP.getN(),
ecP.getH());
+ }
}
- }
- else if (params.isImplicitlyCA())
- {
- ecSpec = null;
- }
- else
- {
- X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
- EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
+ else if (params.isImplicitlyCA())
+ {
+ ecSpec = null;
+ }
+ else
+ {
+ X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
- this.ecSpec = new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
- ecP.getN(),
- ecP.getH().intValue());
- }
+ this.ecSpec = new ECParameterSpec(
+ ellipticCurve,
+ new ECPoint(
+ ecP.getG().getAffineXCoord().toBigInteger(),
+ ecP.getG().getAffineYCoord().toBigInteger()),
+ ecP.getN(),
+ ecP.getH().intValue());
+ }
- ASN1Encodable privKey = info.parsePrivateKey();
- if (privKey instanceof DERInteger)
- {
- DERInteger derD = DERInteger.getInstance(privKey);
+ ASN1Encodable privKey = info.parsePrivateKey();
+ if (privKey instanceof DERInteger)
+ {
+ DERInteger derD = DERInteger.getInstance(privKey);
- this.d = derD.getValue();
- }
- else
- {
- org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey);
+ this.d = derD.getValue();
+ }
+ else
+ {
+ org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey);
- this.d = ec.getKey();
- this.publicKey = ec.getPublicKey();
+ this.d = ec.getKey();
+ this.publicKey = ec.getPublicKey();
+ }
}
}
@@ -282,64 +328,92 @@ public class BCECGOST3410PrivateKey
*/
public byte[] getEncoded()
{
- X962Parameters params;
-
- if (ecSpec instanceof ECNamedCurveSpec)
+ if (gostParams != null)
{
- DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
- if (curveOid == null) // guess it's the OID
+ byte[] encKey = new byte[32];
+
+ extractBytes(encKey, 0, this.getS());
+
+ try
{
- curveOid = new DERObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
+ PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, gostParams), new DEROctetString(encKey));
+
+ return info.getEncoded(ASN1Encoding.DER);
+ }
+ catch (IOException e)
+ {
+ return null;
}
- params = new X962Parameters(curveOid);
- }
- else if (ecSpec == null)
- {
- params = new X962Parameters(DERNull.INSTANCE);
}
else
{
- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
+ X962Parameters params;
- X9ECParameters ecP = new X9ECParameters(
- curve,
- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
- ecSpec.getOrder(),
- BigInteger.valueOf(ecSpec.getCofactor()),
- ecSpec.getCurve().getSeed());
+ if (ecSpec instanceof ECNamedCurveSpec)
+ {
+ DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
+ if (curveOid == null) // guess it's the OID
+ {
+ curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
+ }
+ params = new X962Parameters(curveOid);
+ }
+ else if (ecSpec == null)
+ {
+ params = new X962Parameters(DERNull.INSTANCE);
+ }
+ else
+ {
+ ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
- params = new X962Parameters(ecP);
- }
-
- PrivateKeyInfo info;
- org.bouncycastle.asn1.sec.ECPrivateKey keyStructure;
+ X9ECParameters ecP = new X9ECParameters(
+ curve,
+ EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
+ ecSpec.getOrder(),
+ BigInteger.valueOf(ecSpec.getCofactor()),
+ ecSpec.getCurve().getSeed());
- if (publicKey != null)
- {
- keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(this.getS(), publicKey, params);
- }
- else
- {
- keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(this.getS(), params);
- }
+ params = new X962Parameters(ecP);
+ }
- try
- {
- if (algorithm.equals("ECGOST3410"))
+ PrivateKeyInfo info;
+ org.bouncycastle.asn1.sec.ECPrivateKey keyStructure;
+
+ if (publicKey != null)
{
- info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
+ keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(this.getS(), publicKey, params);
}
else
{
+ keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(this.getS(), params);
+ }
+
+ try
+ {
+ info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
- info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
+ return info.getEncoded(ASN1Encoding.DER);
}
+ catch (IOException e)
+ {
+ return null;
+ }
+ }
+ }
- return info.getEncoded(ASN1Encoding.DER);
+ private void extractBytes(byte[] encKey, int offSet, BigInteger bI)
+ {
+ byte[] val = bI.toByteArray();
+ if (val.length < 32)
+ {
+ byte[] tmp = new byte[32];
+ System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
+ val = tmp;
}
- catch (IOException e)
+
+ for (int i = 0; i != 32; i++)
{
- return null;
+ encKey[offSet + i] = val[val.length - 1 - i];
}
}
@@ -354,7 +428,7 @@ public class BCECGOST3410PrivateKey
{
return null;
}
-
+
return EC5Util.convertSpec(ecSpec, withCompression);
}
@@ -377,10 +451,10 @@ public class BCECGOST3410PrivateKey
{
return d;
}
-
+
public void setBagAttribute(
ASN1ObjectIdentifier oid,
- ASN1Encodable attribute)
+ ASN1Encodable attribute)
{
attrCarrier.setBagAttribute(oid, attribute);
}
@@ -398,7 +472,7 @@ public class BCECGOST3410PrivateKey
public void setPointFormat(String style)
{
- withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
+ withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
}
public boolean equals(Object o)
@@ -420,8 +494,8 @@ public class BCECGOST3410PrivateKey
public String toString()
{
- StringBuffer buf = new StringBuffer();
- String nl = System.getProperty("line.separator");
+ StringBuffer buf = new StringBuffer();
+ String nl = System.getProperty("line.separator");
buf.append("EC Private Key").append(nl);
buf.append(" S: ").append(this.d.toString(16)).append(nl);
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java
index b7a1170..650855e 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java
@@ -11,12 +11,9 @@ import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
@@ -25,13 +22,9 @@ import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x9.X962Parameters;
import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ECPoint;
-import org.bouncycastle.asn1.x9.X9IntegerConverter;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
import org.bouncycastle.jce.interfaces.ECPointEncoder;
@@ -45,12 +38,12 @@ public class BCECGOST3410PublicKey
{
static final long serialVersionUID = 7026240464295649314L;
- private String algorithm = "ECGOST3410";
- private boolean withCompression;
+ private String algorithm = "ECGOST3410";
+ private boolean withCompression;
private transient org.bouncycastle.math.ec.ECPoint q;
- private transient ECParameterSpec ecSpec;
- private transient GOST3410PublicKeyAlgParameters gostParams;
+ private transient ECParameterSpec ecSpec;
+ private transient GOST3410PublicKeyAlgParameters gostParams;
public BCECGOST3410PublicKey(
BCECGOST3410PublicKey key)
@@ -60,7 +53,7 @@ public class BCECGOST3410PublicKey
this.withCompression = key.withCompression;
this.gostParams = key.gostParams;
}
-
+
public BCECGOST3410PublicKey(
ECPublicKeySpec spec)
{
@@ -86,18 +79,18 @@ public class BCECGOST3410PublicKey
{
org.bouncycastle.jce.spec.ECParameterSpec s = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
- q = s.getCurve().createPoint(q.getX().toBigInteger(), q.getY().toBigInteger(), false);
- }
+ q = s.getCurve().createPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger());
+ }
this.ecSpec = null;
}
}
-
+
public BCECGOST3410PublicKey(
String algorithm,
ECPublicKeyParameters params,
ECParameterSpec spec)
{
- ECDomainParameters dp = params.getParameters();
+ ECDomainParameters dp = params.getParameters();
this.algorithm = algorithm;
this.q = params.getQ();
@@ -119,7 +112,7 @@ public class BCECGOST3410PublicKey
ECPublicKeyParameters params,
org.bouncycastle.jce.spec.ECParameterSpec spec)
{
- ECDomainParameters dp = params.getParameters();
+ ECDomainParameters dp = params.getParameters();
this.algorithm = algorithm;
this.q = params.getQ();
@@ -153,14 +146,14 @@ public class BCECGOST3410PublicKey
private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp)
{
return new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- dp.getG().getX().toBigInteger(),
- dp.getG().getY().toBigInteger()),
- dp.getN(),
- dp.getH().intValue());
+ ellipticCurve,
+ new ECPoint(
+ dp.getG().getAffineXCoord().toBigInteger(),
+ dp.getG().getAffineYCoord().toBigInteger()),
+ dp.getN(),
+ dp.getH().intValue());
}
-
+
public BCECGOST3410PublicKey(
ECPublicKey key)
{
@@ -177,125 +170,49 @@ public class BCECGOST3410PublicKey
private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
{
- if (info.getAlgorithm().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001))
- {
- DERBitString bits = info.getPublicKeyData();
- ASN1OctetString key;
- this.algorithm = "ECGOST3410";
-
- try
- {
- key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
- }
- catch (IOException ex)
- {
- throw new IllegalArgumentException("error recovering public key");
- }
-
- byte[] keyEnc = key.getOctets();
- byte[] x = new byte[32];
- byte[] y = new byte[32];
-
- for (int i = 0; i != x.length; i++)
- {
- x[i] = keyEnc[32 - 1 - i];
- }
-
- for (int i = 0; i != y.length; i++)
- {
- y[i] = keyEnc[64 - 1 - i];
- }
-
- gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithm().getParameters());
-
- ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
-
- ECCurve curve = spec.getCurve();
- EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
+ DERBitString bits = info.getPublicKeyData();
+ ASN1OctetString key;
+ this.algorithm = "ECGOST3410";
- this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
+ try
+ {
+ key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
+ }
+ catch (IOException ex)
+ {
+ throw new IllegalArgumentException("error recovering public key");
+ }
- ecSpec = new ECNamedCurveSpec(
- ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
- ellipticCurve,
- new ECPoint(
- spec.getG().getX().toBigInteger(),
- spec.getG().getY().toBigInteger()),
- spec.getN(), spec.getH());
+ byte[] keyEnc = key.getOctets();
+ byte[] x = new byte[32];
+ byte[] y = new byte[32];
+ for (int i = 0; i != x.length; i++)
+ {
+ x[i] = keyEnc[32 - 1 - i];
}
- else
+
+ for (int i = 0; i != y.length; i++)
{
- X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithm().getParameters());
- ECCurve curve;
- EllipticCurve ellipticCurve;
+ y[i] = keyEnc[64 - 1 - i];
+ }
- if (params.isNamedCurve())
- {
- ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)params.getParameters();
- X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
-
- curve = ecP.getCurve();
- ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
-
- ecSpec = new ECNamedCurveSpec(
- ECUtil.getCurveName(oid),
- ellipticCurve,
- new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
- ecP.getN(),
- ecP.getH());
- }
- else if (params.isImplicitlyCA())
- {
- ecSpec = null;
- curve = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getCurve();
- }
- else
- {
- X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
-
- curve = ecP.getCurve();
- ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
-
- this.ecSpec = new ECParameterSpec(
- ellipticCurve,
- new ECPoint(
- ecP.getG().getX().toBigInteger(),
- ecP.getG().getY().toBigInteger()),
- ecP.getN(),
- ecP.getH().intValue());
- }
+ gostParams = GOST3410PublicKeyAlgParameters.getInstance(info.getAlgorithm().getParameters());
- DERBitString bits = info.getPublicKeyData();
- byte[] data = bits.getBytes();
- ASN1OctetString key = new DEROctetString(data);
+ ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
- //
- // extra octet string - one of our old certs...
- //
- if (data[0] == 0x04 && data[1] == data.length - 2
- && (data[2] == 0x02 || data[2] == 0x03))
- {
- int qLength = new X9IntegerConverter().getByteLength(curve);
-
- if (qLength >= data.length - 3)
- {
- try
- {
- key = (ASN1OctetString) ASN1Primitive.fromByteArray(data);
- }
- catch (IOException ex)
- {
- throw new IllegalArgumentException("error recovering public key");
- }
- }
- }
- X9ECPoint derQ = new X9ECPoint(curve, key);
+ ECCurve curve = spec.getCurve();
+ EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
- this.q = derQ.getPoint();
- }
+ this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y));
+
+ ecSpec = new ECNamedCurveSpec(
+ ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
+ ellipticCurve,
+ new ECPoint(
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
+ spec.getN(), spec.getH());
}
public String getAlgorithm()
@@ -310,71 +227,23 @@ public class BCECGOST3410PublicKey
public byte[] getEncoded()
{
- ASN1Encodable params;
+ ASN1Encodable params;
SubjectPublicKeyInfo info;
- if (algorithm.equals("ECGOST3410"))
+ if (gostParams != null)
{
- if (gostParams != null)
- {
- params = gostParams;
- }
- else
- {
- if (ecSpec instanceof ECNamedCurveSpec)
- {
- params = new GOST3410PublicKeyAlgParameters(
- ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
- CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
- }
- else
- { // strictly speaking this may not be applicable...
- ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
- X9ECParameters ecP = new X9ECParameters(
- curve,
- EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
- ecSpec.getOrder(),
- BigInteger.valueOf(ecSpec.getCofactor()),
- ecSpec.getCurve().getSeed());
-
- params = new X962Parameters(ecP);
- }
- }
-
- BigInteger bX = this.q.getX().toBigInteger();
- BigInteger bY = this.q.getY().toBigInteger();
- byte[] encKey = new byte[64];
-
- extractBytes(encKey, 0, bX);
- extractBytes(encKey, 32, bY);
-
- try
- {
- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
- }
- catch (IOException e)
- {
- return null;
- }
+ params = gostParams;
}
else
{
if (ecSpec instanceof ECNamedCurveSpec)
{
- ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
- if (curveOid == null)
- {
- curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
- }
- params = new X962Parameters(curveOid);
- }
- else if (ecSpec == null)
- {
- params = new X962Parameters(DERNull.INSTANCE);
+ params = new GOST3410PublicKeyAlgParameters(
+ ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
+ CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
}
else
- {
+ { // strictly speaking this may not be applicable...
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(
@@ -386,12 +255,22 @@ public class BCECGOST3410PublicKey
params = new X962Parameters(ecP);
}
+ }
+
+ BigInteger bX = this.q.getAffineXCoord().toBigInteger();
+ BigInteger bY = this.q.getAffineYCoord().toBigInteger();
+ byte[] encKey = new byte[64];
- ECCurve curve = this.engineGetQ().getCurve();
- ASN1OctetString p = (ASN1OctetString)
- new X9ECPoint(curve.createPoint(this.getQ().getX().toBigInteger(), this.getQ().getY().toBigInteger(), withCompression)).toASN1Primitive();
+ extractBytes(encKey, 0, bX);
+ extractBytes(encKey, 32, bY);
- info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
+ try
+ {
+ info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
+ }
+ catch (IOException e)
+ {
+ return null;
}
return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
@@ -430,7 +309,7 @@ public class BCECGOST3410PublicKey
public ECPoint getW()
{
- return new ECPoint(q.getX().toBigInteger(), q.getY().toBigInteger());
+ return new ECPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger());
}
public org.bouncycastle.math.ec.ECPoint getQ()
@@ -439,11 +318,11 @@ public class BCECGOST3410PublicKey
{
if (q instanceof org.bouncycastle.math.ec.ECPoint.Fp)
{
- return new org.bouncycastle.math.ec.ECPoint.Fp(null, q.getX(), q.getY());
+ return new org.bouncycastle.math.ec.ECPoint.Fp(null, q.getAffineXCoord(), q.getAffineYCoord());
}
else
{
- return new org.bouncycastle.math.ec.ECPoint.F2m(null, q.getX(), q.getY());
+ return new org.bouncycastle.math.ec.ECPoint.F2m(null, q.getAffineXCoord(), q.getAffineYCoord());
}
}
@@ -467,19 +346,19 @@ public class BCECGOST3410PublicKey
public String toString()
{
- StringBuffer buf = new StringBuffer();
- String nl = System.getProperty("line.separator");
+ StringBuffer buf = new StringBuffer();
+ String nl = System.getProperty("line.separator");
buf.append("EC Public Key").append(nl);
- buf.append(" X: ").append(this.q.getX().toBigInteger().toString(16)).append(nl);
- buf.append(" Y: ").append(this.q.getY().toBigInteger().toString(16)).append(nl);
+ buf.append(" X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl);
+ buf.append(" Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl);
return buf.toString();
}
-
+
public void setPointFormat(String style)
{
- withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
+ withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
}
public boolean equals(Object o)
@@ -518,4 +397,9 @@ public class BCECGOST3410PublicKey
out.writeObject(this.getEncoded());
}
+
+ public GOST3410PublicKeyAlgParameters getGostParams()
+ {
+ return gostParams;
+ }
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java
index ce0e603..a2114fa 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java
@@ -1,6 +1,9 @@
package org.bouncycastle.jcajce.provider.asymmetric.rsa;
import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.OptionalDataException;
import java.math.BigInteger;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPublicKeySpec;
@@ -15,14 +18,18 @@ import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
public class BCRSAPublicKey
implements RSAPublicKey
{
+ private static final AlgorithmIdentifier DEFAULT_ALGORITHM_IDENTIFIER = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE);
+
static final long serialVersionUID = 2675817738516720772L;
-
+
private BigInteger modulus;
private BigInteger publicExponent;
+ private transient AlgorithmIdentifier algorithmIdentifier;
BCRSAPublicKey(
RSAKeyParameters key)
{
+ this.algorithmIdentifier = DEFAULT_ALGORITHM_IDENTIFIER;
this.modulus = key.getModulus();
this.publicExponent = key.getExponent();
}
@@ -30,6 +37,7 @@ public class BCRSAPublicKey
BCRSAPublicKey(
RSAPublicKeySpec spec)
{
+ this.algorithmIdentifier = DEFAULT_ALGORITHM_IDENTIFIER;
this.modulus = spec.getModulus();
this.publicExponent = spec.getPublicExponent();
}
@@ -37,6 +45,7 @@ public class BCRSAPublicKey
BCRSAPublicKey(
RSAPublicKey key)
{
+ this.algorithmIdentifier = DEFAULT_ALGORITHM_IDENTIFIER;
this.modulus = key.getModulus();
this.publicExponent = key.getPublicExponent();
}
@@ -44,10 +53,16 @@ public class BCRSAPublicKey
BCRSAPublicKey(
SubjectPublicKeyInfo info)
{
+ populateFromPublicKeyInfo(info);
+ }
+
+ private void populateFromPublicKeyInfo(SubjectPublicKeyInfo info)
+ {
try
{
org.bouncycastle.asn1.pkcs.RSAPublicKey pubKey = org.bouncycastle.asn1.pkcs.RSAPublicKey.getInstance(info.parsePublicKey());
+ this.algorithmIdentifier = info.getAlgorithm();
this.modulus = pubKey.getModulus();
this.publicExponent = pubKey.getPublicExponent();
}
@@ -89,7 +104,7 @@ public class BCRSAPublicKey
public byte[] getEncoded()
{
- return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPublicKey(getModulus(), getPublicExponent()));
+ return KeyUtil.getEncodedSubjectPublicKeyInfo(algorithmIdentifier, new org.bouncycastle.asn1.pkcs.RSAPublicKey(getModulus(), getPublicExponent()));
}
public int hashCode()
@@ -126,4 +141,32 @@ public class BCRSAPublicKey
return buf.toString();
}
+
+ private void readObject(
+ ObjectInputStream in)
+ throws IOException, ClassNotFoundException
+ {
+ in.defaultReadObject();
+
+ try
+ {
+ algorithmIdentifier = AlgorithmIdentifier.getInstance(in.readObject());
+ }
+ catch (OptionalDataException e)
+ {
+ algorithmIdentifier = DEFAULT_ALGORITHM_IDENTIFIER;
+ }
+ }
+
+ private void writeObject(
+ ObjectOutputStream out)
+ throws IOException
+ {
+ out.defaultWriteObject();
+
+ if (!algorithmIdentifier.equals(DEFAULT_ALGORITHM_IDENTIFIER))
+ {
+ out.writeObject(algorithmIdentifier.getEncoded());
+ }
+ }
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
index d4065ac..5eea1b9 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
@@ -74,8 +74,8 @@ public class EC5Util
((ECNamedCurveParameterSpec)spec).getName(),
ellipticCurve,
new ECPoint(
- spec.getG().getX().toBigInteger(),
- spec.getG().getY().toBigInteger()),
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
spec.getN(),
spec.getH());
}
@@ -84,8 +84,8 @@ public class EC5Util
return new ECParameterSpec(
ellipticCurve,
new ECPoint(
- spec.getG().getX().toBigInteger(),
- spec.getG().getY().toBigInteger()),
+ spec.getG().getAffineXCoord().toBigInteger(),
+ spec.getG().getAffineYCoord().toBigInteger()),
spec.getN(),
spec.getH().intValue());
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLEntryObject.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLEntryObject.java
index 1888328..32e595c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLEntryObject.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLEntryObject.java
@@ -31,7 +31,7 @@ import org.bouncycastle.asn1.x509.X509Extension;
* ReasonCode Hode Instruction Code Invalidity Date Certificate Issuer
* (critical)
*/
-class X509CRLEntryObject extends X509CRLEntry
+public class X509CRLEntryObject extends X509CRLEntry
{
private TBSCertList.CRLEntry c;
@@ -39,7 +39,7 @@ class X509CRLEntryObject extends X509CRLEntry
private int hashValue;
private boolean isHashValueSet;
- public X509CRLEntryObject(TBSCertList.CRLEntry c)
+ protected X509CRLEntryObject(TBSCertList.CRLEntry c)
{
this.c = c;
this.certificateIssuer = null;
@@ -62,7 +62,7 @@ class X509CRLEntryObject extends X509CRLEntry
* @param previousCertificateIssuer
* Certificate issuer of the previous CRLEntry.
*/
- public X509CRLEntryObject(
+ protected X509CRLEntryObject(
TBSCertList.CRLEntry c,
boolean isIndirect,
X500Name previousCertificateIssuer)
@@ -211,6 +211,23 @@ class X509CRLEntryObject extends X509CRLEntry
return hashValue;
}
+ public boolean equals(Object o)
+ {
+ if (o == this)
+ {
+ return true;
+ }
+
+ if (o instanceof X509CRLEntryObject)
+ {
+ X509CRLEntryObject other = (X509CRLEntryObject)o;
+
+ return this.c.equals(other.c);
+ }
+
+ return super.equals(this);
+ }
+
public byte[] getEncoded()
throws CRLException
{
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLObject.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLObject.java
index 2fc0826..c7d0402 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLObject.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLObject.java
@@ -54,13 +54,15 @@ import org.bouncycastle.util.encoders.Hex;
* Delta CRL Indicator (critical)
* Issuing Distribution Point (critical)
*/
-class X509CRLObject
+public class X509CRLObject
extends X509CRL
{
private CertificateList c;
private String sigAlgName;
private byte[] sigAlgParams;
private boolean isIndirect;
+ private boolean isHashCodeSet = false;
+ private int hashCodeValue;
static boolean isIndirectCRL(X509CRL crl)
throws CRLException
@@ -78,7 +80,7 @@ class X509CRLObject
}
}
- public X509CRLObject(
+ protected X509CRLObject(
CertificateList c)
throws CRLException
{
@@ -522,19 +524,21 @@ class X509CRLObject
throw new RuntimeException("X.509 CRL used with non X.509 Cert");
}
- TBSCertList.CRLEntry[] certs = c.getRevokedCertificates();
+ Enumeration certs = c.getRevokedCertificateEnumeration();
X500Name caName = c.getIssuer();
- if (certs != null)
+ if (certs.hasMoreElements())
{
BigInteger serial = ((X509Certificate)cert).getSerialNumber();
- for (int i = 0; i < certs.length; i++)
+ while (certs.hasMoreElements())
{
- if (isIndirect && certs[i].hasExtensions())
+ TBSCertList.CRLEntry entry = TBSCertList.CRLEntry.getInstance(certs.nextElement());
+
+ if (isIndirect && entry.hasExtensions())
{
- Extension currentCaName = certs[i].getExtensions().getExtension(Extension.certificateIssuer);
+ Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
if (currentCaName != null)
{
@@ -542,7 +546,7 @@ class X509CRLObject
}
}
- if (certs[i].getUserCertificate().getValue().equals(serial))
+ if (entry.getUserCertificate().getValue().equals(serial))
{
X500Name issuer;
@@ -574,5 +578,50 @@ class X509CRLObject
return false;
}
+
+ public boolean equals(Object other)
+ {
+ if (this == other)
+ {
+ return true;
+ }
+
+ if (!(other instanceof X509CRL))
+ {
+ return false;
+ }
+
+ if (other instanceof X509CRLObject)
+ {
+ X509CRLObject crlObject = (X509CRLObject)other;
+
+ if (isHashCodeSet)
+ {
+ boolean otherIsHashCodeSet = crlObject.isHashCodeSet;
+ if (otherIsHashCodeSet)
+ {
+ if (crlObject.hashCodeValue != hashCodeValue)
+ {
+ return false;
+ }
+ }
+ }
+
+ return this.c.equals(crlObject.c);
+ }
+
+ return super.equals(other);
+ }
+
+ public int hashCode()
+ {
+ if (!isHashCodeSet)
+ {
+ isHashCodeSet = true;
+ hashCodeValue = super.hashCode();
+ }
+
+ return hashCodeValue;
+ }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 03:51:04 +0000