diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/jcajce/provider')
117 files changed, 14978 insertions, 2747 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java index d43924d..5b6b8c4 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java @@ -35,12 +35,10 @@ public class DH provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); - // provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); - // provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); - // END android-removed + provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES"); + provider.addAlgorithm("Cipher.DHIESwithAES", PREFIX + "IESCipher$IESwithAES"); + provider.addAlgorithm("Cipher.DHIESWITHAES", PREFIX + "IESCipher$IESwithAES"); + provider.addAlgorithm("Cipher.DHIESWITHDESEDE", PREFIX + "IESCipher$IESwithDESede"); registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi()); registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi()); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java index 7c402f3..2efffbf 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java @@ -27,55 +27,40 @@ public class DSA provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi"); provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi"); - // BEGIN android-changed - provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA"); - // END android-changed + provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA"); provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA"); provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA"); - // BEGIN android-removed - // provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); - // provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); - // provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); - // provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); - // provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); - // END android-removed + provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA"); + provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224"); + provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256"); + provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384"); + provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512"); addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224); addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256); - // BEGIN android-removed - // addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); - // addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); - // END android-removed + addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384); + addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512); - // BEGIN android-added - provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA"); - // END android-added - // BEGIN android-changed - provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); - provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA"); - provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA"); - provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA"); - provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA"); - provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); - provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA"); - provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA"); - provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA"); - // END android-changed + provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA"); + provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); - // END android-removed + provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10040.4.3", "DSA"); AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); for (int i = 0; i != DSAUtil.dsaOids.length; i++) { - // BEGIN android-changed - provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA"); - // END android-changed + provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA"); registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact); registerOidAlgorithmParameters(provider, DSAUtil.dsaOids[i], "DSA"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSTU4145.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSTU4145.java new file mode 100644 index 0000000..bdf167d --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSTU4145.java @@ -0,0 +1,42 @@ +package org.bouncycastle.jcajce.provider.asymmetric; + +import org.bouncycastle.asn1.ua.UAObjectIdentifiers; +import org.bouncycastle.jcajce.provider.asymmetric.dstu.KeyFactorySpi; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider; + +public class DSTU4145 +{ + private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".dstu."; + + public static class Mappings + extends AsymmetricAlgorithmProvider + { + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("KeyFactory.DSTU4145", PREFIX + "KeyFactorySpi"); + provider.addAlgorithm("Alg.Alias.KeyFactory.DSTU-4145-2002", "DSTU4145"); + provider.addAlgorithm("Alg.Alias.KeyFactory.DSTU4145-3410", "DSTU4145"); + + registerOid(provider, UAObjectIdentifiers.dstu4145le, "DSTU4145", new KeyFactorySpi()); + registerOidAlgorithmParameters(provider, UAObjectIdentifiers.dstu4145le, "DSTU4145"); + registerOid(provider, UAObjectIdentifiers.dstu4145be, "DSTU4145", new KeyFactorySpi()); + registerOidAlgorithmParameters(provider, UAObjectIdentifiers.dstu4145be, "DSTU4145"); + + provider.addAlgorithm("KeyPairGenerator.DSTU4145", PREFIX + "KeyPairGeneratorSpi"); + provider.addAlgorithm("Alg.Alias.KeyPairGenerator.DSTU-4145", "DSTU4145"); + provider.addAlgorithm("Alg.Alias.KeyPairGenerator.DSTU-4145-2002", "DSTU4145"); + + provider.addAlgorithm("Signature.DSTU4145", PREFIX + "SignatureSpi"); + provider.addAlgorithm("Alg.Alias.Signature.DSTU-4145", "DSTU4145"); + provider.addAlgorithm("Alg.Alias.Signature.DSTU-4145-2002", "DSTU4145"); + + addSignatureAlgorithm(provider, "GOST3411", "DSTU4145LE", PREFIX + "SignatureSpiLe", UAObjectIdentifiers.dstu4145le); + addSignatureAlgorithm(provider, "GOST3411", "DSTU4145", PREFIX + "SignatureSpi", UAObjectIdentifiers.dstu4145be); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java index 1266abd..d7b437c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java @@ -1,10 +1,8 @@ package org.bouncycastle.jcajce.provider.asymmetric; -// BEGIN android-removed -// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; -// import org.bouncycastle.asn1.eac.EACObjectIdentifiers; -// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed +import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers; +import org.bouncycastle.asn1.eac.EACObjectIdentifiers; +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; @@ -24,59 +22,45 @@ public class EC public void configure(ConfigurableProvider provider) { provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH"); - // BEGIN android-removed - // provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); - // provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); - // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); - // provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); - // provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); - // END android-removed + provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC"); + provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV"); + provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); + provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF"); + provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF"); registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC()); // TODO Should this be an alias for ECDH? registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC()); - // BEGIN android-removed - // registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); - // - // // Android comment: the registration below is causing CTS tests to fail and doesn't seem - // // to be implemented by bouncycastle (so looks like an bug in bouncycastle). - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); - // END android-removed + registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV()); + + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC"); // TODO Should this be an alias for ECDH? - // BEGIN android-removed - // // Android comment: the registration below is causing CTS tests to fail and doesn't seem - // // to be implemented by bouncycastle (so looks like an bug in bouncycastle). - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); - // registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); - // END android-removed + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC"); + registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC"); provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC"); - // BEGIN android-removed - // provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); - // provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); - // provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); - // provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); - // END android-removed + provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA"); + provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH"); + provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC"); + provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV"); provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC"); - // BEGIN android-removed - // provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); - // provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); - // provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); - // provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); - // - // provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); - // provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); - // provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); - // provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); - // provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); - // provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); - // provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); - // provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); - // provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); - // END android-removed + provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA"); + provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH"); + provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH"); + provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC"); + provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH"); + provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV"); + + provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES"); + provider.addAlgorithm("Cipher.ECIESwithAES", PREFIX + "IESCipher$ECIESwithAES"); + provider.addAlgorithm("Cipher.ECIESWITHAES", PREFIX + "IESCipher$ECIESwithAES"); + provider.addAlgorithm("Cipher.ECIESwithDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); + provider.addAlgorithm("Cipher.ECIESWITHDESEDE", PREFIX + "IESCipher$ECIESwithDESede"); + provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); + provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC"); + provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); + provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC"); provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA"); provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone"); @@ -88,43 +72,39 @@ public class EC provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA"); provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA"); provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); - // - // provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); - // provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); - // provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); - // provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); - // provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); - // provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); - // END android-removed + provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA"); + + provider.addAlgorithm("Signature.DETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); + provider.addAlgorithm("Signature.SHA1WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA"); + provider.addAlgorithm("Signature.SHA224WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA224"); + provider.addAlgorithm("Signature.SHA256WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA256"); + provider.addAlgorithm("Signature.SHA384WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA384"); + provider.addAlgorithm("Signature.SHA512WITHDETECDSA", PREFIX + "SignatureSpi$ecDetDSA512"); addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224); addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256); addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384); addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512); - // BEGIN android-removed - // addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); - // - // provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); - // provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); - // provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); - // provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); - // provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); - // - // addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); - // addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); - // addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); - // addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); - // addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); - // - // addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); - // addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); - // addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); - // addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); - // addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); - // addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); - // END android-removed + addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160); + + provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR"); + provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224"); + provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256"); + provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384"); + provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512"); + + addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1); + addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224); + addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256); + addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384); + addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512); + + addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1); + addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224); + addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256); + addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384); + addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512); + addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160); } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java new file mode 100644 index 0000000..d33126b --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java @@ -0,0 +1,39 @@ +package org.bouncycastle.jcajce.provider.asymmetric; + +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.jcajce.provider.asymmetric.ecgost.KeyFactorySpi; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider; + +public class ECGOST +{ + private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".ecgost."; + + public static class Mappings + extends AsymmetricAlgorithmProvider + { + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("KeyFactory.ECGOST3410", PREFIX + "KeyFactorySpi"); + provider.addAlgorithm("Alg.Alias.KeyFactory.GOST-3410-2001", "ECGOST3410"); + provider.addAlgorithm("Alg.Alias.KeyFactory.ECGOST-3410", "ECGOST3410"); + + registerOid(provider, CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410", new KeyFactorySpi()); + registerOidAlgorithmParameters(provider, CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410"); + + provider.addAlgorithm("KeyPairGenerator.ECGOST3410", PREFIX + "KeyPairGeneratorSpi"); + provider.addAlgorithm("Alg.Alias.KeyPairGenerator.ECGOST-3410", "ECGOST3410"); + provider.addAlgorithm("Alg.Alias.KeyPairGenerator.GOST-3410-2001", "ECGOST3410"); + + provider.addAlgorithm("Signature.ECGOST3410", PREFIX + "SignatureSpi"); + provider.addAlgorithm("Alg.Alias.Signature.ECGOST-3410", "ECGOST3410"); + provider.addAlgorithm("Alg.Alias.Signature.GOST-3410-2001", "ECGOST3410"); + + addSignatureAlgorithm(provider, "GOST3411", "ECGOST3410", PREFIX + "SignatureSpi", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ElGamal.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ElGamal.java new file mode 100644 index 0000000..8dfeed0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ElGamal.java @@ -0,0 +1,46 @@ +package org.bouncycastle.jcajce.provider.asymmetric; + +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.jcajce.provider.asymmetric.elgamal.KeyFactorySpi; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider; +import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter; + +public class ElGamal +{ + private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".elgamal."; + + public static class Mappings + extends AsymmetricAlgorithmProvider + { + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("AlgorithmParameterGenerator.ELGAMAL", PREFIX + "AlgorithmParameterGeneratorSpi"); + provider.addAlgorithm("AlgorithmParameterGenerator.ElGamal", PREFIX + "AlgorithmParameterGeneratorSpi"); + provider.addAlgorithm("AlgorithmParameters.ELGAMAL", PREFIX + "AlgorithmParametersSpi"); + provider.addAlgorithm("AlgorithmParameters.ElGamal", PREFIX + "AlgorithmParametersSpi"); + + provider.addAlgorithm("Cipher.ELGAMAL", PREFIX + "CipherSpi$NoPadding"); + provider.addAlgorithm("Cipher.ElGamal", PREFIX + "CipherSpi$NoPadding"); + provider.addAlgorithm("Alg.Alias.Cipher.ELGAMAL/ECB/PKCS1PADDING", "ELGAMAL/PKCS1"); + provider.addAlgorithm("Alg.Alias.Cipher.ELGAMAL/NONE/PKCS1PADDING", "ELGAMAL/PKCS1"); + provider.addAlgorithm("Alg.Alias.Cipher.ELGAMAL/NONE/NOPADDING", "ELGAMAL"); + + provider.addAlgorithm("Cipher.ELGAMAL/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("KeyFactory.ELGAMAL", PREFIX + "KeyFactorySpi"); + provider.addAlgorithm("KeyFactory.ElGamal", PREFIX + "KeyFactorySpi"); + + provider.addAlgorithm("KeyPairGenerator.ELGAMAL", PREFIX + "KeyPairGeneratorSpi"); + provider.addAlgorithm("KeyPairGenerator.ElGamal", PREFIX + "KeyPairGeneratorSpi"); + + AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi(); + + registerOid(provider, OIWObjectIdentifiers.elGamalAlgorithm, "ELGAMAL", keyFact); + registerOidAlgorithmParameters(provider, OIWObjectIdentifiers.elGamalAlgorithm, "ELGAMAL"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GOST.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GOST.java new file mode 100644 index 0000000..39ab20d --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GOST.java @@ -0,0 +1,49 @@ +package org.bouncycastle.jcajce.provider.asymmetric; + +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.jcajce.provider.asymmetric.gost.KeyFactorySpi; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider; + +public class GOST +{ + private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".gost."; + + public static class Mappings + extends AsymmetricAlgorithmProvider + { + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("KeyPairGenerator.GOST3410", PREFIX + "KeyPairGeneratorSpi"); + provider.addAlgorithm("Alg.Alias.KeyPairGenerator.GOST-3410", "GOST3410"); + provider.addAlgorithm("Alg.Alias.KeyPairGenerator.GOST-3410-94", "GOST3410"); + + provider.addAlgorithm("KeyFactory.GOST3410", PREFIX + "KeyFactorySpi"); + provider.addAlgorithm("Alg.Alias.KeyFactory.GOST-3410", "GOST3410"); + provider.addAlgorithm("Alg.Alias.KeyFactory.GOST-3410-94", "GOST3410"); + + + provider.addAlgorithm("AlgorithmParameters.GOST3410", PREFIX + "AlgorithmParametersSpi"); + provider.addAlgorithm("AlgorithmParameterGenerator.GOST3410", PREFIX + "AlgorithmParameterGeneratorSpi"); + + registerOid(provider, CryptoProObjectIdentifiers.gostR3410_94, "GOST3410", new KeyFactorySpi()); + registerOidAlgorithmParameters(provider, CryptoProObjectIdentifiers.gostR3410_94, "GOST3410"); + + provider.addAlgorithm("Signature.GOST3410", PREFIX + "SignatureSpi"); + provider.addAlgorithm("Alg.Alias.Signature.GOST-3410", "GOST3410"); + provider.addAlgorithm("Alg.Alias.Signature.GOST-3410-94", "GOST3410"); + provider.addAlgorithm("Alg.Alias.Signature.GOST3411withGOST3410", "GOST3410"); + provider.addAlgorithm("Alg.Alias.Signature.GOST3411WITHGOST3410", "GOST3410"); + provider.addAlgorithm("Alg.Alias.Signature.GOST3411WithGOST3410", "GOST3410"); + provider.addAlgorithm("Alg.Alias.Signature." + CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410"); + + + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.GOST-3410", "GOST3410"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.GOST-3410", "GOST3410"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/IES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/IES.java new file mode 100644 index 0000000..47cf3f6 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/IES.java @@ -0,0 +1,23 @@ +package org.bouncycastle.jcajce.provider.asymmetric; + +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider; + +public class IES +{ + private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".ies."; + + public static class Mappings + extends AsymmetricAlgorithmProvider + { + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("AlgorithmParameters.IES", PREFIX + "AlgorithmParametersSpi"); + provider.addAlgorithm("Cipher.IES", PREFIX + "CipherSpi$IES"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java index 37ca513..b65b859 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java @@ -3,9 +3,7 @@ package org.bouncycastle.jcajce.provider.asymmetric; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed -// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; @@ -28,47 +26,39 @@ public class RSA provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP"); provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); - // - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); - // - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); - // END android-removed + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS"); + + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS"); + + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS"); provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding"); - // BEGIN android-changed - provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA"); - // END android-changed - // BEGIN android-removed - // provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); - // provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); - // provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); - // provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); - // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); - // provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); - // END android-removed + provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding"); + provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher.1.2.840.113549.1.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher.2.5.8.1.1", PREFIX + "CipherSpi$PKCS1v1_5Padding"); + provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly"); + provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly"); + provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding"); + provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding"); + provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding"); provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA"); provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); - // provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); - // END android-removed + provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1"); + provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP"); + provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1"); provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi"); provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi"); @@ -78,89 +68,79 @@ public class RSA registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact); registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact); registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact); - // BEGIN android-removed - // registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); - // - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); - // registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); - // registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); - // - // - // provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); - // - // provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA"); - // provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA"); - // provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA"); - // provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA"); - // provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); - // provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); - // provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); - // provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); - // - // provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); - // provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); - // - // provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); - // provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); - // - // - // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); - // - // if (provider.hasAlgorithm("MessageDigest", "MD2")) - // { - // addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); - // } - // - // if (provider.hasAlgorithm("MessageDigest", "MD4")) - // { - // addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); - // } - // END android-removed + registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact); + + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA"); + registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA"); + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP"); + registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS"); + + + provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA"); + provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); + provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA"); + + provider.addAlgorithm("Signature.SHA224WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA224withRSA"); + provider.addAlgorithm("Signature.SHA256WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA256withRSA"); + provider.addAlgorithm("Signature.SHA384WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA384withRSA"); + provider.addAlgorithm("Signature.SHA512WITHRSAANDMGF1", PREFIX + "PSSSignatureSpi$SHA512withRSA"); + provider.addAlgorithm("Signature.SHA224withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA224withRSA"); + provider.addAlgorithm("Signature.SHA256withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA256withRSA"); + provider.addAlgorithm("Signature.SHA384withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA384withRSA"); + provider.addAlgorithm("Signature.SHA512withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA512withRSA"); + + provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA"); + provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS"); + + provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA"); + provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS"); + provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS"); + + + provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSAandMGF1", "SHA224withRSA/PSS"); + provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSAandMGF1", "SHA256withRSA/PSS"); + provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSAandMGF1", "SHA384withRSA/PSS"); + provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSAandMGF1", "SHA512withRSA/PSS"); + + if (provider.hasAlgorithm("MessageDigest", "MD2")) + { + addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption); + } + + if (provider.hasAlgorithm("MessageDigest", "MD4")) + { + addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption); + } if (provider.hasAlgorithm("MessageDigest", "MD5")) { addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption); - // END android-removed - // provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); - // provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); - // END android-removed + provider.addAlgorithm("Signature.MD5withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption"); + provider.addAlgorithm("Alg.Alias.Signature.MD5WithRSA/ISO9796-2", "MD5withRSA/ISO9796-2"); } if (provider.hasAlgorithm("MessageDigest", "SHA1")) { - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); - // provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); - // END android-removed + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS"); + provider.addAlgorithm("Signature.SHA1withRSA/PSS", PREFIX + "PSSSignatureSpi$SHA1withRSA"); + provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSAandMGF1", "SHA1withRSA/PSS"); + provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHRSAANDMGF1", "SHA1withRSA/PSS"); addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); - // provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); - // END android-removed + provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/ISO9796-2", "SHA1withRSA/ISO9796-2"); + provider.addAlgorithm("Signature.SHA1withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption"); provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31"); - // provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); - // END android-removed + provider.addAlgorithm("Alg.Alias.Signature.SHA1withRSA/X9.31", "SHA1WITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.SHA1WithRSA/X9.31", "SHA1WITHRSA/X9.31"); + provider.addAlgorithm("Signature.SHA1WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption"); } addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption); @@ -168,54 +148,52 @@ public class RSA addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption); addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31"); - // provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31"); - // provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31"); - // provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31"); - // provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); - // - // if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) - // { - // addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); - // addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); - // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); - // provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); - // } - // - // if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) - // { - // addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); - // addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); - // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); - // provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); - // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); - // provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); - // } - // - // if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) - // { - // addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); - // addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); - // } - // - // if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) - // { - // provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); - // provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); - // provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); - // } - // END android-removed + provider.addAlgorithm("Alg.Alias.Signature.SHA224withRSA/X9.31", "SHA224WITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.SHA224WithRSA/X9.31", "SHA224WITHRSA/X9.31"); + provider.addAlgorithm("Signature.SHA224WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption"); + provider.addAlgorithm("Alg.Alias.Signature.SHA256withRSA/X9.31", "SHA256WITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.SHA256WithRSA/X9.31", "SHA256WITHRSA/X9.31"); + provider.addAlgorithm("Signature.SHA256WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption"); + provider.addAlgorithm("Alg.Alias.Signature.SHA384withRSA/X9.31", "SHA384WITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.SHA384WithRSA/X9.31", "SHA384WITHRSA/X9.31"); + provider.addAlgorithm("Signature.SHA384WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption"); + provider.addAlgorithm("Alg.Alias.Signature.SHA512withRSA/X9.31", "SHA512WITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.SHA512WithRSA/X9.31", "SHA512WITHRSA/X9.31"); + provider.addAlgorithm("Signature.SHA512WITHRSA/X9.31", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption"); + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD128")) + { + addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128); + addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null); + provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128withRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.RIPEMD128WithRSA/X9.31", "RIPEMD128WITHRSA/X9.31"); + provider.addAlgorithm("Signature.RIPEMD128WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption"); + } + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD160")) + { + addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160); + addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null); + provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2"); + provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption"); + provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160withRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/X9.31", "RIPEMD160WITHRSA/X9.31"); + provider.addAlgorithm("Signature.RIPEMD160WITHRSA/X9.31", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption"); + } + + if (provider.hasAlgorithm("MessageDigest", "RIPEMD256")) + { + addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256); + addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null); + } + + if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL")) + { + provider.addAlgorithm("Alg.Alias.Signature.WhirlpoolWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLwithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); + provider.addAlgorithm("Alg.Alias.Signature.WHIRLPOOLWithRSA/X9.31", "WHIRLPOOLWITHRSA/X9.31"); + provider.addAlgorithm("Signature.WHIRLPOOLWITHRSA/X9.31", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption"); + } } private void addDigestSignature( diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java index a9fb6b2..5cbee90 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java @@ -18,10 +18,8 @@ public class X509 public void configure(ConfigurableProvider provider) { - // BEGIN android-removed - // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); - // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); - // END android-removed + provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory"); + provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509"); // // certificate factories. diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/IESCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/IESCipher.java new file mode 100644 index 0000000..df6b6f9 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/IESCipher.java @@ -0,0 +1,512 @@ +package org.bouncycastle.jcajce.provider.asymmetric.dh; + +import java.io.ByteArrayOutputStream; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Provider; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.Security; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.CipherSpi; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.ShortBufferException; +import javax.crypto.interfaces.DHKey; +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; + +import org.bouncycastle.crypto.InvalidCipherTextException; +import org.bouncycastle.crypto.KeyEncoder; +import org.bouncycastle.crypto.agreement.DHBasicAgreement; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.engines.AESEngine; +import org.bouncycastle.crypto.engines.DESedeEngine; +import org.bouncycastle.crypto.engines.IESEngine; +import org.bouncycastle.crypto.generators.DHKeyPairGenerator; +import org.bouncycastle.crypto.generators.EphemeralKeyPairGenerator; +import org.bouncycastle.crypto.generators.KDF2BytesGenerator; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher; +import org.bouncycastle.crypto.params.AsymmetricKeyParameter; +import org.bouncycastle.crypto.params.DHKeyGenerationParameters; +import org.bouncycastle.crypto.params.DHKeyParameters; +import org.bouncycastle.crypto.params.DHParameters; +import org.bouncycastle.crypto.params.DHPublicKeyParameters; +import org.bouncycastle.crypto.params.IESParameters; +import org.bouncycastle.crypto.params.IESWithCipherParameters; +import org.bouncycastle.crypto.parsers.DHIESPublicKeyParser; +import org.bouncycastle.jcajce.provider.asymmetric.util.DHUtil; +import org.bouncycastle.jcajce.provider.asymmetric.util.IESUtil; +import org.bouncycastle.jcajce.util.BCJcaJceHelper; +import org.bouncycastle.jcajce.util.JcaJceHelper; +import org.bouncycastle.jce.interfaces.IESKey; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.IESParameterSpec; +import org.bouncycastle.util.BigIntegers; +import org.bouncycastle.util.Strings; + + +public class IESCipher + extends CipherSpi +{ + private final JcaJceHelper helper = new BCJcaJceHelper(); + + private IESEngine engine; + private int state = -1; + private ByteArrayOutputStream buffer = new ByteArrayOutputStream(); + private AlgorithmParameters engineParam = null; + private IESParameterSpec engineSpec = null; + private AsymmetricKeyParameter key; + private SecureRandom random; + private boolean dhaesMode = false; + private AsymmetricKeyParameter otherKeyParameter = null; + + public IESCipher(IESEngine engine) + { + this.engine = engine; + } + + + public int engineGetBlockSize() + { + if (engine.getCipher() != null) + { + return engine.getCipher().getBlockSize(); + } + else + { + return 0; + } + } + + + public int engineGetKeySize(Key key) + { + if (key instanceof DHKey) + { + return ((DHKey)key).getParams().getP().bitLength(); + } + else + { + throw new IllegalArgumentException("not a DH key"); + } + } + + + public byte[] engineGetIV() + { + return null; + } + + public AlgorithmParameters engineGetParameters() + { + if (engineParam == null && engineSpec != null) + { + try + { + engineParam = helper.createAlgorithmParameters("IES"); + engineParam.init(engineSpec); + } + catch (Exception e) + { + throw new RuntimeException(e.toString()); + } + } + + return engineParam; + } + + + public void engineSetMode(String mode) + throws NoSuchAlgorithmException + { + String modeName = Strings.toUpperCase(mode); + + if (modeName.equals("NONE")) + { + dhaesMode = false; + } + else if (modeName.equals("DHAES")) + { + dhaesMode = true; + } + else + { + throw new IllegalArgumentException("can't support mode " + mode); + } + } + + public int engineGetOutputSize(int inputLen) + { + int len1, len2, len3; + + len1 = engine.getMac().getMacSize(); + + if (key != null) + { + len2 = ((DHKey)key).getParams().getP().bitLength() / 8 + 1; + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + if (engine.getCipher() == null) + { + len3 = inputLen; + } + else if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + len3 = engine.getCipher().getOutputSize(inputLen); + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + len3 = engine.getCipher().getOutputSize(inputLen - len1 - len2); + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + return buffer.size() + len1 + len2 + len3; + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + return buffer.size() - len1 - len2 + len3; + } + else + { + throw new IllegalStateException("IESCipher not initialised"); + } + + } + + public void engineSetPadding(String padding) + throws NoSuchPaddingException + { + String paddingName = Strings.toUpperCase(padding); + + // TDOD: make this meaningful... + if (paddingName.equals("NOPADDING")) + { + + } + else if (paddingName.equals("PKCS5PADDING") || paddingName.equals("PKCS7PADDING")) + { + + } + else + { + throw new NoSuchPaddingException("padding not available with IESCipher"); + } + } + + // Initialisation methods + + public void engineInit( + int opmode, + Key key, + AlgorithmParameters params, + SecureRandom random) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + AlgorithmParameterSpec paramSpec = null; + + if (params != null) + { + try + { + paramSpec = params.getParameterSpec(IESParameterSpec.class); + } + catch (Exception e) + { + throw new InvalidAlgorithmParameterException("cannot recognise parameters: " + e.toString()); + } + } + + engineParam = params; + engineInit(opmode, key, paramSpec, random); + } + + + public void engineInit( + int opmode, + Key key, + AlgorithmParameterSpec engineSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException, InvalidKeyException + { + // Use default parameters (including cipher key size) if none are specified + if (engineSpec == null) + { + this.engineSpec = IESUtil.guessParameterSpec(engine); + } + else if (engineSpec instanceof IESParameterSpec) + { + this.engineSpec = (IESParameterSpec)engineSpec; + } + else + { + throw new InvalidAlgorithmParameterException("must be passed IES parameters"); + } + + // Parse the recipient's key + if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE) + { + if (key instanceof DHPublicKey) + { + this.key = DHUtil.generatePublicKeyParameter((PublicKey)key); + } + else if (key instanceof IESKey) + { + IESKey ieKey = (IESKey)key; + + this.key = DHUtil.generatePublicKeyParameter(ieKey.getPublic()); + this.otherKeyParameter = DHUtil.generatePrivateKeyParameter(ieKey.getPrivate()); + } + else + { + throw new InvalidKeyException("must be passed recipient's public DH key for encryption"); + } + } + else if (opmode == Cipher.DECRYPT_MODE || opmode == Cipher.UNWRAP_MODE) + { + if (key instanceof DHPrivateKey) + { + this.key = DHUtil.generatePrivateKeyParameter((PrivateKey)key); + } + else if (key instanceof IESKey) + { + IESKey ieKey = (IESKey)key; + + this.otherKeyParameter = DHUtil.generatePublicKeyParameter(ieKey.getPublic()); + this.key = DHUtil.generatePrivateKeyParameter(ieKey.getPrivate()); + } + else + { + throw new InvalidKeyException("must be passed recipient's private DH key for decryption"); + } + } + else + { + throw new InvalidKeyException("must be passed EC key"); + } + + this.random = random; + this.state = opmode; + buffer.reset(); + + } + + + public void engineInit( + int opmode, + Key key, + SecureRandom random) + throws InvalidKeyException + { + try + { + engineInit(opmode, key, (AlgorithmParameterSpec)null, random); + } + catch (InvalidAlgorithmParameterException e) + { + throw new IllegalArgumentException("can't handle supplied parameter spec"); + } + + } + + + // Update methods - buffer the input + + public byte[] engineUpdate( + byte[] input, + int inputOffset, + int inputLen) + { + buffer.write(input, inputOffset, inputLen); + return null; + } + + + public int engineUpdate( + byte[] input, + int inputOffset, + int inputLen, + byte[] output, + int outputOffset) + { + buffer.write(input, inputOffset, inputLen); + return 0; + } + + + // Finalisation methods + + public byte[] engineDoFinal( + byte[] input, + int inputOffset, + int inputLen) + throws IllegalBlockSizeException, BadPaddingException + { + if (inputLen != 0) + { + buffer.write(input, inputOffset, inputLen); + } + + byte[] in = buffer.toByteArray(); + buffer.reset(); + + // Convert parameters for use in IESEngine + IESParameters params = new IESWithCipherParameters(engineSpec.getDerivationV(), + engineSpec.getEncodingV(), + engineSpec.getMacKeySize(), + engineSpec.getCipherKeySize()); + + DHParameters dhParams = ((DHKeyParameters)key).getParameters(); + + byte[] V; + if (otherKeyParameter != null) + { + try + { + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + engine.init(true, otherKeyParameter, key, params); + } + else + { + engine.init(false, key, otherKeyParameter, params); + } + return engine.processBlock(in, 0, in.length); + } + catch (Exception e) + { + throw new BadPaddingException(e.getMessage()); + } + } + + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + // Generate the ephemeral key pair + DHKeyPairGenerator gen = new DHKeyPairGenerator(); + gen.init(new DHKeyGenerationParameters(random, dhParams)); + + EphemeralKeyPairGenerator kGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder() + { + public byte[] getEncoded(AsymmetricKeyParameter keyParameter) + { + byte[] Vloc = new byte[(((DHKeyParameters)keyParameter).getParameters().getP().bitLength() + 7) / 8]; + byte[] Vtmp = BigIntegers.asUnsignedByteArray(((DHPublicKeyParameters)keyParameter).getY()); + + if (Vtmp.length > Vloc.length) + { + throw new IllegalArgumentException("Senders's public key longer than expected."); + } + else + { + System.arraycopy(Vtmp, 0, Vloc, Vloc.length - Vtmp.length, Vtmp.length); + } + + return Vloc; + } + }); + + // Encrypt the buffer + try + { + engine.init(key, params, kGen); + + return engine.processBlock(in, 0, in.length); + } + catch (Exception e) + { + throw new BadPaddingException(e.getMessage()); + } + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + // Decrypt the buffer + try + { + engine.init(key, params, new DHIESPublicKeyParser(((DHKeyParameters)key).getParameters())); + + return engine.processBlock(in, 0, in.length); + } + catch (InvalidCipherTextException e) + { + throw new BadPaddingException(e.getMessage()); + } + } + else + { + throw new IllegalStateException("IESCipher not initialised"); + } + + } + + + public int engineDoFinal( + byte[] input, + int inputOffset, + int inputLength, + byte[] output, + int outputOffset) + throws ShortBufferException, IllegalBlockSizeException, BadPaddingException + { + + byte[] buf = engineDoFinal(input, inputOffset, inputLength); + System.arraycopy(buf, 0, output, outputOffset, buf.length); + return buf.length; + + } + + /** + * Classes that inherit from us + */ + + static public class IES + extends IESCipher + { + public IES() + { + super(new IESEngine(new DHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()))); + } + } + + static public class IESwithDESede + extends IESCipher + { + public IESwithDESede() + { + super(new IESEngine(new DHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new DESedeEngine()))); + } + } + + static public class IESwithAES + extends IESCipher + { + public IESwithAES() + { + super(new IESEngine(new DHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new AESEngine()))); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java index bdda6a2..ade49b3 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java @@ -23,20 +23,13 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.digests.SHA224Digest; -// import org.bouncycastle.crypto.digests.SHA256Digest; -// import org.bouncycastle.crypto.digests.SHA384Digest; -// import org.bouncycastle.crypto.digests.SHA512Digest; -// END android-removed +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.digests.SHA224Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.SHA384Digest; +import org.bouncycastle.crypto.digests.SHA512Digest; import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed -// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; -// END android-removed +import org.bouncycastle.crypto.signers.HMacDSAKCalculator; public class DSASigner extends SignatureSpi @@ -224,102 +217,90 @@ public class DSASigner { public stdDSA() { - // BEGIN android-changed - super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed + super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner()); } } - // BEGIN android-removed - // static public class detDSA - // extends DSASigner - // { - // public detDSA() - // { - // super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); - // } - // } - // END android-removed + static public class detDSA + extends DSASigner + { + public detDSA() + { + super(new SHA1Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA1Digest()))); + } + } static public class dsa224 extends DSASigner { public dsa224() { - // BEGIN android-changed - super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed + super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner()); } } - // BEGIN android-removed - // static public class detDSA224 - // extends DSASigner - // { - // public detDSA224() - // { - // super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); - // } - // } - // END android-removed + static public class detDSA224 + extends DSASigner + { + public detDSA224() + { + super(new SHA224Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA224Digest()))); + } + } static public class dsa256 extends DSASigner { public dsa256() { - // BEGIN android-changed - super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner()); - // END android-changed + super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner()); } } - // BEGIN android-removed - // static public class detDSA256 - // extends DSASigner - // { - // public detDSA256() - // { - // super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); - // } - // } - // - // static public class dsa384 - // extends DSASigner - // { - // public dsa384() - // { - // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSA384 - // extends DSASigner - // { - // public detDSA384() - // { - // super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); - // } - // } - // - // static public class dsa512 - // extends DSASigner - // { - // public dsa512() - // { - // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); - // } - // } - // - // static public class detDSA512 - // extends DSASigner - // { - // public detDSA512() - // { - // super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); - // } - // } - // END android-removed + static public class detDSA256 + extends DSASigner + { + public detDSA256() + { + super(new SHA256Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA256Digest()))); + } + } + + static public class dsa384 + extends DSASigner + { + public dsa384() + { + super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSA384 + extends DSASigner + { + public detDSA384() + { + super(new SHA384Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA384Digest()))); + } + } + + static public class dsa512 + extends DSASigner + { + public dsa512() + { + super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner()); + } + } + + static public class detDSA512 + extends DSASigner + { + public detDSA512() + { + super(new SHA512Digest(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(new SHA512Digest()))); + } + } static public class noneDSA extends DSASigner diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java index c7e2aa9..5e940ec 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java @@ -23,9 +23,6 @@ public class DSAUtil public static final ASN1ObjectIdentifier[] dsaOids = { X9ObjectIdentifiers.id_dsa, - // BEGIN android-added - X9ObjectIdentifiers.id_dsa_with_sha1, - // END android-added OIWObjectIdentifiers.dsaWithSHA1 }; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java new file mode 100644 index 0000000..27d4b45 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java @@ -0,0 +1,471 @@ +package org.bouncycastle.jcajce.provider.asymmetric.dstu; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.security.interfaces.ECPrivateKey; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; +import java.security.spec.ECPrivateKeySpec; +import java.security.spec.EllipticCurve; +import java.util.Enumeration; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.DERNull; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.ua.DSTU4145NamedCurves; +import org.bouncycastle.asn1.ua.UAObjectIdentifiers; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x9.X962Parameters; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.crypto.params.ECPrivateKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; +import org.bouncycastle.jce.interfaces.ECPointEncoder; +import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECNamedCurveSpec; +import org.bouncycastle.math.ec.ECCurve; + +public class BCDSTU4145PrivateKey + implements ECPrivateKey, org.bouncycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder +{ + static final long serialVersionUID = 7245981689601667138L; + + private String algorithm = "DSTU4145"; + private boolean withCompression; + + private transient BigInteger d; + private transient ECParameterSpec ecSpec; + private transient DERBitString publicKey; + private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl(); + + protected BCDSTU4145PrivateKey() + { + } + + public BCDSTU4145PrivateKey( + ECPrivateKey key) + { + this.d = key.getS(); + this.algorithm = key.getAlgorithm(); + this.ecSpec = key.getParams(); + } + + public BCDSTU4145PrivateKey( + org.bouncycastle.jce.spec.ECPrivateKeySpec spec) + { + this.d = spec.getD(); + + if (spec.getParams() != null) // can be null if implicitlyCA + { + ECCurve curve = spec.getParams().getCurve(); + EllipticCurve ellipticCurve; + + ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams()); + } + else + { + this.ecSpec = null; + } + } + + + public BCDSTU4145PrivateKey( + ECPrivateKeySpec spec) + { + this.d = spec.getS(); + this.ecSpec = spec.getParams(); + } + + public BCDSTU4145PrivateKey( + BCDSTU4145PrivateKey key) + { + this.d = key.d; + this.ecSpec = key.ecSpec; + this.withCompression = key.withCompression; + this.attrCarrier = key.attrCarrier; + this.publicKey = key.publicKey; + } + + public BCDSTU4145PrivateKey( + String algorithm, + ECPrivateKeyParameters params, + BCDSTU4145PublicKey pubKey, + ECParameterSpec spec) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.d = params.getD(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + else + { + this.ecSpec = spec; + } + + publicKey = getPublicKeyDetails(pubKey); + } + + public BCDSTU4145PrivateKey( + String algorithm, + ECPrivateKeyParameters params, + BCDSTU4145PublicKey pubKey, + org.bouncycastle.jce.spec.ECParameterSpec spec) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.d = params.getD(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + else + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + spec.getG().getAffineXCoord().toBigInteger(), + spec.getG().getAffineYCoord().toBigInteger()), + spec.getN(), + spec.getH().intValue()); + } + + publicKey = getPublicKeyDetails(pubKey); + } + + public BCDSTU4145PrivateKey( + String algorithm, + ECPrivateKeyParameters params) + { + this.algorithm = algorithm; + this.d = params.getD(); + this.ecSpec = null; + } + + BCDSTU4145PrivateKey( + PrivateKeyInfo info) + throws IOException + { + populateFromPrivKeyInfo(info); + } + + private void populateFromPrivKeyInfo(PrivateKeyInfo info) + throws IOException + { + X962Parameters params = new X962Parameters((ASN1Primitive)info.getPrivateKeyAlgorithm().getParameters()); + + if (params.isNamedCurve()) + { + ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); + X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); + + if (ecP == null) // DSTU Curve + { + ECDomainParameters gParam = DSTU4145NamedCurves.getByOID(oid); + EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); + + ecSpec = new ECNamedCurveSpec( + oid.getId(), + ellipticCurve, + new ECPoint( + gParam.getG().getAffineXCoord().toBigInteger(), + gParam.getG().getAffineYCoord().toBigInteger()), + gParam.getN(), + gParam.getH()); + } + else + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); + + ecSpec = new ECNamedCurveSpec( + ECUtil.getCurveName(oid), + ellipticCurve, + new ECPoint( + ecP.getG().getAffineXCoord().toBigInteger(), + ecP.getG().getAffineYCoord().toBigInteger()), + ecP.getN(), + ecP.getH()); + } + } + else if (params.isImplicitlyCA()) + { + ecSpec = null; + } + else + { + X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters()); + EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + ecP.getG().getAffineXCoord().toBigInteger(), + ecP.getG().getAffineYCoord().toBigInteger()), + ecP.getN(), + ecP.getH().intValue()); + } + + ASN1Encodable privKey = info.parsePrivateKey(); + if (privKey instanceof ASN1Integer) + { + ASN1Integer derD = ASN1Integer.getInstance(privKey); + + this.d = derD.getValue(); + } + else + { + org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey); + + this.d = ec.getKey(); + this.publicKey = ec.getPublicKey(); + } + } + + public String getAlgorithm() + { + return algorithm; + } + + /** + * return the encoding format we produce in getEncoded(). + * + * @return the string "PKCS#8" + */ + public String getFormat() + { + return "PKCS#8"; + } + + /** + * Return a PKCS8 representation of the key. The sequence returned + * represents a full PrivateKeyInfo object. + * + * @return a PKCS8 representation of the key. + */ + public byte[] getEncoded() + { + X962Parameters params; + int orderBitLength; + + if (ecSpec instanceof ECNamedCurveSpec) + { + ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName()); + if (curveOid == null) // guess it's the OID + { + curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName()); + } + params = new X962Parameters(curveOid); + orderBitLength = ECUtil.getOrderBitLength(ecSpec.getOrder(), this.getS()); + } + else if (ecSpec == null) + { + params = new X962Parameters(DERNull.INSTANCE); + orderBitLength = ECUtil.getOrderBitLength(null, this.getS()); + } + else + { + ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + + X9ECParameters ecP = new X9ECParameters( + curve, + EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + ecSpec.getOrder(), + BigInteger.valueOf(ecSpec.getCofactor()), + ecSpec.getCurve().getSeed()); + + params = new X962Parameters(ecP); + orderBitLength = ECUtil.getOrderBitLength(ecSpec.getOrder(), this.getS()); + } + + PrivateKeyInfo info; + org.bouncycastle.asn1.sec.ECPrivateKey keyStructure; + + if (publicKey != null) + { + keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), publicKey, params); + } + else + { + keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), params); + } + + try + { + if (algorithm.equals("DSTU4145")) + { + info = new PrivateKeyInfo(new AlgorithmIdentifier(UAObjectIdentifiers.dstu4145be, params.toASN1Primitive()), keyStructure.toASN1Primitive()); + } + else + { + + info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive()); + } + + return info.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + return null; + } + } + + public ECParameterSpec getParams() + { + return ecSpec; + } + + public org.bouncycastle.jce.spec.ECParameterSpec getParameters() + { + if (ecSpec == null) + { + return null; + } + + return EC5Util.convertSpec(ecSpec, withCompression); + } + + org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec() + { + if (ecSpec != null) + { + return EC5Util.convertSpec(ecSpec, withCompression); + } + + return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + } + + public BigInteger getS() + { + return d; + } + + public BigInteger getD() + { + return d; + } + + public void setBagAttribute( + ASN1ObjectIdentifier oid, + ASN1Encodable attribute) + { + attrCarrier.setBagAttribute(oid, attribute); + } + + public ASN1Encodable getBagAttribute( + ASN1ObjectIdentifier oid) + { + return attrCarrier.getBagAttribute(oid); + } + + public Enumeration getBagAttributeKeys() + { + return attrCarrier.getBagAttributeKeys(); + } + + public void setPointFormat(String style) + { + withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style)); + } + + public boolean equals(Object o) + { + if (!(o instanceof BCDSTU4145PrivateKey)) + { + return false; + } + + BCDSTU4145PrivateKey other = (BCDSTU4145PrivateKey)o; + + return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec())); + } + + public int hashCode() + { + return getD().hashCode() ^ engineGetSpec().hashCode(); + } + + public String toString() + { + StringBuffer buf = new StringBuffer(); + String nl = System.getProperty("line.separator"); + + buf.append("EC Private Key").append(nl); + buf.append(" S: ").append(this.d.toString(16)).append(nl); + + return buf.toString(); + + } + + private DERBitString getPublicKeyDetails(BCDSTU4145PublicKey pub) + { + try + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pub.getEncoded())); + + return info.getPublicKeyData(); + } + catch (IOException e) + { // should never happen + return null; + } + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + byte[] enc = (byte[])in.readObject(); + + populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc))); + + this.attrCarrier = new PKCS12BagAttributeCarrierImpl(); + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + out.writeObject(this.getEncoded()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java new file mode 100644 index 0000000..11c52a7 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java @@ -0,0 +1,431 @@ +package org.bouncycastle.jcajce.provider.asymmetric.dstu; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.security.interfaces.ECPublicKey; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; +import java.security.spec.ECPublicKeySpec; +import java.security.spec.EllipticCurve; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.ua.DSTU4145BinaryField; +import org.bouncycastle.asn1.ua.DSTU4145ECBinary; +import org.bouncycastle.asn1.ua.DSTU4145NamedCurves; +import org.bouncycastle.asn1.ua.DSTU4145Params; +import org.bouncycastle.asn1.ua.DSTU4145PointEncoder; +import org.bouncycastle.asn1.ua.UAObjectIdentifiers; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x9.X962Parameters; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.crypto.params.ECPublicKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; +import org.bouncycastle.jce.interfaces.ECPointEncoder; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; +import org.bouncycastle.jce.spec.ECNamedCurveSpec; +import org.bouncycastle.math.ec.ECCurve; +import org.bouncycastle.math.ec.custom.sec.SecP256K1Point; +import org.bouncycastle.math.ec.custom.sec.SecP256R1Point; + +public class BCDSTU4145PublicKey + implements ECPublicKey, org.bouncycastle.jce.interfaces.ECPublicKey, ECPointEncoder +{ + static final long serialVersionUID = 7026240464295649314L; + + private String algorithm = "DSTU4145"; + private boolean withCompression; + + private transient org.bouncycastle.math.ec.ECPoint q; + private transient ECParameterSpec ecSpec; + private transient DSTU4145Params dstuParams; + + public BCDSTU4145PublicKey( + BCDSTU4145PublicKey key) + { + this.q = key.q; + this.ecSpec = key.ecSpec; + this.withCompression = key.withCompression; + this.dstuParams = key.dstuParams; + } + + public BCDSTU4145PublicKey( + ECPublicKeySpec spec) + { + this.ecSpec = spec.getParams(); + this.q = EC5Util.convertPoint(ecSpec, spec.getW(), false); + } + + public BCDSTU4145PublicKey( + org.bouncycastle.jce.spec.ECPublicKeySpec spec) + { + this.q = spec.getQ(); + + if (spec.getParams() != null) // can be null if implictlyCa + { + ECCurve curve = spec.getParams().getCurve(); + EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams()); + } + else + { + if (q.getCurve() == null) + { + org.bouncycastle.jce.spec.ECParameterSpec s = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + q = s.getCurve().createPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger()); + } + this.ecSpec = null; + } + } + + public BCDSTU4145PublicKey( + String algorithm, + ECPublicKeyParameters params, + ECParameterSpec spec) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.q = params.getQ(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = createSpec(ellipticCurve, dp); + } + else + { + this.ecSpec = spec; + } + } + + public BCDSTU4145PublicKey( + String algorithm, + ECPublicKeyParameters params, + org.bouncycastle.jce.spec.ECParameterSpec spec) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.q = params.getQ(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = createSpec(ellipticCurve, dp); + } + else + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec); + } + } + + /* + * called for implicitCA + */ + public BCDSTU4145PublicKey( + String algorithm, + ECPublicKeyParameters params) + { + this.algorithm = algorithm; + this.q = params.getQ(); + this.ecSpec = null; + } + + private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp) + { + return new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + + public BCDSTU4145PublicKey( + ECPublicKey key) + { + this.algorithm = key.getAlgorithm(); + this.ecSpec = key.getParams(); + this.q = EC5Util.convertPoint(this.ecSpec, key.getW(), false); + } + + BCDSTU4145PublicKey( + SubjectPublicKeyInfo info) + { + populateFromPubKeyInfo(info); + } + + private void reverseBytes(byte[] bytes) + { + byte tmp; + + for (int i = 0; i < bytes.length / 2; i++) + { + tmp = bytes[i]; + bytes[i] = bytes[bytes.length - 1 - i]; + bytes[bytes.length - 1 - i] = tmp; + } + } + + private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) + { + DERBitString bits = info.getPublicKeyData(); + ASN1OctetString key; + this.algorithm = "DSTU4145"; + + try + { + key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes()); + } + catch (IOException ex) + { + throw new IllegalArgumentException("error recovering public key"); + } + + byte[] keyEnc = key.getOctets(); + + if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) + { + reverseBytes(keyEnc); + } + + dstuParams = DSTU4145Params.getInstance((ASN1Sequence)info.getAlgorithm().getParameters()); + + //ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); + org.bouncycastle.jce.spec.ECParameterSpec spec = null; + if (dstuParams.isNamedCurve()) + { + ASN1ObjectIdentifier curveOid = dstuParams.getNamedCurve(); + ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(curveOid); + + spec = new ECNamedCurveParameterSpec(curveOid.getId(), ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed()); + } + else + { + DSTU4145ECBinary binary = dstuParams.getECBinary(); + byte[] b_bytes = binary.getB(); + if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) + { + reverseBytes(b_bytes); + } + DSTU4145BinaryField field = binary.getField(); + ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes)); + byte[] g_bytes = binary.getG(); + if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le)) + { + reverseBytes(g_bytes); + } + spec = new org.bouncycastle.jce.spec.ECParameterSpec(curve, DSTU4145PointEncoder.decodePoint(curve, g_bytes), binary.getN()); + } + + ECCurve curve = spec.getCurve(); + EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); + + //this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false); + this.q = DSTU4145PointEncoder.decodePoint(curve, keyEnc); + + if (dstuParams.isNamedCurve()) + { + ecSpec = new ECNamedCurveSpec( + dstuParams.getNamedCurve().getId(), + ellipticCurve, + new ECPoint( + spec.getG().getAffineXCoord().toBigInteger(), + spec.getG().getAffineYCoord().toBigInteger()), + spec.getN(), spec.getH()); + } + else + { + ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + spec.getG().getAffineXCoord().toBigInteger(), + spec.getG().getAffineYCoord().toBigInteger()), + spec.getN(), spec.getH().intValue()); + } + } + + public byte[] getSbox() + { + if (null != dstuParams) + { + return dstuParams.getDKE(); + } + else + { + return DSTU4145Params.getDefaultDKE(); + } + } + + public String getAlgorithm() + { + return algorithm; + } + + public String getFormat() + { + return "X.509"; + } + + public byte[] getEncoded() + { + ASN1Encodable params; + SubjectPublicKeyInfo info; + + if (dstuParams != null) + { + params = dstuParams; + } + else + { + if (ecSpec instanceof ECNamedCurveSpec) + { + params = new DSTU4145Params(new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName())); + } + else + { // strictly speaking this may not be applicable... + ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + + X9ECParameters ecP = new X9ECParameters( + curve, + EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + ecSpec.getOrder(), + BigInteger.valueOf(ecSpec.getCofactor()), + ecSpec.getCurve().getSeed()); + + params = new X962Parameters(ecP); + } + } + + byte[] encKey = DSTU4145PointEncoder.encodePoint(this.q); + + try + { + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(UAObjectIdentifiers.dstu4145be, params), new DEROctetString(encKey)); + } + catch (IOException e) + { + return null; + } + + return KeyUtil.getEncodedSubjectPublicKeyInfo(info); + } + + public ECParameterSpec getParams() + { + return ecSpec; + } + + public org.bouncycastle.jce.spec.ECParameterSpec getParameters() + { + if (ecSpec == null) // implictlyCA + { + return null; + } + + return EC5Util.convertSpec(ecSpec, withCompression); + } + + public ECPoint getW() + { + return new ECPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger()); + } + + public org.bouncycastle.math.ec.ECPoint getQ() + { + if (ecSpec == null) + { + return q.getDetachedPoint(); + } + + return q; + } + + public org.bouncycastle.math.ec.ECPoint engineGetQ() + { + return q; + } + + org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec() + { + if (ecSpec != null) + { + return EC5Util.convertSpec(ecSpec, withCompression); + } + + return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + } + + public String toString() + { + StringBuffer buf = new StringBuffer(); + String nl = System.getProperty("line.separator"); + + buf.append("EC Public Key").append(nl); + buf.append(" X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl); + buf.append(" Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl); + + return buf.toString(); + } + + public void setPointFormat(String style) + { + withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style)); + } + + public boolean equals(Object o) + { + if (!(o instanceof BCDSTU4145PublicKey)) + { + return false; + } + + BCDSTU4145PublicKey other = (BCDSTU4145PublicKey)o; + + return engineGetQ().equals(other.engineGetQ()) && (engineGetSpec().equals(other.engineGetSpec())); + } + + public int hashCode() + { + return engineGetQ().hashCode() ^ engineGetSpec().hashCode(); + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + byte[] enc = (byte[])in.readObject(); + + populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc))); + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + out.writeObject(this.getEncoded()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyFactorySpi.java new file mode 100644 index 0000000..95a91de --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyFactorySpi.java @@ -0,0 +1,166 @@ +package org.bouncycastle.jcajce.provider.asymmetric.dstu; + +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.ECPrivateKey; +import java.security.interfaces.ECPublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.ua.UAObjectIdentifiers; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECParameterSpec; +import org.bouncycastle.jce.spec.ECPrivateKeySpec; +import org.bouncycastle.jce.spec.ECPublicKeySpec; + +public class KeyFactorySpi + extends BaseKeyFactorySpi +{ + public KeyFactorySpi() + { + } + + protected KeySpec engineGetKeySpec( + Key key, + Class spec) + throws InvalidKeySpecException + { + if (spec.isAssignableFrom(java.security.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey) + { + ECPublicKey k = (ECPublicKey)key; + if (k.getParams() != null) + { + return new java.security.spec.ECPublicKeySpec(k.getW(), k.getParams()); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new java.security.spec.ECPublicKeySpec(k.getW(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec)); + } + } + else if (spec.isAssignableFrom(java.security.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey) + { + ECPrivateKey k = (ECPrivateKey)key; + + if (k.getParams() != null) + { + return new java.security.spec.ECPrivateKeySpec(k.getS(), k.getParams()); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new java.security.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec)); + } + } + else if (spec.isAssignableFrom(org.bouncycastle.jce.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey) + { + ECPublicKey k = (ECPublicKey)key; + if (k.getParams() != null) + { + return new org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), EC5Util.convertSpec(k.getParams(), false)); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), implicitSpec); + } + } + else if (spec.isAssignableFrom(org.bouncycastle.jce.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey) + { + ECPrivateKey k = (ECPrivateKey)key; + + if (k.getParams() != null) + { + return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(k.getParams(), false)); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), implicitSpec); + } + } + + return super.engineGetKeySpec(key, spec); + } + + protected Key engineTranslateKey( + Key key) + throws InvalidKeyException + { + throw new InvalidKeyException("key type unknown"); + } + + protected PrivateKey engineGeneratePrivate( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof ECPrivateKeySpec) + { + return new BCDSTU4145PrivateKey((ECPrivateKeySpec)keySpec); + } + else if (keySpec instanceof java.security.spec.ECPrivateKeySpec) + { + return new BCDSTU4145PrivateKey((java.security.spec.ECPrivateKeySpec)keySpec); + } + + return super.engineGeneratePrivate(keySpec); + } + + protected PublicKey engineGeneratePublic( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof ECPublicKeySpec) + { + return new BCDSTU4145PublicKey((ECPublicKeySpec)keySpec); + } + else if (keySpec instanceof java.security.spec.ECPublicKeySpec) + { + return new BCDSTU4145PublicKey((java.security.spec.ECPublicKeySpec)keySpec); + } + + return super.engineGeneratePublic(keySpec); + } + + public PrivateKey generatePrivate(PrivateKeyInfo keyInfo) + throws IOException + { + ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm(); + + if (algOid.equals(UAObjectIdentifiers.dstu4145le) || algOid.equals(UAObjectIdentifiers.dstu4145be)) + { + return new BCDSTU4145PrivateKey(keyInfo); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } + + public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo) + throws IOException + { + ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm(); + + if (algOid.equals(UAObjectIdentifiers.dstu4145le) || algOid.equals(UAObjectIdentifiers.dstu4145be)) + { + return new BCDSTU4145PublicKey(keyInfo); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyPairGeneratorSpi.java new file mode 100644 index 0000000..f39eb7f --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyPairGeneratorSpi.java @@ -0,0 +1,188 @@ +package org.bouncycastle.jcajce.provider.asymmetric.dstu; + +import java.math.BigInteger; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.ECGenParameterSpec; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ua.DSTU4145NamedCurves; +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.generators.DSTU4145KeyPairGenerator; +import org.bouncycastle.crypto.generators.ECKeyPairGenerator; +import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.crypto.params.ECKeyGenerationParameters; +import org.bouncycastle.crypto.params.ECPrivateKeyParameters; +import org.bouncycastle.crypto.params.ECPublicKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec; +import org.bouncycastle.jce.spec.ECNamedCurveSpec; +import org.bouncycastle.jce.spec.ECParameterSpec; +import org.bouncycastle.math.ec.ECCurve; +import org.bouncycastle.math.ec.ECPoint; + +public class KeyPairGeneratorSpi + extends java.security.KeyPairGenerator +{ + Object ecParams = null; + ECKeyPairGenerator engine = new DSTU4145KeyPairGenerator(); + + String algorithm = "DSTU4145"; + ECKeyGenerationParameters param; + //int strength = 239; + SecureRandom random = null; + boolean initialised = false; + + public KeyPairGeneratorSpi() + { + super("DSTU4145"); + } + + public void initialize( + int strength, + SecureRandom random) + { + this.random = random; + + if (ecParams != null) + { + try + { + initialize((ECGenParameterSpec)ecParams, random); + } + catch (InvalidAlgorithmParameterException e) + { + throw new InvalidParameterException("key size not configurable."); + } + } + else + { + throw new InvalidParameterException("unknown key size."); + } + } + + public void initialize( + AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (params instanceof ECParameterSpec) + { + ECParameterSpec p = (ECParameterSpec)params; + this.ecParams = params; + + param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), random); + + engine.init(param); + initialised = true; + } + else if (params instanceof java.security.spec.ECParameterSpec) + { + java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)params; + this.ecParams = params; + + ECCurve curve = EC5Util.convertCurve(p.getCurve()); + ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false); + + param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random); + + engine.init(param); + initialised = true; + } + else if (params instanceof ECGenParameterSpec || params instanceof ECNamedCurveGenParameterSpec) + { + String curveName; + + if (params instanceof ECGenParameterSpec) + { + curveName = ((ECGenParameterSpec)params).getName(); + } + else + { + curveName = ((ECNamedCurveGenParameterSpec)params).getName(); + } + + //ECDomainParameters ecP = ECGOST3410NamedCurves.getByName(curveName); + ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(new ASN1ObjectIdentifier(curveName)); + if (ecP == null) + { + throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName); + } + + this.ecParams = new ECNamedCurveSpec( + curveName, + ecP.getCurve(), + ecP.getG(), + ecP.getN(), + ecP.getH(), + ecP.getSeed()); + + java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams; + + ECCurve curve = EC5Util.convertCurve(p.getCurve()); + ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false); + + param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random); + + engine.init(param); + initialised = true; + } + else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() != null) + { + ECParameterSpec p = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + this.ecParams = params; + + param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), random); + + engine.init(param); + initialised = true; + } + else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() == null) + { + throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set"); + } + else + { + throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName()); + } + } + + public KeyPair generateKeyPair() + { + if (!initialised) + { + throw new IllegalStateException("DSTU Key Pair Generator not initialised"); + } + + AsymmetricCipherKeyPair pair = engine.generateKeyPair(); + ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic(); + ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate(); + + if (ecParams instanceof ECParameterSpec) + { + ECParameterSpec p = (ECParameterSpec)ecParams; + + BCDSTU4145PublicKey pubKey = new BCDSTU4145PublicKey(algorithm, pub, p); + return new KeyPair(pubKey, + new BCDSTU4145PrivateKey(algorithm, priv, pubKey, p)); + } + else if (ecParams == null) + { + return new KeyPair(new BCDSTU4145PublicKey(algorithm, pub), + new BCDSTU4145PrivateKey(algorithm, priv)); + } + else + { + java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams; + + BCDSTU4145PublicKey pubKey = new BCDSTU4145PublicKey(algorithm, pub, p); + + return new KeyPair(pubKey, new BCDSTU4145PrivateKey(algorithm, priv, pubKey, p)); + } + } +} + diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpi.java new file mode 100644 index 0000000..1b9ce70 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpi.java @@ -0,0 +1,221 @@ +package org.bouncycastle.jcajce.provider.asymmetric.dstu; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SignatureException; +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.crypto.DSA; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.GOST3411Digest; +import org.bouncycastle.crypto.params.ParametersWithRandom; +import org.bouncycastle.crypto.signers.DSTU4145Signer; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.jce.interfaces.ECKey; +import org.bouncycastle.jce.interfaces.ECPublicKey; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +public class SignatureSpi + extends java.security.SignatureSpi + implements PKCSObjectIdentifiers, X509ObjectIdentifiers +{ + private Digest digest; + private DSA signer; + + private static byte[] DEFAULT_SBOX = { + 0xa, 0x9, 0xd, 0x6, 0xe, 0xb, 0x4, 0x5, 0xf, 0x1, 0x3, 0xc, 0x7, 0x0, 0x8, 0x2, + 0x8, 0x0, 0xc, 0x4, 0x9, 0x6, 0x7, 0xb, 0x2, 0x3, 0x1, 0xf, 0x5, 0xe, 0xa, 0xd, + 0xf, 0x6, 0x5, 0x8, 0xe, 0xb, 0xa, 0x4, 0xc, 0x0, 0x3, 0x7, 0x2, 0x9, 0x1, 0xd, + 0x3, 0x8, 0xd, 0x9, 0x6, 0xb, 0xf, 0x0, 0x2, 0x5, 0xc, 0xa, 0x4, 0xe, 0x1, 0x7, + 0xf, 0x8, 0xe, 0x9, 0x7, 0x2, 0x0, 0xd, 0xc, 0x6, 0x1, 0x5, 0xb, 0x4, 0x3, 0xa, + 0x2, 0x8, 0x9, 0x7, 0x5, 0xf, 0x0, 0xb, 0xc, 0x1, 0xd, 0xe, 0xa, 0x3, 0x6, 0x4, + 0x3, 0x8, 0xb, 0x5, 0x6, 0x4, 0xe, 0xa, 0x2, 0xc, 0x1, 0x7, 0x9, 0xf, 0xd, 0x0, + 0x1, 0x2, 0x3, 0xe, 0x6, 0xd, 0xb, 0x8, 0xf, 0xa, 0xc, 0x5, 0x7, 0x9, 0x0, 0x4 + }; + + public SignatureSpi() + { + //TODO: Add default ua s-box + //this.digest = new GOST3411Digest(DEFAULT_SBOX); + this.signer = new DSTU4145Signer(); + } + + protected void engineInitVerify( + PublicKey publicKey) + throws InvalidKeyException + { + CipherParameters param; + + if (publicKey instanceof ECPublicKey) + { + param = ECUtil.generatePublicKeyParameter(publicKey); + } + else + { + try + { + byte[] bytes = publicKey.getEncoded(); + + publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes)); + + if (publicKey instanceof ECPublicKey) + { + param = ECUtil.generatePublicKeyParameter(publicKey); + } + else + { + throw new InvalidKeyException("can't recognise key type in DSA based signer"); + } + } + catch (Exception e) + { + throw new InvalidKeyException("can't recognise key type in DSA based signer"); + } + } + + digest = new GOST3411Digest(expandSbox(((BCDSTU4145PublicKey)publicKey).getSbox())); + signer.init(false, param); + } + + byte[] expandSbox(byte[] compressed) + { + byte[] expanded = new byte[128]; + + for (int i = 0; i < compressed.length; i++) + { + expanded[i * 2] = (byte)((compressed[i] >> 4) & 0xf); + expanded[i * 2 + 1] = (byte)(compressed[i] & 0xf); + } + return expanded; + } + + protected void engineInitSign( + PrivateKey privateKey) + throws InvalidKeyException + { + CipherParameters param = null; + + if (privateKey instanceof ECKey) + { + param = ECUtil.generatePrivateKeyParameter(privateKey); + } + + digest = new GOST3411Digest(DEFAULT_SBOX); + + if (appRandom != null) + { + signer.init(true, new ParametersWithRandom(param, appRandom)); + } + else + { + signer.init(true, param); + } + } + + protected void engineUpdate( + byte b) + throws SignatureException + { + digest.update(b); + } + + protected void engineUpdate( + byte[] b, + int off, + int len) + throws SignatureException + { + digest.update(b, off, len); + } + + protected byte[] engineSign() + throws SignatureException + { + byte[] hash = new byte[digest.getDigestSize()]; + + digest.doFinal(hash, 0); + + try + { + BigInteger[] sig = signer.generateSignature(hash); + byte[] r = sig[0].toByteArray(); + byte[] s = sig[1].toByteArray(); + + byte[] sigBytes = new byte[(r.length > s.length ? r.length * 2 : s.length * 2)]; + System.arraycopy(s, 0, sigBytes, (sigBytes.length / 2) - s.length, s.length); + System.arraycopy(r, 0, sigBytes, sigBytes.length - r.length, r.length); + + return new DEROctetString(sigBytes).getEncoded(); + } + catch (Exception e) + { + throw new SignatureException(e.toString()); + } + } + + protected boolean engineVerify( + byte[] sigBytes) + throws SignatureException + { + byte[] hash = new byte[digest.getDigestSize()]; + + digest.doFinal(hash, 0); + + BigInteger[] sig; + + try + { + byte[] bytes = ((ASN1OctetString)ASN1OctetString.fromByteArray(sigBytes)).getOctets(); + + byte[] r = new byte[bytes.length / 2]; + byte[] s = new byte[bytes.length / 2]; + + System.arraycopy(bytes, 0, s, 0, bytes.length / 2); + + System.arraycopy(bytes, bytes.length / 2, r, 0, bytes.length / 2); + + sig = new BigInteger[2]; + sig[0] = new BigInteger(1, r); + sig[1] = new BigInteger(1, s); + } + catch (Exception e) + { + throw new SignatureException("error decoding signature bytes."); + } + + return signer.verifySignature(hash, sig[0], sig[1]); + } + + protected void engineSetParameter( + AlgorithmParameterSpec params) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> + */ + protected void engineSetParameter( + String param, + Object value) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated + */ + protected Object engineGetParameter( + String param) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpiLe.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpiLe.java new file mode 100644 index 0000000..0eb8bc9 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpiLe.java @@ -0,0 +1,69 @@ +package org.bouncycastle.jcajce.provider.asymmetric.dstu; + +import java.io.IOException; +import java.security.SignatureException; + +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.DEROctetString; + +public class SignatureSpiLe + extends SignatureSpi +{ + void reverseBytes(byte[] bytes) + { + byte tmp; + + for (int i = 0; i < bytes.length / 2; i++) + { + tmp = bytes[i]; + bytes[i] = bytes[bytes.length - 1 - i]; + bytes[bytes.length - 1 - i] = tmp; + } + } + + protected byte[] engineSign() + throws SignatureException + { + byte[] signature = ASN1OctetString.getInstance(super.engineSign()).getOctets(); + reverseBytes(signature); + try + { + return (new DEROctetString(signature)).getEncoded(); + } + catch (Exception e) + { + throw new SignatureException(e.toString()); + } + } + + protected boolean engineVerify( + byte[] sigBytes) + throws SignatureException + { + byte[] bytes = null; + + try + { + bytes = ((ASN1OctetString)ASN1OctetString.fromByteArray(sigBytes)).getOctets(); + } + catch (IOException e) + { + throw new SignatureException("error decoding signature bytes."); + } + + reverseBytes(bytes); + + try + { + return super.engineVerify((new DEROctetString(bytes)).getEncoded()); + } + catch (SignatureException e) + { + throw e; + } + catch (Exception e) + { + throw new SignatureException(e.toString()); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java new file mode 100644 index 0000000..fbeb8f0 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java @@ -0,0 +1,553 @@ +package org.bouncycastle.jcajce.provider.asymmetric.ec; + +import java.io.ByteArrayOutputStream; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.CipherSpi; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.ShortBufferException; + +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.crypto.InvalidCipherTextException; +import org.bouncycastle.crypto.KeyEncoder; +import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.engines.AESEngine; +import org.bouncycastle.crypto.engines.DESedeEngine; +import org.bouncycastle.crypto.engines.IESEngine; +import org.bouncycastle.crypto.generators.ECKeyPairGenerator; +import org.bouncycastle.crypto.generators.EphemeralKeyPairGenerator; +import org.bouncycastle.crypto.generators.KDF2BytesGenerator; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher; +import org.bouncycastle.crypto.params.AsymmetricKeyParameter; +import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.crypto.params.ECKeyGenerationParameters; +import org.bouncycastle.crypto.params.ECKeyParameters; +import org.bouncycastle.crypto.params.ECPublicKeyParameters; +import org.bouncycastle.crypto.params.IESWithCipherParameters; +import org.bouncycastle.crypto.params.ParametersWithIV; +import org.bouncycastle.crypto.parsers.ECIESPublicKeyParser; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.jcajce.provider.asymmetric.util.IESUtil; +import org.bouncycastle.jcajce.util.BCJcaJceHelper; +import org.bouncycastle.jcajce.util.JcaJceHelper; +import org.bouncycastle.jce.interfaces.ECKey; +import org.bouncycastle.jce.interfaces.IESKey; +import org.bouncycastle.jce.spec.IESParameterSpec; +import org.bouncycastle.util.Strings; + + +public class IESCipher + extends CipherSpi +{ + private final JcaJceHelper helper = new BCJcaJceHelper(); + + private int ivLength; + private IESEngine engine; + private int state = -1; + private ByteArrayOutputStream buffer = new ByteArrayOutputStream(); + private AlgorithmParameters engineParam = null; + private IESParameterSpec engineSpec = null; + private AsymmetricKeyParameter key; + private SecureRandom random; + private boolean dhaesMode = false; + private AsymmetricKeyParameter otherKeyParameter = null; + + public IESCipher(IESEngine engine) + { + this.engine = engine; + this.ivLength = 0; + } + + public IESCipher(IESEngine engine, int ivLength) + { + this.engine = engine; + this.ivLength = ivLength; + } + + public int engineGetBlockSize() + { + if (engine.getCipher() != null) + { + return engine.getCipher().getBlockSize(); + } + else + { + return 0; + } + } + + + public int engineGetKeySize(Key key) + { + if (key instanceof ECKey) + { + return ((ECKey)key).getParameters().getCurve().getFieldSize(); + } + else + { + throw new IllegalArgumentException("not an EC key"); + } + } + + + public byte[] engineGetIV() + { + return null; + } + + public AlgorithmParameters engineGetParameters() + { + if (engineParam == null && engineSpec != null) + { + try + { + engineParam = helper.createAlgorithmParameters("IES"); + engineParam.init(engineSpec); + } + catch (Exception e) + { + throw new RuntimeException(e.toString()); + } + } + + return engineParam; + } + + + public void engineSetMode(String mode) + throws NoSuchAlgorithmException + { + String modeName = Strings.toUpperCase(mode); + + if (modeName.equals("NONE")) + { + dhaesMode = false; + } + else if (modeName.equals("DHAES")) + { + dhaesMode = true; + } + else + { + throw new IllegalArgumentException("can't support mode " + mode); + } + } + + + public int engineGetOutputSize(int inputLen) + { + int len1, len2, len3; + + len1 = engine.getMac().getMacSize(); + + if (key != null) + { + len2 = 1 + 2 * (((ECKey)key).getParameters().getCurve().getFieldSize() + 7) / 8; + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + if (engine.getCipher() == null) + { + len3 = inputLen; + } + else if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + len3 = engine.getCipher().getOutputSize(inputLen); + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + len3 = engine.getCipher().getOutputSize(inputLen - len1 - len2); + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + return buffer.size() + len1 + len2 + len3; + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + return buffer.size() - len1 - len2 + len3; + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + } + + public void engineSetPadding(String padding) + throws NoSuchPaddingException + { + String paddingName = Strings.toUpperCase(padding); + + // TDOD: make this meaningful... + if (paddingName.equals("NOPADDING")) + { + + } + else if (paddingName.equals("PKCS5PADDING") || paddingName.equals("PKCS7PADDING")) + { + + } + else + { + throw new NoSuchPaddingException("padding not available with IESCipher"); + } + } + + + // Initialisation methods + + public void engineInit( + int opmode, + Key key, + AlgorithmParameters params, + SecureRandom random) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + AlgorithmParameterSpec paramSpec = null; + + if (params != null) + { + try + { + paramSpec = params.getParameterSpec(IESParameterSpec.class); + } + catch (Exception e) + { + throw new InvalidAlgorithmParameterException("cannot recognise parameters: " + e.toString()); + } + } + + engineParam = params; + engineInit(opmode, key, paramSpec, random); + + } + + + public void engineInit( + int opmode, + Key key, + AlgorithmParameterSpec engineSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException, InvalidKeyException + { + otherKeyParameter = null; + + // Use default parameters (including cipher key size) if none are specified + if (engineSpec == null) + { + this.engineSpec = IESUtil.guessParameterSpec(engine); + } + else if (engineSpec instanceof IESParameterSpec) + { + this.engineSpec = (IESParameterSpec)engineSpec; + } + else + { + throw new InvalidAlgorithmParameterException("must be passed IES parameters"); + } + + byte[] nonce = this.engineSpec.getNonce(); + + if (nonce != null) + { + if (ivLength == 0) + { + throw new InvalidAlgorithmParameterException("NONCE present in IES Parameters when none required"); + } + else if (nonce.length != ivLength) + { + throw new InvalidAlgorithmParameterException("NONCE in IES Parameters needs to be " + ivLength + " bytes long"); + } + } + + // Parse the recipient's key + if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE) + { + if (key instanceof PublicKey) + { + this.key = ECUtil.generatePublicKeyParameter((PublicKey)key); + } + else if (key instanceof IESKey) + { + IESKey ieKey = (IESKey)key; + + this.key = ECUtil.generatePublicKeyParameter(ieKey.getPublic()); + this.otherKeyParameter = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate()); + } + else + { + throw new InvalidKeyException("must be passed recipient's public EC key for encryption"); + } + } + else if (opmode == Cipher.DECRYPT_MODE || opmode == Cipher.UNWRAP_MODE) + { + if (key instanceof PrivateKey) + { + this.key = ECUtil.generatePrivateKeyParameter((PrivateKey)key); + } + else if (key instanceof IESKey) + { + IESKey ieKey = (IESKey)key; + + this.otherKeyParameter = ECUtil.generatePublicKeyParameter(ieKey.getPublic()); + this.key = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate()); + } + else + { + throw new InvalidKeyException("must be passed recipient's private EC key for decryption"); + } + } + else + { + throw new InvalidKeyException("must be passed EC key"); + } + + + this.random = random; + this.state = opmode; + buffer.reset(); + + } + + + public void engineInit( + int opmode, + Key key, + SecureRandom random) + throws InvalidKeyException + { + try + { + engineInit(opmode, key, (AlgorithmParameterSpec)null, random); + } + catch (InvalidAlgorithmParameterException e) + { + throw new IllegalArgumentException("can't handle supplied parameter spec"); + } + + } + + + // Update methods - buffer the input + + public byte[] engineUpdate( + byte[] input, + int inputOffset, + int inputLen) + { + buffer.write(input, inputOffset, inputLen); + return null; + } + + + public int engineUpdate( + byte[] input, + int inputOffset, + int inputLen, + byte[] output, + int outputOffset) + { + buffer.write(input, inputOffset, inputLen); + return 0; + } + + + // Finalisation methods + + public byte[] engineDoFinal( + byte[] input, + int inputOffset, + int inputLen) + throws IllegalBlockSizeException, BadPaddingException + { + if (inputLen != 0) + { + buffer.write(input, inputOffset, inputLen); + } + + final byte[] in = buffer.toByteArray(); + buffer.reset(); + + // Convert parameters for use in IESEngine + CipherParameters params = new IESWithCipherParameters(engineSpec.getDerivationV(), + engineSpec.getEncodingV(), + engineSpec.getMacKeySize(), + engineSpec.getCipherKeySize()); + + if (engineSpec.getNonce() != null) + { + params = new ParametersWithIV(params, engineSpec.getNonce()); + } + + final ECDomainParameters ecParams = ((ECKeyParameters)key).getParameters(); + + final byte[] V; + + if (otherKeyParameter != null) + { + try + { + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + engine.init(true, otherKeyParameter, key, params); + } + else + { + engine.init(false, key, otherKeyParameter, params); + } + return engine.processBlock(in, 0, in.length); + } + catch (Exception e) + { + throw new BadPaddingException(e.getMessage()); + } + } + + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + // Generate the ephemeral key pair + ECKeyPairGenerator gen = new ECKeyPairGenerator(); + gen.init(new ECKeyGenerationParameters(ecParams, random)); + + final boolean usePointCompression = engineSpec.getPointCompression(); + EphemeralKeyPairGenerator kGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder() + { + public byte[] getEncoded(AsymmetricKeyParameter keyParameter) + { + return ((ECPublicKeyParameters)keyParameter).getQ().getEncoded(usePointCompression); + } + }); + + // Encrypt the buffer + try + { + engine.init(key, params, kGen); + + return engine.processBlock(in, 0, in.length); + } + catch (Exception e) + { + throw new BadPaddingException(e.getMessage()); + } + + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + // Decrypt the buffer + try + { + engine.init(key, params, new ECIESPublicKeyParser(ecParams)); + + return engine.processBlock(in, 0, in.length); + } + catch (InvalidCipherTextException e) + { + throw new BadPaddingException(e.getMessage()); + } + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + + } + + public int engineDoFinal( + byte[] input, + int inputOffset, + int inputLength, + byte[] output, + int outputOffset) + throws ShortBufferException, IllegalBlockSizeException, BadPaddingException + { + + byte[] buf = engineDoFinal(input, inputOffset, inputLength); + System.arraycopy(buf, 0, output, outputOffset, buf.length); + return buf.length; + } + + /** + * Classes that inherit from us + */ + + static public class ECIES + extends IESCipher + { + public ECIES() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()))); + } + } + + static public class ECIESwithDESede + extends IESCipher + { + public ECIESwithDESede() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new DESedeEngine()))); + } + } + + static public class ECIESwithAES + extends IESCipher + { + public ECIESwithAES() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new AESEngine()))); + } + } + + static public class ECIESwithDESedeCBC + extends IESCipher + { + public ECIESwithDESedeCBC() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()))), 8); + } + } + + static public class ECIESwithAESCBC + extends IESCipher + { + public ECIESwithAESCBC() + { + super(new IESEngine(new ECDHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()), + new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()))), 16); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java index 3dbe004..4ea57fe 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java @@ -24,28 +24,22 @@ import org.bouncycastle.crypto.BasicAgreement; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DerivationFunction; import org.bouncycastle.crypto.agreement.ECDHBasicAgreement; -// BEGIN android-removed -// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; -// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; -// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; -// import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; -// END android-removed +import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement; +import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement; +import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters; +import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator; import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.crypto.params.DESParameters; import org.bouncycastle.crypto.params.ECDomainParameters; import org.bouncycastle.crypto.params.ECPrivateKeyParameters; import org.bouncycastle.crypto.params.ECPublicKeyParameters; -// BEGIN android-removed -// import org.bouncycastle.crypto.params.MQVPrivateParameters; -// import org.bouncycastle.crypto.params.MQVPublicParameters; -// END android-removed +import org.bouncycastle.crypto.params.MQVPrivateParameters; +import org.bouncycastle.crypto.params.MQVPublicParameters; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; import org.bouncycastle.jce.interfaces.ECPrivateKey; import org.bouncycastle.jce.interfaces.ECPublicKey; -// BEGIN android-removed -// import org.bouncycastle.jce.interfaces.MQVPrivateKey; -// import org.bouncycastle.jce.interfaces.MQVPublicKey; -// END android-removed +import org.bouncycastle.jce.interfaces.MQVPrivateKey; +import org.bouncycastle.jce.interfaces.MQVPublicKey; import org.bouncycastle.util.Integers; import org.bouncycastle.util.Strings; @@ -95,9 +89,7 @@ public class KeyAgreementSpi private BigInteger result; private ECDomainParameters parameters; private BasicAgreement agreement; - // BEGIN android-removed - // private DerivationFunction kdf; - // END android-removed + private DerivationFunction kdf; private byte[] bigIntToBytes( BigInteger r) @@ -112,9 +104,7 @@ public class KeyAgreementSpi { this.kaAlgorithm = kaAlgorithm; this.agreement = agreement; - // BEGIN android-removed - // this.kdf = kdf; - // END android-removed + this.kdf = kdf; } protected Key engineDoPhase( @@ -133,27 +123,25 @@ public class KeyAgreementSpi } CipherParameters pubKey; - // BEGIN android-removed - // if (agreement instanceof ECMQVBasicAgreement) - // { - // if (!(key instanceof MQVPublicKey)) - // { - // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " - // + getSimpleName(MQVPublicKey.class) + " for doPhase"); - // } - // - // MQVPublicKey mqvPubKey = (MQVPublicKey)key; - // ECPublicKeyParameters staticKey = (ECPublicKeyParameters) - // ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); - // ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) - // ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); - // - // pubKey = new MQVPublicParameters(staticKey, ephemKey); - // - // // TODO Validate that all the keys are using the same parameters? - // } - // else - // END android-removed + if (agreement instanceof ECMQVBasicAgreement) + { + if (!(key instanceof MQVPublicKey)) + { + throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + + getSimpleName(MQVPublicKey.class) + " for doPhase"); + } + + MQVPublicKey mqvPubKey = (MQVPublicKey)key; + ECPublicKeyParameters staticKey = (ECPublicKeyParameters) + ECUtil.generatePublicKeyParameter(mqvPubKey.getStaticKey()); + ECPublicKeyParameters ephemKey = (ECPublicKeyParameters) + ECUtil.generatePublicKeyParameter(mqvPubKey.getEphemeralKey()); + + pubKey = new MQVPublicParameters(staticKey, ephemKey); + + // TODO Validate that all the keys are using the same parameters? + } + else { if (!(key instanceof PublicKey)) { @@ -174,13 +162,11 @@ public class KeyAgreementSpi protected byte[] engineGenerateSecret() throws IllegalStateException { - // BEGIN android-removed - // if (kdf != null) - // { - // throw new UnsupportedOperationException( - // "KDF can only be used when algorithm is known"); - // } - // END android-removed + if (kdf != null) + { + throw new UnsupportedOperationException( + "KDF can only be used when algorithm is known"); + } return bigIntToBytes(result); } @@ -215,25 +201,23 @@ public class KeyAgreementSpi oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId(); } - // BEGIN android-removed - // if (kdf != null) - // { - // if (!algorithms.containsKey(oidAlgorithm)) - // { - // throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); - // } - // - // int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); - // - // DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); - // - // byte[] keyBytes = new byte[keySize / 8]; - // kdf.init(params); - // kdf.generateBytes(keyBytes, 0, keyBytes.length); - // secret = keyBytes; - // } - // else - // END android-removed + if (kdf != null) + { + if (!algorithms.containsKey(oidAlgorithm)) + { + throw new NoSuchAlgorithmException("unknown algorithm encountered: " + algorithm); + } + + int keySize = ((Integer)algorithms.get(oidAlgorithm)).intValue(); + + DHKDFParameters params = new DHKDFParameters(new ASN1ObjectIdentifier(oidAlgorithm), keySize, secret); + + byte[] keyBytes = new byte[keySize / 8]; + kdf.init(params); + kdf.generateBytes(keyBytes, 0, keyBytes.length); + secret = keyBytes; + } + else { if (algorithms.containsKey(oidAlgorithm)) { @@ -280,37 +264,35 @@ public class KeyAgreementSpi private void initFromKey(Key key) throws InvalidKeyException { - // BEGIN android-removed - // if (agreement instanceof ECMQVBasicAgreement) - // { - // if (!(key instanceof MQVPrivateKey)) - // { - // throw new InvalidKeyException(kaAlgorithm + " key agreement requires " - // + getSimpleName(MQVPrivateKey.class) + " for initialisation"); - // } - // - // MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; - // ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); - // ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) - // ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); - // - // ECPublicKeyParameters ephemPubKey = null; - // if (mqvPrivKey.getEphemeralPublicKey() != null) - // { - // ephemPubKey = (ECPublicKeyParameters) - // ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); - // } - // - // MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); - // this.parameters = staticPrivKey.getParameters(); - // - // // TODO Validate that all the keys are using the same parameters? - // - // agreement.init(localParams); - // } - // else - // END android-removed + if (agreement instanceof ECMQVBasicAgreement) + { + if (!(key instanceof MQVPrivateKey)) + { + throw new InvalidKeyException(kaAlgorithm + " key agreement requires " + + getSimpleName(MQVPrivateKey.class) + " for initialisation"); + } + + MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key; + ECPrivateKeyParameters staticPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey()); + ECPrivateKeyParameters ephemPrivKey = (ECPrivateKeyParameters) + ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey()); + + ECPublicKeyParameters ephemPubKey = null; + if (mqvPrivKey.getEphemeralPublicKey() != null) + { + ephemPubKey = (ECPublicKeyParameters) + ECUtil.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey()); + } + + MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey); + this.parameters = staticPrivKey.getParameters(); + + // TODO Validate that all the keys are using the same parameters? + + agreement.init(localParams); + } + else { if (!(key instanceof PrivateKey)) { @@ -341,41 +323,39 @@ public class KeyAgreementSpi } } - // BEGIN android-removed - // public static class DHC - // extends KeyAgreementSpi - // { - // public DHC() - // { - // super("ECDHC", new ECDHCBasicAgreement(), null); - // } - // } - // - // public static class MQV - // extends KeyAgreementSpi - // { - // public MQV() - // { - // super("ECMQV", new ECMQVBasicAgreement(), null); - // } - // } - // - // public static class DHwithSHA1KDF - // extends KeyAgreementSpi - // { - // public DHwithSHA1KDF() - // { - // super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); - // } - // } - // - // public static class MQVwithSHA1KDF - // extends KeyAgreementSpi - // { - // public MQVwithSHA1KDF() - // { - // super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); - // } - // } - // END android-removed + public static class DHC + extends KeyAgreementSpi + { + public DHC() + { + super("ECDHC", new ECDHCBasicAgreement(), null); + } + } + + public static class MQV + extends KeyAgreementSpi + { + public MQV() + { + super("ECMQV", new ECMQVBasicAgreement(), null); + } + } + + public static class DHwithSHA1KDF + extends KeyAgreementSpi + { + public DHwithSHA1KDF() + { + super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); + } + } + + public static class MQVwithSHA1KDF + extends KeyAgreementSpi + { + public MQVwithSHA1KDF() + { + super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new ECDHKEKGenerator(new SHA1Digest())); + } + } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java index 5769bac..20555c2 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java @@ -201,16 +201,14 @@ public class KeyFactorySpi } } - // BEGIN android-removed - // public static class ECGOST3410 - // extends KeyFactorySpi - // { - // public ECGOST3410() - // { - // super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); - // } - // } - // END android-removed + public static class ECGOST3410 + extends KeyFactorySpi + { + public ECGOST3410() + { + super("ECGOST3410", BouncyCastleProvider.CONFIGURATION); + } + } public static class ECDH extends KeyFactorySpi diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java index d858518..ae9be26 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java @@ -42,9 +42,7 @@ public abstract class KeyPairGeneratorSpi ECKeyGenerationParameters param; ECKeyPairGenerator engine = new ECKeyPairGenerator(); Object ecParams = null; - // BEGIN android-changed - int strength = 256; - // BEGIN android-changed + int strength = 239; int certainty = 50; SecureRandom random = new SecureRandom(); boolean initialised = false; @@ -86,13 +84,7 @@ public abstract class KeyPairGeneratorSpi SecureRandom random) { this.strength = strength; - // BEGIN android-added - if (random != null) { - // END android-added this.random = random; - // BEGIN android-added - } - // END android-added ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength)); if (ecParams == null) @@ -115,11 +107,6 @@ public abstract class KeyPairGeneratorSpi SecureRandom random) throws InvalidAlgorithmParameterException { - // BEGIN android-added - if (random == null) { - random = this.random; - } - // END android-added if (params == null) { ECParameterSpec implicitCA = configuration.getEcImplicitlyCa(); @@ -280,4 +267,4 @@ public abstract class KeyPairGeneratorSpi super("ECMQV", BouncyCastleProvider.CONFIGURATION); } } -} +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java index 26811d1..5e2bb4e 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java @@ -16,23 +16,16 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DSA; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.NullDigest; -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.RIPEMD160Digest; -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.digests.SHA224Digest; -// import org.bouncycastle.crypto.digests.SHA256Digest; -// import org.bouncycastle.crypto.digests.SHA384Digest; -// import org.bouncycastle.crypto.digests.SHA512Digest; -// END android-removed +import org.bouncycastle.crypto.digests.RIPEMD160Digest; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.digests.SHA224Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.SHA384Digest; +import org.bouncycastle.crypto.digests.SHA512Digest; import org.bouncycastle.crypto.params.ParametersWithRandom; import org.bouncycastle.crypto.signers.ECDSASigner; -// BEGIN android-removed -// import org.bouncycastle.crypto.signers.ECNRSigner; -// import org.bouncycastle.crypto.signers.HMacDSAKCalculator; -// END android-removed +import org.bouncycastle.crypto.signers.ECNRSigner; +import org.bouncycastle.crypto.signers.HMacDSAKCalculator; import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase; import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder; import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; @@ -77,22 +70,18 @@ public class SignatureSpi { public ecDSA() { - // BEGIN android-changed - super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed + super(new SHA1Digest(), new ECDSASigner(), new StdDSAEncoder()); } } - // BEGIN android-removed - // static public class ecDetDSA - // extends SignatureSpi - // { - // public ecDetDSA() - // { - // super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); - // } - // } - // END android-removed + static public class ecDetDSA + extends SignatureSpi + { + public ecDetDSA() + { + super(new SHA1Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA1Digest())), new StdDSAEncoder()); + } + } static public class ecDSAnone extends SignatureSpi @@ -108,196 +97,180 @@ public class SignatureSpi { public ecDSA224() { - // BEGIN android-changed - super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed + super(new SHA224Digest(), new ECDSASigner(), new StdDSAEncoder()); } } - // BEGIN android-removed - // static public class ecDetDSA224 - // extends SignatureSpi - // { - // public ecDetDSA224() - // { - // super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); - // } - // } - // END android-removed + static public class ecDetDSA224 + extends SignatureSpi + { + public ecDetDSA224() + { + super(new SHA224Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA224Digest())), new StdDSAEncoder()); + } + } static public class ecDSA256 extends SignatureSpi { public ecDSA256() { - // BEGIN android-changed - super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed + super(new SHA256Digest(), new ECDSASigner(), new StdDSAEncoder()); } } - // BEGIN android-removed - // static public class ecDetDSA256 - // extends SignatureSpi - // { - // public ecDetDSA256() - // { - // super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); - // } - // } - // END android-removed + static public class ecDetDSA256 + extends SignatureSpi + { + public ecDetDSA256() + { + super(new SHA256Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA256Digest())), new StdDSAEncoder()); + } + } static public class ecDSA384 extends SignatureSpi { public ecDSA384() { - // BEGIN android-changed - super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed + super(new SHA384Digest(), new ECDSASigner(), new StdDSAEncoder()); } } - // BEGIN android-removed - // static public class ecDetDSA384 - // extends SignatureSpi - // { - // public ecDetDSA384() - // { - // super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); - // } - // } - // END android-removed + static public class ecDetDSA384 + extends SignatureSpi + { + public ecDetDSA384() + { + super(new SHA384Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA384Digest())), new StdDSAEncoder()); + } + } static public class ecDSA512 extends SignatureSpi { public ecDSA512() { - // BEGIN android-changed - super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), new StdDSAEncoder()); - // END android-changed + super(new SHA512Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecDetDSA512 + extends SignatureSpi + { + public ecDetDSA512() + { + super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); } } - // BEGIN android-removed - // static public class ecDetDSA512 - // extends SignatureSpi - // { - // public ecDetDSA512() - // { - // super(new SHA512Digest(), new ECDSASigner(new HMacDSAKCalculator(new SHA512Digest())), new StdDSAEncoder()); - // } - // } - // - // static public class ecDSARipeMD160 - // extends SignatureSpi - // { - // public ecDSARipeMD160() - // { - // super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); - // } - // } - // - // static public class ecNR - // extends SignatureSpi - // { - // public ecNR() - // { - // super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - // - // static public class ecNR224 - // extends SignatureSpi - // { - // public ecNR224() - // { - // super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - // - // static public class ecNR256 - // extends SignatureSpi - // { - // public ecNR256() - // { - // super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - // - // static public class ecNR384 - // extends SignatureSpi - // { - // public ecNR384() - // { - // super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - // - // static public class ecNR512 - // extends SignatureSpi - // { - // public ecNR512() - // { - // super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); - // } - // } - // - // static public class ecCVCDSA - // extends SignatureSpi - // { - // public ecCVCDSA() - // { - // super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - // - // static public class ecCVCDSA224 - // extends SignatureSpi - // { - // public ecCVCDSA224() - // { - // super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - // - // static public class ecCVCDSA256 - // extends SignatureSpi - // { - // public ecCVCDSA256() - // { - // super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - // - // static public class ecCVCDSA384 - // extends SignatureSpi - // { - // public ecCVCDSA384() - // { - // super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - // - // static public class ecCVCDSA512 - // extends SignatureSpi - // { - // public ecCVCDSA512() - // { - // super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - // - // static public class ecPlainDSARP160 - // extends SignatureSpi - // { - // public ecPlainDSARP160() - // { - // super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); - // } - // } - // END android-removed + static public class ecDSARipeMD160 + extends SignatureSpi + { + public ecDSARipeMD160() + { + super(new RIPEMD160Digest(), new ECDSASigner(), new StdDSAEncoder()); + } + } + + static public class ecNR + extends SignatureSpi + { + public ecNR() + { + super(new SHA1Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR224 + extends SignatureSpi + { + public ecNR224() + { + super(new SHA224Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR256 + extends SignatureSpi + { + public ecNR256() + { + super(new SHA256Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR384 + extends SignatureSpi + { + public ecNR384() + { + super(new SHA384Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecNR512 + extends SignatureSpi + { + public ecNR512() + { + super(new SHA512Digest(), new ECNRSigner(), new StdDSAEncoder()); + } + } + + static public class ecCVCDSA + extends SignatureSpi + { + public ecCVCDSA() + { + super(new SHA1Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA224 + extends SignatureSpi + { + public ecCVCDSA224() + { + super(new SHA224Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA256 + extends SignatureSpi + { + public ecCVCDSA256() + { + super(new SHA256Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA384 + extends SignatureSpi + { + public ecCVCDSA384() + { + super(new SHA384Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecCVCDSA512 + extends SignatureSpi + { + public ecCVCDSA512() + { + super(new SHA512Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } + + static public class ecPlainDSARP160 + extends SignatureSpi + { + public ecPlainDSARP160() + { + super(new RIPEMD160Digest(), new ECDSASigner(), new PlainDSAEncoder()); + } + } private static class StdDSAEncoder implements DSAEncoder @@ -329,68 +302,66 @@ public class SignatureSpi } } - // BEGIN android-removed - // private static class PlainDSAEncoder - // implements DSAEncoder - // { - // public byte[] encode( - // BigInteger r, - // BigInteger s) - // throws IOException - // { - // byte[] first = makeUnsigned(r); - // byte[] second = makeUnsigned(s); - // byte[] res; - // - // if (first.length > second.length) - // { - // res = new byte[first.length * 2]; - // } - // else - // { - // res = new byte[second.length * 2]; - // } - // - // System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); - // System.arraycopy(second, 0, res, res.length - second.length, second.length); - // - // return res; - // } - // - // - // private byte[] makeUnsigned(BigInteger val) - // { - // byte[] res = val.toByteArray(); - // - // if (res[0] == 0) - // { - // byte[] tmp = new byte[res.length - 1]; - // - // System.arraycopy(res, 1, tmp, 0, tmp.length); - // - // return tmp; - // } - // - // return res; - // } - // - // public BigInteger[] decode( - // byte[] encoding) - // throws IOException - // { - // BigInteger[] sig = new BigInteger[2]; - // - // byte[] first = new byte[encoding.length / 2]; - // byte[] second = new byte[encoding.length / 2]; - // - // System.arraycopy(encoding, 0, first, 0, first.length); - // System.arraycopy(encoding, first.length, second, 0, second.length); - // - // sig[0] = new BigInteger(1, first); - // sig[1] = new BigInteger(1, second); - // - // return sig; - // } - // } - // END android-removed -} + private static class PlainDSAEncoder + implements DSAEncoder + { + public byte[] encode( + BigInteger r, + BigInteger s) + throws IOException + { + byte[] first = makeUnsigned(r); + byte[] second = makeUnsigned(s); + byte[] res; + + if (first.length > second.length) + { + res = new byte[first.length * 2]; + } + else + { + res = new byte[second.length * 2]; + } + + System.arraycopy(first, 0, res, res.length / 2 - first.length, first.length); + System.arraycopy(second, 0, res, res.length - second.length, second.length); + + return res; + } + + + private byte[] makeUnsigned(BigInteger val) + { + byte[] res = val.toByteArray(); + + if (res[0] == 0) + { + byte[] tmp = new byte[res.length - 1]; + + System.arraycopy(res, 1, tmp, 0, tmp.length); + + return tmp; + } + + return res; + } + + public BigInteger[] decode( + byte[] encoding) + throws IOException + { + BigInteger[] sig = new BigInteger[2]; + + byte[] first = new byte[encoding.length / 2]; + byte[] second = new byte[encoding.length / 2]; + + System.arraycopy(encoding, 0, first, 0, first.length); + System.arraycopy(encoding, first.length, second, 0, second.length); + + sig[0] = new BigInteger(1, first); + sig[1] = new BigInteger(1, second); + + return sig; + } + } +}
\ No newline at end of file diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java new file mode 100644 index 0000000..4c046fe --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java @@ -0,0 +1,545 @@ +package org.bouncycastle.jcajce.provider.asymmetric.ecgost; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.security.interfaces.ECPrivateKey; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; +import java.security.spec.ECPrivateKeySpec; +import java.security.spec.EllipticCurve; +import java.util.Enumeration; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.DERNull; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x9.X962Parameters; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.crypto.params.ECPrivateKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; +import org.bouncycastle.jce.ECGOST3410NamedCurveTable; +import org.bouncycastle.jce.interfaces.ECPointEncoder; +import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; +import org.bouncycastle.jce.spec.ECNamedCurveSpec; +import org.bouncycastle.math.ec.ECCurve; + +public class BCECGOST3410PrivateKey + implements ECPrivateKey, org.bouncycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder +{ + static final long serialVersionUID = 7245981689601667138L; + + private String algorithm = "ECGOST3410"; + private boolean withCompression; + + private transient GOST3410PublicKeyAlgParameters gostParams; + private transient BigInteger d; + private transient ECParameterSpec ecSpec; + private transient DERBitString publicKey; + private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl(); + + protected BCECGOST3410PrivateKey() + { + } + + public BCECGOST3410PrivateKey( + ECPrivateKey key) + { + this.d = key.getS(); + this.algorithm = key.getAlgorithm(); + this.ecSpec = key.getParams(); + } + + public BCECGOST3410PrivateKey( + org.bouncycastle.jce.spec.ECPrivateKeySpec spec) + { + this.d = spec.getD(); + + if (spec.getParams() != null) // can be null if implicitlyCA + { + ECCurve curve = spec.getParams().getCurve(); + EllipticCurve ellipticCurve; + + ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams()); + } + else + { + this.ecSpec = null; + } + } + + + public BCECGOST3410PrivateKey( + ECPrivateKeySpec spec) + { + this.d = spec.getS(); + this.ecSpec = spec.getParams(); + } + + public BCECGOST3410PrivateKey( + BCECGOST3410PrivateKey key) + { + this.d = key.d; + this.ecSpec = key.ecSpec; + this.withCompression = key.withCompression; + this.attrCarrier = key.attrCarrier; + this.publicKey = key.publicKey; + this.gostParams = key.gostParams; + } + + public BCECGOST3410PrivateKey( + String algorithm, + ECPrivateKeyParameters params, + BCECGOST3410PublicKey pubKey, + ECParameterSpec spec) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.d = params.getD(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + else + { + this.ecSpec = spec; + } + + this.gostParams = pubKey.getGostParams(); + + publicKey = getPublicKeyDetails(pubKey); + } + + public BCECGOST3410PrivateKey( + String algorithm, + ECPrivateKeyParameters params, + BCECGOST3410PublicKey pubKey, + org.bouncycastle.jce.spec.ECParameterSpec spec) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.d = params.getD(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + else + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + spec.getG().getAffineXCoord().toBigInteger(), + spec.getG().getAffineYCoord().toBigInteger()), + spec.getN(), + spec.getH().intValue()); + } + + this.gostParams = pubKey.getGostParams(); + + publicKey = getPublicKeyDetails(pubKey); + } + + public BCECGOST3410PrivateKey( + String algorithm, + ECPrivateKeyParameters params) + { + this.algorithm = algorithm; + this.d = params.getD(); + this.ecSpec = null; + } + + BCECGOST3410PrivateKey( + PrivateKeyInfo info) + throws IOException + { + populateFromPrivKeyInfo(info); + } + + private void populateFromPrivKeyInfo(PrivateKeyInfo info) + throws IOException + { + ASN1Primitive p = info.getPrivateKeyAlgorithm().getParameters().toASN1Primitive(); + + if (p instanceof ASN1Sequence && (ASN1Sequence.getInstance(p).size() == 2 || ASN1Sequence.getInstance(p).size() == 3)) + { + gostParams = GOST3410PublicKeyAlgParameters.getInstance(info.getPrivateKeyAlgorithm().getParameters()); + + ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); + + ECCurve curve = spec.getCurve(); + EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); + + ecSpec = new ECNamedCurveSpec( + ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), + ellipticCurve, + new ECPoint( + spec.getG().getAffineXCoord().toBigInteger(), + spec.getG().getAffineYCoord().toBigInteger()), + spec.getN(), spec.getH()); + + ASN1Encodable privKey = info.parsePrivateKey(); + + byte[] encVal = ASN1OctetString.getInstance(privKey).getOctets(); + byte[] dVal = new byte[encVal.length]; + + for (int i = 0; i != encVal.length; i++) + { + dVal[i] = encVal[encVal.length - 1 - i]; + } + + this.d = new BigInteger(1, dVal); + } + else + { + // for backwards compatibility + X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters()); + + if (params.isNamedCurve()) + { + ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters()); + X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid); + + if (ecP == null) // GOST Curve + { + ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid); + EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed()); + + ecSpec = new ECNamedCurveSpec( + ECGOST3410NamedCurves.getName(oid), + ellipticCurve, + new ECPoint( + gParam.getG().getAffineXCoord().toBigInteger(), + gParam.getG().getAffineYCoord().toBigInteger()), + gParam.getN(), + gParam.getH()); + } + else + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); + + ecSpec = new ECNamedCurveSpec( + ECUtil.getCurveName(oid), + ellipticCurve, + new ECPoint( + ecP.getG().getAffineXCoord().toBigInteger(), + ecP.getG().getAffineYCoord().toBigInteger()), + ecP.getN(), + ecP.getH()); + } + } + else if (params.isImplicitlyCA()) + { + ecSpec = null; + } + else + { + X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters()); + EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed()); + + this.ecSpec = new ECParameterSpec( + ellipticCurve, + new ECPoint( + ecP.getG().getAffineXCoord().toBigInteger(), + ecP.getG().getAffineYCoord().toBigInteger()), + ecP.getN(), + ecP.getH().intValue()); + } + + ASN1Encodable privKey = info.parsePrivateKey(); + if (privKey instanceof ASN1Integer) + { + ASN1Integer derD = ASN1Integer.getInstance(privKey); + + this.d = derD.getValue(); + } + else + { + org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey); + + this.d = ec.getKey(); + this.publicKey = ec.getPublicKey(); + } + } + } + + public String getAlgorithm() + { + return algorithm; + } + + /** + * return the encoding format we produce in getEncoded(). + * + * @return the string "PKCS#8" + */ + public String getFormat() + { + return "PKCS#8"; + } + + /** + * Return a PKCS8 representation of the key. The sequence returned + * represents a full PrivateKeyInfo object. + * + * @return a PKCS8 representation of the key. + */ + public byte[] getEncoded() + { + if (gostParams != null) + { + byte[] encKey = new byte[32]; + + extractBytes(encKey, 0, this.getS()); + + try + { + PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, gostParams), new DEROctetString(encKey)); + + return info.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + return null; + } + } + else + { + X962Parameters params; + int orderBitLength; + + if (ecSpec instanceof ECNamedCurveSpec) + { + ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName()); + if (curveOid == null) // guess it's the OID + { + curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName()); + } + params = new X962Parameters(curveOid); + orderBitLength = ECUtil.getOrderBitLength(ecSpec.getOrder(), this.getS()); + } + else if (ecSpec == null) + { + params = new X962Parameters(DERNull.INSTANCE); + orderBitLength = ECUtil.getOrderBitLength(null, this.getS()); + } + else + { + ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + + X9ECParameters ecP = new X9ECParameters( + curve, + EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + ecSpec.getOrder(), + BigInteger.valueOf(ecSpec.getCofactor()), + ecSpec.getCurve().getSeed()); + + params = new X962Parameters(ecP); + orderBitLength = ECUtil.getOrderBitLength(ecSpec.getOrder(), this.getS()); + } + + PrivateKeyInfo info; + org.bouncycastle.asn1.sec.ECPrivateKey keyStructure; + + if (publicKey != null) + { + keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), publicKey, params); + } + else + { + keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), params); + } + + try + { + info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive()); + + return info.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + return null; + } + } + } + + private void extractBytes(byte[] encKey, int offSet, BigInteger bI) + { + byte[] val = bI.toByteArray(); + if (val.length < 32) + { + byte[] tmp = new byte[32]; + System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length); + val = tmp; + } + + for (int i = 0; i != 32; i++) + { + encKey[offSet + i] = val[val.length - 1 - i]; + } + } + + public ECParameterSpec getParams() + { + return ecSpec; + } + + public org.bouncycastle.jce.spec.ECParameterSpec getParameters() + { + if (ecSpec == null) + { + return null; + } + + return EC5Util.convertSpec(ecSpec, withCompression); + } + + org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec() + { + if (ecSpec != null) + { + return EC5Util.convertSpec(ecSpec, withCompression); + } + + return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + } + + public BigInteger getS() + { + return d; + } + + public BigInteger getD() + { + return d; + } + + public void setBagAttribute( + ASN1ObjectIdentifier oid, + ASN1Encodable attribute) + { + attrCarrier.setBagAttribute(oid, attribute); + } + + public ASN1Encodable getBagAttribute( + ASN1ObjectIdentifier oid) + { + return attrCarrier.getBagAttribute(oid); + } + + public Enumeration getBagAttributeKeys() + { + return attrCarrier.getBagAttributeKeys(); + } + + public void setPointFormat(String style) + { + withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style)); + } + + public boolean equals(Object o) + { + if (!(o instanceof BCECGOST3410PrivateKey)) + { + return false; + } + + BCECGOST3410PrivateKey other = (BCECGOST3410PrivateKey)o; + + return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec())); + } + + public int hashCode() + { + return getD().hashCode() ^ engineGetSpec().hashCode(); + } + + public String toString() + { + StringBuffer buf = new StringBuffer(); + String nl = System.getProperty("line.separator"); + + buf.append("EC Private Key").append(nl); + buf.append(" S: ").append(this.d.toString(16)).append(nl); + + return buf.toString(); + + } + + private DERBitString getPublicKeyDetails(BCECGOST3410PublicKey pub) + { + try + { + SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pub.getEncoded())); + + return info.getPublicKeyData(); + } + catch (IOException e) + { // should never happen + return null; + } + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + byte[] enc = (byte[])in.readObject(); + + populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc))); + + this.attrCarrier = new PKCS12BagAttributeCarrierImpl(); + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + out.writeObject(this.getEncoded()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java new file mode 100644 index 0000000..1240a0f --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java @@ -0,0 +1,400 @@ +package org.bouncycastle.jcajce.provider.asymmetric.ecgost; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.security.interfaces.ECPublicKey; +import java.security.spec.ECParameterSpec; +import java.security.spec.ECPoint; +import java.security.spec.ECPublicKeySpec; +import java.security.spec.EllipticCurve; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.DERBitString; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x9.X962Parameters; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.crypto.params.ECPublicKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; +import org.bouncycastle.jce.ECGOST3410NamedCurveTable; +import org.bouncycastle.jce.interfaces.ECPointEncoder; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec; +import org.bouncycastle.jce.spec.ECNamedCurveSpec; +import org.bouncycastle.math.ec.ECCurve; +import org.bouncycastle.math.ec.custom.sec.SecP256K1Point; +import org.bouncycastle.math.ec.custom.sec.SecP256R1Point; + +public class BCECGOST3410PublicKey + implements ECPublicKey, org.bouncycastle.jce.interfaces.ECPublicKey, ECPointEncoder +{ + static final long serialVersionUID = 7026240464295649314L; + + private String algorithm = "ECGOST3410"; + private boolean withCompression; + + private transient org.bouncycastle.math.ec.ECPoint q; + private transient ECParameterSpec ecSpec; + private transient GOST3410PublicKeyAlgParameters gostParams; + + public BCECGOST3410PublicKey( + BCECGOST3410PublicKey key) + { + this.q = key.q; + this.ecSpec = key.ecSpec; + this.withCompression = key.withCompression; + this.gostParams = key.gostParams; + } + + public BCECGOST3410PublicKey( + ECPublicKeySpec spec) + { + this.ecSpec = spec.getParams(); + this.q = EC5Util.convertPoint(ecSpec, spec.getW(), false); + } + + public BCECGOST3410PublicKey( + org.bouncycastle.jce.spec.ECPublicKeySpec spec) + { + this.q = spec.getQ(); + + if (spec.getParams() != null) // can be null if implictlyCa + { + ECCurve curve = spec.getParams().getCurve(); + EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams()); + } + else + { + if (q.getCurve() == null) + { + org.bouncycastle.jce.spec.ECParameterSpec s = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + q = s.getCurve().createPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger()); + } + this.ecSpec = null; + } + } + + public BCECGOST3410PublicKey( + String algorithm, + ECPublicKeyParameters params, + ECParameterSpec spec) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.q = params.getQ(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = createSpec(ellipticCurve, dp); + } + else + { + this.ecSpec = spec; + } + } + + public BCECGOST3410PublicKey( + String algorithm, + ECPublicKeyParameters params, + org.bouncycastle.jce.spec.ECParameterSpec spec) + { + ECDomainParameters dp = params.getParameters(); + + this.algorithm = algorithm; + this.q = params.getQ(); + + if (spec == null) + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed()); + + this.ecSpec = createSpec(ellipticCurve, dp); + } + else + { + EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed()); + + this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec); + } + } + + /* + * called for implicitCA + */ + public BCECGOST3410PublicKey( + String algorithm, + ECPublicKeyParameters params) + { + this.algorithm = algorithm; + this.q = params.getQ(); + this.ecSpec = null; + } + + private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp) + { + return new ECParameterSpec( + ellipticCurve, + new ECPoint( + dp.getG().getAffineXCoord().toBigInteger(), + dp.getG().getAffineYCoord().toBigInteger()), + dp.getN(), + dp.getH().intValue()); + } + + public BCECGOST3410PublicKey( + ECPublicKey key) + { + this.algorithm = key.getAlgorithm(); + this.ecSpec = key.getParams(); + this.q = EC5Util.convertPoint(this.ecSpec, key.getW(), false); + } + + BCECGOST3410PublicKey( + SubjectPublicKeyInfo info) + { + populateFromPubKeyInfo(info); + } + + private void populateFromPubKeyInfo(SubjectPublicKeyInfo info) + { + DERBitString bits = info.getPublicKeyData(); + ASN1OctetString key; + this.algorithm = "ECGOST3410"; + + try + { + key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes()); + } + catch (IOException ex) + { + throw new IllegalArgumentException("error recovering public key"); + } + + byte[] keyEnc = key.getOctets(); + byte[] x = new byte[32]; + byte[] y = new byte[32]; + + for (int i = 0; i != x.length; i++) + { + x[i] = keyEnc[32 - 1 - i]; + } + + for (int i = 0; i != y.length; i++) + { + y[i] = keyEnc[64 - 1 - i]; + } + + gostParams = GOST3410PublicKeyAlgParameters.getInstance(info.getAlgorithm().getParameters()); + + ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet())); + + ECCurve curve = spec.getCurve(); + EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed()); + + this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y)); + + ecSpec = new ECNamedCurveSpec( + ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()), + ellipticCurve, + new ECPoint( + spec.getG().getAffineXCoord().toBigInteger(), + spec.getG().getAffineYCoord().toBigInteger()), + spec.getN(), spec.getH()); + } + + public String getAlgorithm() + { + return algorithm; + } + + public String getFormat() + { + return "X.509"; + } + + public byte[] getEncoded() + { + ASN1Encodable params; + SubjectPublicKeyInfo info; + + if (gostParams != null) + { + params = gostParams; + } + else + { + if (ecSpec instanceof ECNamedCurveSpec) + { + params = new GOST3410PublicKeyAlgParameters( + ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()), + CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet); + } + else + { // strictly speaking this may not be applicable... + ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve()); + + X9ECParameters ecP = new X9ECParameters( + curve, + EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), + ecSpec.getOrder(), + BigInteger.valueOf(ecSpec.getCofactor()), + ecSpec.getCurve().getSeed()); + + params = new X962Parameters(ecP); + } + } + + BigInteger bX = this.q.getAffineXCoord().toBigInteger(); + BigInteger bY = this.q.getAffineYCoord().toBigInteger(); + byte[] encKey = new byte[64]; + + extractBytes(encKey, 0, bX); + extractBytes(encKey, 32, bY); + + try + { + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey)); + } + catch (IOException e) + { + return null; + } + + return KeyUtil.getEncodedSubjectPublicKeyInfo(info); + } + + private void extractBytes(byte[] encKey, int offSet, BigInteger bI) + { + byte[] val = bI.toByteArray(); + if (val.length < 32) + { + byte[] tmp = new byte[32]; + System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length); + val = tmp; + } + + for (int i = 0; i != 32; i++) + { + encKey[offSet + i] = val[val.length - 1 - i]; + } + } + + public ECParameterSpec getParams() + { + return ecSpec; + } + + public org.bouncycastle.jce.spec.ECParameterSpec getParameters() + { + if (ecSpec == null) // implictlyCA + { + return null; + } + + return EC5Util.convertSpec(ecSpec, withCompression); + } + + public ECPoint getW() + { + return new ECPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger()); + } + + public org.bouncycastle.math.ec.ECPoint getQ() + { + if (ecSpec == null) + { + return q.getDetachedPoint(); + } + + return q; + } + + public org.bouncycastle.math.ec.ECPoint engineGetQ() + { + return q; + } + + org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec() + { + if (ecSpec != null) + { + return EC5Util.convertSpec(ecSpec, withCompression); + } + + return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + } + + public String toString() + { + StringBuffer buf = new StringBuffer(); + String nl = System.getProperty("line.separator"); + + buf.append("EC Public Key").append(nl); + buf.append(" X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl); + buf.append(" Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl); + + return buf.toString(); + } + + public void setPointFormat(String style) + { + withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style)); + } + + public boolean equals(Object o) + { + if (!(o instanceof BCECGOST3410PublicKey)) + { + return false; + } + + BCECGOST3410PublicKey other = (BCECGOST3410PublicKey)o; + + return engineGetQ().equals(other.engineGetQ()) && (engineGetSpec().equals(other.engineGetSpec())); + } + + public int hashCode() + { + return engineGetQ().hashCode() ^ engineGetSpec().hashCode(); + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + byte[] enc = (byte[])in.readObject(); + + populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc))); + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + out.writeObject(this.getEncoded()); + } + + public GOST3410PublicKeyAlgParameters getGostParams() + { + return gostParams; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyFactorySpi.java new file mode 100644 index 0000000..61a34be --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyFactorySpi.java @@ -0,0 +1,166 @@ +package org.bouncycastle.jcajce.provider.asymmetric.ecgost; + +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.ECPrivateKey; +import java.security.interfaces.ECPublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECParameterSpec; +import org.bouncycastle.jce.spec.ECPrivateKeySpec; +import org.bouncycastle.jce.spec.ECPublicKeySpec; + +public class KeyFactorySpi + extends BaseKeyFactorySpi +{ + public KeyFactorySpi() + { + } + + protected KeySpec engineGetKeySpec( + Key key, + Class spec) + throws InvalidKeySpecException + { + if (spec.isAssignableFrom(java.security.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey) + { + ECPublicKey k = (ECPublicKey)key; + if (k.getParams() != null) + { + return new java.security.spec.ECPublicKeySpec(k.getW(), k.getParams()); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new java.security.spec.ECPublicKeySpec(k.getW(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec)); + } + } + else if (spec.isAssignableFrom(java.security.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey) + { + ECPrivateKey k = (ECPrivateKey)key; + + if (k.getParams() != null) + { + return new java.security.spec.ECPrivateKeySpec(k.getS(), k.getParams()); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new java.security.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec)); + } + } + else if (spec.isAssignableFrom(org.bouncycastle.jce.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey) + { + ECPublicKey k = (ECPublicKey)key; + if (k.getParams() != null) + { + return new org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), EC5Util.convertSpec(k.getParams(), false)); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), implicitSpec); + } + } + else if (spec.isAssignableFrom(org.bouncycastle.jce.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey) + { + ECPrivateKey k = (ECPrivateKey)key; + + if (k.getParams() != null) + { + return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(k.getParams(), false)); + } + else + { + ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + + return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), implicitSpec); + } + } + + return super.engineGetKeySpec(key, spec); + } + + protected Key engineTranslateKey( + Key key) + throws InvalidKeyException + { + throw new InvalidKeyException("key type unknown"); + } + + protected PrivateKey engineGeneratePrivate( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof ECPrivateKeySpec) + { + return new BCECGOST3410PrivateKey((ECPrivateKeySpec)keySpec); + } + else if (keySpec instanceof java.security.spec.ECPrivateKeySpec) + { + return new BCECGOST3410PrivateKey((java.security.spec.ECPrivateKeySpec)keySpec); + } + + return super.engineGeneratePrivate(keySpec); + } + + protected PublicKey engineGeneratePublic( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof ECPublicKeySpec) + { + return new BCECGOST3410PublicKey((ECPublicKeySpec)keySpec); + } + else if (keySpec instanceof java.security.spec.ECPublicKeySpec) + { + return new BCECGOST3410PublicKey((java.security.spec.ECPublicKeySpec)keySpec); + } + + return super.engineGeneratePublic(keySpec); + } + + public PrivateKey generatePrivate(PrivateKeyInfo keyInfo) + throws IOException + { + ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm(); + + if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001)) + { + return new BCECGOST3410PrivateKey(keyInfo); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } + + public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo) + throws IOException + { + ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm(); + + if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001)) + { + return new BCECGOST3410PublicKey(keyInfo); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyPairGeneratorSpi.java new file mode 100644 index 0000000..efd74b4 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyPairGeneratorSpi.java @@ -0,0 +1,186 @@ +package org.bouncycastle.jcajce.provider.asymmetric.ecgost; + +import java.math.BigInteger; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidParameterException; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.ECGenParameterSpec; + +import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.generators.ECKeyPairGenerator; +import org.bouncycastle.crypto.params.ECDomainParameters; +import org.bouncycastle.crypto.params.ECKeyGenerationParameters; +import org.bouncycastle.crypto.params.ECPrivateKeyParameters; +import org.bouncycastle.crypto.params.ECPublicKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec; +import org.bouncycastle.jce.spec.ECNamedCurveSpec; +import org.bouncycastle.jce.spec.ECParameterSpec; +import org.bouncycastle.math.ec.ECCurve; +import org.bouncycastle.math.ec.ECPoint; + +public class KeyPairGeneratorSpi + extends java.security.KeyPairGenerator +{ + Object ecParams = null; + ECKeyPairGenerator engine = new ECKeyPairGenerator(); + + String algorithm = "ECGOST3410"; + ECKeyGenerationParameters param; + int strength = 239; + SecureRandom random = null; + boolean initialised = false; + + public KeyPairGeneratorSpi() + { + super("ECGOST3410"); + } + + public void initialize( + int strength, + SecureRandom random) + { + this.strength = strength; + this.random = random; + + if (ecParams != null) + { + try + { + initialize((ECGenParameterSpec)ecParams, random); + } + catch (InvalidAlgorithmParameterException e) + { + throw new InvalidParameterException("key size not configurable."); + } + } + else + { + throw new InvalidParameterException("unknown key size."); + } + } + + public void initialize( + AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (params instanceof ECParameterSpec) + { + ECParameterSpec p = (ECParameterSpec)params; + this.ecParams = params; + + param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), random); + + engine.init(param); + initialised = true; + } + else if (params instanceof java.security.spec.ECParameterSpec) + { + java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)params; + this.ecParams = params; + + ECCurve curve = EC5Util.convertCurve(p.getCurve()); + ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false); + + param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random); + + engine.init(param); + initialised = true; + } + else if (params instanceof ECGenParameterSpec || params instanceof ECNamedCurveGenParameterSpec) + { + String curveName; + + if (params instanceof ECGenParameterSpec) + { + curveName = ((ECGenParameterSpec)params).getName(); + } + else + { + curveName = ((ECNamedCurveGenParameterSpec)params).getName(); + } + + ECDomainParameters ecP = ECGOST3410NamedCurves.getByName(curveName); + if (ecP == null) + { + throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName); + } + + this.ecParams = new ECNamedCurveSpec( + curveName, + ecP.getCurve(), + ecP.getG(), + ecP.getN(), + ecP.getH(), + ecP.getSeed()); + + java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams; + + ECCurve curve = EC5Util.convertCurve(p.getCurve()); + ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false); + + param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random); + + engine.init(param); + initialised = true; + } + else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() != null) + { + ECParameterSpec p = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa(); + this.ecParams = params; + + param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN()), random); + + engine.init(param); + initialised = true; + } + else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() == null) + { + throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set"); + } + else + { + throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName()); + } + } + + public KeyPair generateKeyPair() + { + if (!initialised) + { + throw new IllegalStateException("EC Key Pair Generator not initialised"); + } + + AsymmetricCipherKeyPair pair = engine.generateKeyPair(); + ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic(); + ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate(); + + if (ecParams instanceof ECParameterSpec) + { + ECParameterSpec p = (ECParameterSpec)ecParams; + + BCECGOST3410PublicKey pubKey = new BCECGOST3410PublicKey(algorithm, pub, p); + return new KeyPair(pubKey, + new BCECGOST3410PrivateKey(algorithm, priv, pubKey, p)); + } + else if (ecParams == null) + { + return new KeyPair(new BCECGOST3410PublicKey(algorithm, pub), + new BCECGOST3410PrivateKey(algorithm, priv)); + } + else + { + java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams; + + BCECGOST3410PublicKey pubKey = new BCECGOST3410PublicKey(algorithm, pub, p); + + return new KeyPair(pubKey, new BCECGOST3410PrivateKey(algorithm, priv, pubKey, p)); + } + } +} + diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/SignatureSpi.java new file mode 100644 index 0000000..407dda5 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/SignatureSpi.java @@ -0,0 +1,211 @@ +package org.bouncycastle.jcajce.provider.asymmetric.ecgost; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SignatureException; +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.crypto.DSA; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.GOST3411Digest; +import org.bouncycastle.crypto.params.ParametersWithRandom; +import org.bouncycastle.crypto.signers.ECGOST3410Signer; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.jce.interfaces.ECKey; +import org.bouncycastle.jce.interfaces.ECPublicKey; +import org.bouncycastle.jce.interfaces.GOST3410Key; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jcajce.provider.asymmetric.util.GOST3410Util; + +public class SignatureSpi + extends java.security.SignatureSpi + implements PKCSObjectIdentifiers, X509ObjectIdentifiers +{ + private Digest digest; + private DSA signer; + + public SignatureSpi() + { + this.digest = new GOST3411Digest(); + this.signer = new ECGOST3410Signer(); + } + + protected void engineInitVerify( + PublicKey publicKey) + throws InvalidKeyException + { + CipherParameters param; + + if (publicKey instanceof ECPublicKey) + { + param = ECUtil.generatePublicKeyParameter(publicKey); + } + else if (publicKey instanceof GOST3410Key) + { + param = GOST3410Util.generatePublicKeyParameter(publicKey); + } + else + { + try + { + byte[] bytes = publicKey.getEncoded(); + + publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes)); + + param = ECUtil.generatePublicKeyParameter(publicKey); + } + catch (Exception e) + { + throw new InvalidKeyException("can't recognise key type in DSA based signer"); + } + } + + digest.reset(); + signer.init(false, param); + } + + protected void engineInitSign( + PrivateKey privateKey) + throws InvalidKeyException + { + CipherParameters param; + + if (privateKey instanceof ECKey) + { + param = ECUtil.generatePrivateKeyParameter(privateKey); + } + else + { + param = GOST3410Util.generatePrivateKeyParameter(privateKey); + } + + digest.reset(); + + if (appRandom != null) + { + signer.init(true, new ParametersWithRandom(param, appRandom)); + } + else + { + signer.init(true, param); + } + } + + protected void engineUpdate( + byte b) + throws SignatureException + { + digest.update(b); + } + + protected void engineUpdate( + byte[] b, + int off, + int len) + throws SignatureException + { + digest.update(b, off, len); + } + + protected byte[] engineSign() + throws SignatureException + { + byte[] hash = new byte[digest.getDigestSize()]; + + digest.doFinal(hash, 0); + + try + { + byte[] sigBytes = new byte[64]; + BigInteger[] sig = signer.generateSignature(hash); + byte[] r = sig[0].toByteArray(); + byte[] s = sig[1].toByteArray(); + + if (s[0] != 0) + { + System.arraycopy(s, 0, sigBytes, 32 - s.length, s.length); + } + else + { + System.arraycopy(s, 1, sigBytes, 32 - (s.length - 1), s.length - 1); + } + + if (r[0] != 0) + { + System.arraycopy(r, 0, sigBytes, 64 - r.length, r.length); + } + else + { + System.arraycopy(r, 1, sigBytes, 64 - (r.length - 1), r.length - 1); + } + + return sigBytes; + } + catch (Exception e) + { + throw new SignatureException(e.toString()); + } + } + + protected boolean engineVerify( + byte[] sigBytes) + throws SignatureException + { + byte[] hash = new byte[digest.getDigestSize()]; + + digest.doFinal(hash, 0); + + BigInteger[] sig; + + try + { + byte[] r = new byte[32]; + byte[] s = new byte[32]; + + System.arraycopy(sigBytes, 0, s, 0, 32); + + System.arraycopy(sigBytes, 32, r, 0, 32); + + sig = new BigInteger[2]; + sig[0] = new BigInteger(1, r); + sig[1] = new BigInteger(1, s); + } + catch (Exception e) + { + throw new SignatureException("error decoding signature bytes."); + } + + return signer.verifySignature(hash, sig[0], sig[1]); + } + + protected void engineSetParameter( + AlgorithmParameterSpec params) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> + */ + protected void engineSetParameter( + String param, + Object value) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated + */ + protected Object engineGetParameter( + String param) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParameterGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParameterGeneratorSpi.java new file mode 100644 index 0000000..6097c3c --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParameterGeneratorSpi.java @@ -0,0 +1,76 @@ +package org.bouncycastle.jcajce.provider.asymmetric.elgamal; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.DHGenParameterSpec; +import javax.crypto.spec.DHParameterSpec; + +import org.bouncycastle.crypto.generators.ElGamalParametersGenerator; +import org.bouncycastle.crypto.params.ElGamalParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAlgorithmParameterGeneratorSpi; + +public class AlgorithmParameterGeneratorSpi + extends BaseAlgorithmParameterGeneratorSpi +{ + protected SecureRandom random; + protected int strength = 1024; + + private int l = 0; + + protected void engineInit( + int strength, + SecureRandom random) + { + this.strength = strength; + this.random = random; + } + + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (!(genParamSpec instanceof DHGenParameterSpec)) + { + throw new InvalidAlgorithmParameterException("DH parameter generator requires a DHGenParameterSpec for initialisation"); + } + DHGenParameterSpec spec = (DHGenParameterSpec)genParamSpec; + + this.strength = spec.getPrimeSize(); + this.l = spec.getExponentSize(); + this.random = random; + } + + protected AlgorithmParameters engineGenerateParameters() + { + ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); + + if (random != null) + { + pGen.init(strength, 20, random); + } + else + { + pGen.init(strength, 20, new SecureRandom()); + } + + ElGamalParameters p = pGen.generateParameters(); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("ElGamal"); + params.init(new DHParameterSpec(p.getP(), p.getG(), l)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParametersSpi.java new file mode 100644 index 0000000..3253fbb --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParametersSpi.java @@ -0,0 +1,129 @@ +package org.bouncycastle.jcajce.provider.asymmetric.elgamal; + +import java.io.IOException; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +import javax.crypto.spec.DHParameterSpec; + +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.oiw.ElGamalParameter; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; +import org.bouncycastle.jce.spec.ElGamalParameterSpec; + +public class AlgorithmParametersSpi + extends BaseAlgorithmParameters +{ + ElGamalParameterSpec currentSpec; + + /** + * Return the X.509 ASN.1 structure ElGamalParameter. + * <pre> + * ElGamalParameter ::= SEQUENCE { + * prime INTEGER, -- p + * base INTEGER, -- g} + * </pre> + */ + protected byte[] engineGetEncoded() + { + ElGamalParameter elP = new ElGamalParameter(currentSpec.getP(), currentSpec.getG()); + + try + { + return elP.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + throw new RuntimeException("Error encoding ElGamalParameters"); + } + } + + protected byte[] engineGetEncoded( + String format) + { + if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == ElGamalParameterSpec.class) + { + return currentSpec; + } + else if (paramSpec == DHParameterSpec.class) + { + return new DHParameterSpec(currentSpec.getP(), currentSpec.getG()); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (!(paramSpec instanceof ElGamalParameterSpec) && !(paramSpec instanceof DHParameterSpec)) + { + throw new InvalidParameterSpecException("DHParameterSpec required to initialise a ElGamal algorithm parameters object"); + } + + if (paramSpec instanceof ElGamalParameterSpec) + { + this.currentSpec = (ElGamalParameterSpec)paramSpec; + } + else + { + DHParameterSpec s = (DHParameterSpec)paramSpec; + + this.currentSpec = new ElGamalParameterSpec(s.getP(), s.getG()); + } + } + + protected void engineInit( + byte[] params) + throws IOException + { + try + { + ElGamalParameter elP = ElGamalParameter.getInstance(ASN1Primitive.fromByteArray(params)); + + currentSpec = new ElGamalParameterSpec(elP.getP(), elP.getG()); + } + catch (ClassCastException e) + { + throw new IOException("Not a valid ElGamal Parameter encoding."); + } + catch (ArrayIndexOutOfBoundsException e) + { + throw new IOException("Not a valid ElGamal Parameter encoding."); + } + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + { + engineInit(params); + } + else + { + throw new IOException("Unknown parameter format " + format); + } + } + + protected String engineToString() + { + return "ElGamal Parameters"; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPrivateKey.java new file mode 100644 index 0000000..f0f83fa --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPrivateKey.java @@ -0,0 +1,197 @@ +package org.bouncycastle.jcajce.provider.asymmetric.elgamal; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.util.Enumeration; + +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.spec.DHParameterSpec; +import javax.crypto.spec.DHPrivateKeySpec; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.oiw.ElGamalParameter; +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; +import org.bouncycastle.jce.interfaces.ElGamalPrivateKey; +import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; +import org.bouncycastle.jce.spec.ElGamalParameterSpec; +import org.bouncycastle.jce.spec.ElGamalPrivateKeySpec; + +public class BCElGamalPrivateKey + implements ElGamalPrivateKey, DHPrivateKey, PKCS12BagAttributeCarrier +{ + static final long serialVersionUID = 4819350091141529678L; + + private BigInteger x; + + private transient ElGamalParameterSpec elSpec; + private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl(); + + protected BCElGamalPrivateKey() + { + } + + BCElGamalPrivateKey( + ElGamalPrivateKey key) + { + this.x = key.getX(); + this.elSpec = key.getParameters(); + } + + BCElGamalPrivateKey( + DHPrivateKey key) + { + this.x = key.getX(); + this.elSpec = new ElGamalParameterSpec(key.getParams().getP(), key.getParams().getG()); + } + + BCElGamalPrivateKey( + ElGamalPrivateKeySpec spec) + { + this.x = spec.getX(); + this.elSpec = new ElGamalParameterSpec(spec.getParams().getP(), spec.getParams().getG()); + } + + BCElGamalPrivateKey( + DHPrivateKeySpec spec) + { + this.x = spec.getX(); + this.elSpec = new ElGamalParameterSpec(spec.getP(), spec.getG()); + } + + BCElGamalPrivateKey( + PrivateKeyInfo info) + throws IOException + { + ElGamalParameter params = ElGamalParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters()); + ASN1Integer derX = ASN1Integer.getInstance(info.parsePrivateKey()); + + this.x = derX.getValue(); + this.elSpec = new ElGamalParameterSpec(params.getP(), params.getG()); + } + + BCElGamalPrivateKey( + ElGamalPrivateKeyParameters params) + { + this.x = params.getX(); + this.elSpec = new ElGamalParameterSpec(params.getParameters().getP(), params.getParameters().getG()); + } + + public String getAlgorithm() + { + return "ElGamal"; + } + + /** + * return the encoding format we produce in getEncoded(). + * + * @return the string "PKCS#8" + */ + public String getFormat() + { + return "PKCS#8"; + } + + /** + * Return a PKCS8 representation of the key. The sequence returned + * represents a full PrivateKeyInfo object. + * + * @return a PKCS8 representation of the key. + */ + public byte[] getEncoded() + { + try + { + PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(elSpec.getP(), elSpec.getG())), new ASN1Integer(getX())); + + return info.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + return null; + } + } + + public ElGamalParameterSpec getParameters() + { + return elSpec; + } + + public DHParameterSpec getParams() + { + return new DHParameterSpec(elSpec.getP(), elSpec.getG()); + } + + public BigInteger getX() + { + return x; + } + + public boolean equals( + Object o) + { + if (!(o instanceof DHPrivateKey)) + { + return false; + } + + DHPrivateKey other = (DHPrivateKey)o; + + return this.getX().equals(other.getX()) + && this.getParams().getG().equals(other.getParams().getG()) + && this.getParams().getP().equals(other.getParams().getP()) + && this.getParams().getL() == other.getParams().getL(); + } + + public int hashCode() + { + return this.getX().hashCode() ^ this.getParams().getG().hashCode() + ^ this.getParams().getP().hashCode() ^ this.getParams().getL(); + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + this.elSpec = new ElGamalParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject()); + this.attrCarrier = new PKCS12BagAttributeCarrierImpl(); + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + out.writeObject(elSpec.getP()); + out.writeObject(elSpec.getG()); + } + + public void setBagAttribute( + ASN1ObjectIdentifier oid, + ASN1Encodable attribute) + { + attrCarrier.setBagAttribute(oid, attribute); + } + + public ASN1Encodable getBagAttribute( + ASN1ObjectIdentifier oid) + { + return attrCarrier.getBagAttribute(oid); + } + + public Enumeration getBagAttributeKeys() + { + return attrCarrier.getBagAttributeKeys(); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPublicKey.java new file mode 100644 index 0000000..cd31cc5 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPublicKey.java @@ -0,0 +1,172 @@ +package org.bouncycastle.jcajce.provider.asymmetric.elgamal; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; + +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHParameterSpec; +import javax.crypto.spec.DHPublicKeySpec; + +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.oiw.ElGamalParameter; +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; +import org.bouncycastle.jce.interfaces.ElGamalPublicKey; +import org.bouncycastle.jce.spec.ElGamalParameterSpec; +import org.bouncycastle.jce.spec.ElGamalPublicKeySpec; + +public class BCElGamalPublicKey + implements ElGamalPublicKey, DHPublicKey +{ + static final long serialVersionUID = 8712728417091216948L; + + private BigInteger y; + private transient ElGamalParameterSpec elSpec; + + BCElGamalPublicKey( + ElGamalPublicKeySpec spec) + { + this.y = spec.getY(); + this.elSpec = new ElGamalParameterSpec(spec.getParams().getP(), spec.getParams().getG()); + } + + BCElGamalPublicKey( + DHPublicKeySpec spec) + { + this.y = spec.getY(); + this.elSpec = new ElGamalParameterSpec(spec.getP(), spec.getG()); + } + + BCElGamalPublicKey( + ElGamalPublicKey key) + { + this.y = key.getY(); + this.elSpec = key.getParameters(); + } + + BCElGamalPublicKey( + DHPublicKey key) + { + this.y = key.getY(); + this.elSpec = new ElGamalParameterSpec(key.getParams().getP(), key.getParams().getG()); + } + + BCElGamalPublicKey( + ElGamalPublicKeyParameters params) + { + this.y = params.getY(); + this.elSpec = new ElGamalParameterSpec(params.getParameters().getP(), params.getParameters().getG()); + } + + BCElGamalPublicKey( + BigInteger y, + ElGamalParameterSpec elSpec) + { + this.y = y; + this.elSpec = elSpec; + } + + BCElGamalPublicKey( + SubjectPublicKeyInfo info) + { + ElGamalParameter params = ElGamalParameter.getInstance(info.getAlgorithm().getParameters()); + ASN1Integer derY = null; + + try + { + derY = (ASN1Integer)info.parsePublicKey(); + } + catch (IOException e) + { + throw new IllegalArgumentException("invalid info structure in DSA public key"); + } + + this.y = derY.getValue(); + this.elSpec = new ElGamalParameterSpec(params.getP(), params.getG()); + } + + public String getAlgorithm() + { + return "ElGamal"; + } + + public String getFormat() + { + return "X.509"; + } + + public byte[] getEncoded() + { + try + { + SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(elSpec.getP(), elSpec.getG())), new ASN1Integer(y)); + + return info.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + return null; + } + } + + public ElGamalParameterSpec getParameters() + { + return elSpec; + } + + public DHParameterSpec getParams() + { + return new DHParameterSpec(elSpec.getP(), elSpec.getG()); + } + + public BigInteger getY() + { + return y; + } + + public int hashCode() + { + return this.getY().hashCode() ^ this.getParams().getG().hashCode() + ^ this.getParams().getP().hashCode() ^ this.getParams().getL(); + } + + public boolean equals( + Object o) + { + if (!(o instanceof DHPublicKey)) + { + return false; + } + + DHPublicKey other = (DHPublicKey)o; + + return this.getY().equals(other.getY()) + && this.getParams().getG().equals(other.getParams().getG()) + && this.getParams().getP().equals(other.getParams().getP()) + && this.getParams().getL() == other.getParams().getL(); + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + this.elSpec = new ElGamalParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject()); + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + out.writeObject(elSpec.getP()); + out.writeObject(elSpec.getG()); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/CipherSpi.java new file mode 100644 index 0000000..9c28670 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/CipherSpi.java @@ -0,0 +1,339 @@ +package org.bouncycastle.jcajce.provider.asymmetric.elgamal; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.MGF1ParameterSpec; + +import javax.crypto.BadPaddingException; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.interfaces.DHKey; +import javax.crypto.spec.OAEPParameterSpec; +import javax.crypto.spec.PSource; + +import org.bouncycastle.crypto.AsymmetricBlockCipher; +import org.bouncycastle.crypto.BufferedAsymmetricBlockCipher; +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.InvalidCipherTextException; +import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; +import org.bouncycastle.crypto.encodings.OAEPEncoding; +import org.bouncycastle.crypto.encodings.PKCS1Encoding; +import org.bouncycastle.crypto.engines.ElGamalEngine; +import org.bouncycastle.crypto.params.ParametersWithRandom; +import org.bouncycastle.jcajce.provider.asymmetric.util.BaseCipherSpi; +import org.bouncycastle.jcajce.provider.util.DigestFactory; +import org.bouncycastle.jce.interfaces.ElGamalKey; +import org.bouncycastle.jce.interfaces.ElGamalPrivateKey; +import org.bouncycastle.jce.interfaces.ElGamalPublicKey; +import org.bouncycastle.util.Strings; + +public class CipherSpi + extends BaseCipherSpi +{ + private BufferedAsymmetricBlockCipher cipher; + private AlgorithmParameterSpec paramSpec; + private AlgorithmParameters engineParams; + + public CipherSpi( + AsymmetricBlockCipher engine) + { + cipher = new BufferedAsymmetricBlockCipher(engine); + } + + private void initFromSpec( + OAEPParameterSpec pSpec) + throws NoSuchPaddingException + { + MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)pSpec.getMGFParameters(); + Digest digest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm()); + + if (digest == null) + { + throw new NoSuchPaddingException("no match on OAEP constructor for digest algorithm: "+ mgfParams.getDigestAlgorithm()); + } + + cipher = new BufferedAsymmetricBlockCipher(new OAEPEncoding(new ElGamalEngine(), digest, ((PSource.PSpecified)pSpec.getPSource()).getValue())); + paramSpec = pSpec; + } + + protected int engineGetBlockSize() + { + return cipher.getInputBlockSize(); + } + + protected int engineGetKeySize( + Key key) + { + if (key instanceof ElGamalKey) + { + ElGamalKey k = (ElGamalKey)key; + + return k.getParameters().getP().bitLength(); + } + else if (key instanceof DHKey) + { + DHKey k = (DHKey)key; + + return k.getParams().getP().bitLength(); + } + + throw new IllegalArgumentException("not an ElGamal key!"); + } + + protected int engineGetOutputSize( + int inputLen) + { + return cipher.getOutputBlockSize(); + } + + protected AlgorithmParameters engineGetParameters() + { + if (engineParams == null) + { + if (paramSpec != null) + { + try + { + engineParams = createParametersInstance("OAEP"); + engineParams.init(paramSpec); + } + catch (Exception e) + { + throw new RuntimeException(e.toString()); + } + } + } + + return engineParams; + } + + protected void engineSetMode( + String mode) + throws NoSuchAlgorithmException + { + String md = Strings.toUpperCase(mode); + + if (md.equals("NONE") || md.equals("ECB")) + { + return; + } + + throw new NoSuchAlgorithmException("can't support mode " + mode); + } + + protected void engineSetPadding( + String padding) + throws NoSuchPaddingException + { + String pad = Strings.toUpperCase(padding); + + if (pad.equals("NOPADDING")) + { + cipher = new BufferedAsymmetricBlockCipher(new ElGamalEngine()); + } + else if (pad.equals("PKCS1PADDING")) + { + cipher = new BufferedAsymmetricBlockCipher(new PKCS1Encoding(new ElGamalEngine())); + } + else if (pad.equals("ISO9796-1PADDING")) + { + cipher = new BufferedAsymmetricBlockCipher(new ISO9796d1Encoding(new ElGamalEngine())); + } + else if (pad.equals("OAEPPADDING")) + { + initFromSpec(OAEPParameterSpec.DEFAULT); + } + else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA1ANDMGF1PADDING")) + { + initFromSpec(OAEPParameterSpec.DEFAULT); + } + else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA256ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA384ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA-384", "MGF1", MGF1ParameterSpec.SHA384, PSource.PSpecified.DEFAULT)); + } + else if (pad.equals("OAEPWITHSHA512ANDMGF1PADDING")) + { + initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT)); + } + else + { + throw new NoSuchPaddingException(padding + " unavailable with ElGamal."); + } + } + + protected void engineInit( + int opmode, + Key key, + AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidKeyException + { + CipherParameters param; + + if (params == null) + { + if (key instanceof ElGamalPublicKey) + { + param = ElGamalUtil.generatePublicKeyParameter((PublicKey)key); + } + else if (key instanceof ElGamalPrivateKey) + { + param = ElGamalUtil.generatePrivateKeyParameter((PrivateKey)key); + } + else + { + throw new InvalidKeyException("unknown key type passed to ElGamal"); + } + } + else + { + throw new IllegalArgumentException("unknown parameter type."); + } + + if (random != null) + { + param = new ParametersWithRandom(param, random); + } + + switch (opmode) + { + case javax.crypto.Cipher.ENCRYPT_MODE: + case javax.crypto.Cipher.WRAP_MODE: + cipher.init(true, param); + break; + case javax.crypto.Cipher.DECRYPT_MODE: + case javax.crypto.Cipher.UNWRAP_MODE: + cipher.init(false, param); + break; + default: + throw new InvalidParameterException("unknown opmode " + opmode + " passed to ElGamal"); + } + } + + protected void engineInit( + int opmode, + Key key, + AlgorithmParameters params, + SecureRandom random) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("can't handle parameters in ElGamal"); + } + + protected void engineInit( + int opmode, + Key key, + SecureRandom random) + throws InvalidKeyException + { + engineInit(opmode, key, (AlgorithmParameterSpec)null, random); + } + + protected byte[] engineUpdate( + byte[] input, + int inputOffset, + int inputLen) + { + cipher.processBytes(input, inputOffset, inputLen); + return null; + } + + protected int engineUpdate( + byte[] input, + int inputOffset, + int inputLen, + byte[] output, + int outputOffset) + { + cipher.processBytes(input, inputOffset, inputLen); + return 0; + } + + protected byte[] engineDoFinal( + byte[] input, + int inputOffset, + int inputLen) + throws IllegalBlockSizeException, BadPaddingException + { + cipher.processBytes(input, inputOffset, inputLen); + try + { + return cipher.doFinal(); + } + catch (InvalidCipherTextException e) + { + throw new BadPaddingException(e.getMessage()); + } + } + + protected int engineDoFinal( + byte[] input, + int inputOffset, + int inputLen, + byte[] output, + int outputOffset) + throws IllegalBlockSizeException, BadPaddingException + { + byte[] out; + + cipher.processBytes(input, inputOffset, inputLen); + + try + { + out = cipher.doFinal(); + } + catch (InvalidCipherTextException e) + { + throw new BadPaddingException(e.getMessage()); + } + + for (int i = 0; i != out.length; i++) + { + output[outputOffset + i] = out[i]; + } + + return out.length; + } + + /** + * classes that inherit from us. + */ + static public class NoPadding + extends CipherSpi + { + public NoPadding() + { + super(new ElGamalEngine()); + } + } + + static public class PKCS1v1_5Padding + extends CipherSpi + { + public PKCS1v1_5Padding() + { + super(new PKCS1Encoding(new ElGamalEngine())); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/ElGamalUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/ElGamalUtil.java new file mode 100644 index 0000000..f0442f4 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/ElGamalUtil.java @@ -0,0 +1,66 @@ +package org.bouncycastle.jcajce.provider.asymmetric.elgamal; + +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; + +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; + +import org.bouncycastle.crypto.params.AsymmetricKeyParameter; +import org.bouncycastle.crypto.params.ElGamalParameters; +import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; +import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; +import org.bouncycastle.jce.interfaces.ElGamalPrivateKey; +import org.bouncycastle.jce.interfaces.ElGamalPublicKey; + +/** + * utility class for converting jce/jca ElGamal objects + * objects into their org.bouncycastle.crypto counterparts. + */ +public class ElGamalUtil +{ + static public AsymmetricKeyParameter generatePublicKeyParameter( + PublicKey key) + throws InvalidKeyException + { + if (key instanceof ElGamalPublicKey) + { + ElGamalPublicKey k = (ElGamalPublicKey)key; + + return new ElGamalPublicKeyParameters(k.getY(), + new ElGamalParameters(k.getParameters().getP(), k.getParameters().getG())); + } + else if (key instanceof DHPublicKey) + { + DHPublicKey k = (DHPublicKey)key; + + return new ElGamalPublicKeyParameters(k.getY(), + new ElGamalParameters(k.getParams().getP(), k.getParams().getG())); + } + + throw new InvalidKeyException("can't identify public key for El Gamal."); + } + + static public AsymmetricKeyParameter generatePrivateKeyParameter( + PrivateKey key) + throws InvalidKeyException + { + if (key instanceof ElGamalPrivateKey) + { + ElGamalPrivateKey k = (ElGamalPrivateKey)key; + + return new ElGamalPrivateKeyParameters(k.getX(), + new ElGamalParameters(k.getParameters().getP(), k.getParameters().getG())); + } + else if (key instanceof DHPrivateKey) + { + DHPrivateKey k = (DHPrivateKey)key; + + return new ElGamalPrivateKeyParameters(k.getX(), + new ElGamalParameters(k.getParams().getP(), k.getParams().getG())); + } + + throw new InvalidKeyException("can't identify private key for El Gamal."); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyFactorySpi.java new file mode 100644 index 0000000..92e655f --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyFactorySpi.java @@ -0,0 +1,156 @@ +package org.bouncycastle.jcajce.provider.asymmetric.elgamal; + +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; +import javax.crypto.spec.DHPrivateKeySpec; +import javax.crypto.spec.DHPublicKeySpec; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; +import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi; +import org.bouncycastle.jce.interfaces.ElGamalPrivateKey; +import org.bouncycastle.jce.interfaces.ElGamalPublicKey; +import org.bouncycastle.jce.spec.ElGamalPrivateKeySpec; +import org.bouncycastle.jce.spec.ElGamalPublicKeySpec; + +public class KeyFactorySpi + extends BaseKeyFactorySpi +{ + public KeyFactorySpi() + { + } + + protected PrivateKey engineGeneratePrivate( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof ElGamalPrivateKeySpec) + { + return new BCElGamalPrivateKey((ElGamalPrivateKeySpec)keySpec); + } + else if (keySpec instanceof DHPrivateKeySpec) + { + return new BCElGamalPrivateKey((DHPrivateKeySpec)keySpec); + } + + return super.engineGeneratePrivate(keySpec); + } + + protected PublicKey engineGeneratePublic( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof ElGamalPublicKeySpec) + { + return new BCElGamalPublicKey((ElGamalPublicKeySpec)keySpec); + } + else if (keySpec instanceof DHPublicKeySpec) + { + return new BCElGamalPublicKey((DHPublicKeySpec)keySpec); + } + return super.engineGeneratePublic(keySpec); + } + + protected KeySpec engineGetKeySpec( + Key key, + Class spec) + throws InvalidKeySpecException + { + if (spec.isAssignableFrom(DHPrivateKeySpec.class) && key instanceof DHPrivateKey) + { + DHPrivateKey k = (DHPrivateKey)key; + + return new DHPrivateKeySpec(k.getX(), k.getParams().getP(), k.getParams().getG()); + } + else if (spec.isAssignableFrom(DHPublicKeySpec.class) && key instanceof DHPublicKey) + { + DHPublicKey k = (DHPublicKey)key; + + return new DHPublicKeySpec(k.getY(), k.getParams().getP(), k.getParams().getG()); + } + + return super.engineGetKeySpec(key, spec); + } + + protected Key engineTranslateKey( + Key key) + throws InvalidKeyException + { + if (key instanceof DHPublicKey) + { + return new BCElGamalPublicKey((DHPublicKey)key); + } + else if (key instanceof DHPrivateKey) + { + return new BCElGamalPrivateKey((DHPrivateKey)key); + } + else if (key instanceof ElGamalPublicKey) + { + return new BCElGamalPublicKey((ElGamalPublicKey)key); + } + else if (key instanceof ElGamalPrivateKey) + { + return new BCElGamalPrivateKey((ElGamalPrivateKey)key); + } + + throw new InvalidKeyException("key type unknown"); + } + + public PrivateKey generatePrivate(PrivateKeyInfo info) + throws IOException + { + ASN1ObjectIdentifier algOid = info.getPrivateKeyAlgorithm().getAlgorithm(); + + if (algOid.equals(PKCSObjectIdentifiers.dhKeyAgreement)) + { + return new BCElGamalPrivateKey(info); + } + else if (algOid.equals(X9ObjectIdentifiers.dhpublicnumber)) + { + return new BCElGamalPrivateKey(info); + } + else if (algOid.equals(OIWObjectIdentifiers.elGamalAlgorithm)) + { + return new BCElGamalPrivateKey(info); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } + + public PublicKey generatePublic(SubjectPublicKeyInfo info) + throws IOException + { + ASN1ObjectIdentifier algOid = info.getAlgorithm().getAlgorithm(); + + if (algOid.equals(PKCSObjectIdentifiers.dhKeyAgreement)) + { + return new BCElGamalPublicKey(info); + } + else if (algOid.equals(X9ObjectIdentifiers.dhpublicnumber)) + { + return new BCElGamalPublicKey(info); + } + else if (algOid.equals(OIWObjectIdentifiers.elGamalAlgorithm)) + { + return new BCElGamalPublicKey(info); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyPairGeneratorSpi.java new file mode 100644 index 0000000..9455ece --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyPairGeneratorSpi.java @@ -0,0 +1,100 @@ +package org.bouncycastle.jcajce.provider.asymmetric.elgamal; + +import java.security.InvalidAlgorithmParameterException; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.DHParameterSpec; + +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.generators.ElGamalKeyPairGenerator; +import org.bouncycastle.crypto.generators.ElGamalParametersGenerator; +import org.bouncycastle.crypto.params.ElGamalKeyGenerationParameters; +import org.bouncycastle.crypto.params.ElGamalParameters; +import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; +import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ElGamalParameterSpec; + +public class KeyPairGeneratorSpi + extends java.security.KeyPairGenerator +{ + ElGamalKeyGenerationParameters param; + ElGamalKeyPairGenerator engine = new ElGamalKeyPairGenerator(); + int strength = 1024; + int certainty = 20; + SecureRandom random = new SecureRandom(); + boolean initialised = false; + + public KeyPairGeneratorSpi() + { + super("ElGamal"); + } + + public void initialize( + int strength, + SecureRandom random) + { + this.strength = strength; + this.random = random; + } + + public void initialize( + AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (!(params instanceof ElGamalParameterSpec) && !(params instanceof DHParameterSpec)) + { + throw new InvalidAlgorithmParameterException("parameter object not a DHParameterSpec or an ElGamalParameterSpec"); + } + + if (params instanceof ElGamalParameterSpec) + { + ElGamalParameterSpec elParams = (ElGamalParameterSpec)params; + + param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(elParams.getP(), elParams.getG())); + } + else + { + DHParameterSpec dhParams = (DHParameterSpec)params; + + param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(dhParams.getP(), dhParams.getG(), dhParams.getL())); + } + + engine.init(param); + initialised = true; + } + + public KeyPair generateKeyPair() + { + if (!initialised) + { + DHParameterSpec dhParams = BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(strength); + + if (dhParams != null) + { + param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(dhParams.getP(), dhParams.getG(), dhParams.getL())); + } + else + { + ElGamalParametersGenerator pGen = new ElGamalParametersGenerator(); + + pGen.init(strength, certainty, random); + param = new ElGamalKeyGenerationParameters(random, pGen.generateParameters()); + } + + engine.init(param); + initialised = true; + } + + AsymmetricCipherKeyPair pair = engine.generateKeyPair(); + ElGamalPublicKeyParameters pub = (ElGamalPublicKeyParameters)pair.getPublic(); + ElGamalPrivateKeyParameters priv = (ElGamalPrivateKeyParameters)pair.getPrivate(); + + return new KeyPair(new BCElGamalPublicKey(pub), + new BCElGamalPrivateKey(priv)); + } +} + diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParameterGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParameterGeneratorSpi.java new file mode 100644 index 0000000..2e7ee7c --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParameterGeneratorSpi.java @@ -0,0 +1,65 @@ +package org.bouncycastle.jcajce.provider.asymmetric.gost; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.crypto.generators.GOST3410ParametersGenerator; +import org.bouncycastle.crypto.params.GOST3410Parameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAlgorithmParameterGeneratorSpi; +import org.bouncycastle.jce.spec.GOST3410ParameterSpec; +import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; + +public abstract class AlgorithmParameterGeneratorSpi + extends BaseAlgorithmParameterGeneratorSpi +{ + protected SecureRandom random; + protected int strength = 1024; + + protected void engineInit( + int strength, + SecureRandom random) + { + this.strength = strength; + this.random = random; + } + + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for GOST3410 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator(); + + if (random != null) + { + pGen.init(strength, 2, random); + } + else + { + pGen.init(strength, 2, new SecureRandom()); + } + + GOST3410Parameters p = pGen.generateParameters(); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("GOST3410"); + params.init(new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec(p.getP(), p.getQ(), p.getA()))); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParametersSpi.java new file mode 100644 index 0000000..88f78bd --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParametersSpi.java @@ -0,0 +1,137 @@ +package org.bouncycastle.jcajce.provider.asymmetric.gost; + +import java.io.IOException; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +import org.bouncycastle.jce.spec.GOST3410ParameterSpec; +import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; + +public class AlgorithmParametersSpi + extends java.security.AlgorithmParametersSpi +{ + GOST3410ParameterSpec currentSpec; + + protected boolean isASN1FormatString(String format) + { + return format == null || format.equals("ASN.1"); + } + + protected AlgorithmParameterSpec engineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == null) + { + throw new NullPointerException("argument to getParameterSpec must not be null"); + } + + return localEngineGetParameterSpec(paramSpec); + } + + + /** + * Return the X.509 ASN.1 structure GOST3410Parameter. + * <pre> + * GOST3410Parameter ::= SEQUENCE { + * prime INTEGER, -- p + * subprime INTEGER, -- q + * base INTEGER, -- a} + * </pre> + */ + protected byte[] engineGetEncoded() + { + GOST3410PublicKeyAlgParameters gost3410P = new GOST3410PublicKeyAlgParameters(new ASN1ObjectIdentifier(currentSpec.getPublicKeyParamSetOID()), new ASN1ObjectIdentifier(currentSpec.getDigestParamSetOID()), new ASN1ObjectIdentifier(currentSpec.getEncryptionParamSetOID())); + + try + { + return gost3410P.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + throw new RuntimeException("Error encoding GOST3410Parameters"); + } + } + + protected byte[] engineGetEncoded( + String format) + { + if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == GOST3410PublicKeyParameterSetSpec.class) + { + return currentSpec; + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to GOST3410 parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (!(paramSpec instanceof GOST3410ParameterSpec)) + { + throw new InvalidParameterSpecException("GOST3410ParameterSpec required to initialise a GOST3410 algorithm parameters object"); + } + + this.currentSpec = (GOST3410ParameterSpec)paramSpec; + } + + protected void engineInit( + byte[] params) + throws IOException + { + try + { + ASN1Sequence seq = (ASN1Sequence)ASN1Primitive.fromByteArray(params); + + this.currentSpec = GOST3410ParameterSpec.fromPublicKeyAlg( + new GOST3410PublicKeyAlgParameters(seq)); + } + catch (ClassCastException e) + { + throw new IOException("Not a valid GOST3410 Parameter encoding."); + } + catch (ArrayIndexOutOfBoundsException e) + { + throw new IOException("Not a valid GOST3410 Parameter encoding."); + } + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + { + engineInit(params); + } + else + { + throw new IOException("Unknown parameter format " + format); + } + } + + protected String engineToString() + { + return "GOST3410 Parameters"; + } + +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PrivateKey.java new file mode 100644 index 0000000..8da4998 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PrivateKey.java @@ -0,0 +1,253 @@ +package org.bouncycastle.jcajce.provider.asymmetric.gost; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; +import java.util.Enumeration; + +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; +import org.bouncycastle.jce.interfaces.GOST3410Params; +import org.bouncycastle.jce.interfaces.GOST3410PrivateKey; +import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; +import org.bouncycastle.jce.spec.GOST3410ParameterSpec; +import org.bouncycastle.jce.spec.GOST3410PrivateKeySpec; +import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; + +public class BCGOST3410PrivateKey + implements GOST3410PrivateKey, PKCS12BagAttributeCarrier +{ + static final long serialVersionUID = 8581661527592305464L; + + private BigInteger x; + + private transient GOST3410Params gost3410Spec; + private transient PKCS12BagAttributeCarrier attrCarrier = new PKCS12BagAttributeCarrierImpl(); + + protected BCGOST3410PrivateKey() + { + } + + BCGOST3410PrivateKey( + GOST3410PrivateKey key) + { + this.x = key.getX(); + this.gost3410Spec = key.getParameters(); + } + + BCGOST3410PrivateKey( + GOST3410PrivateKeySpec spec) + { + this.x = spec.getX(); + this.gost3410Spec = new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec(spec.getP(), spec.getQ(), spec.getA())); + } + + BCGOST3410PrivateKey( + PrivateKeyInfo info) + throws IOException + { + GOST3410PublicKeyAlgParameters params = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); + ASN1OctetString derX = ASN1OctetString.getInstance(info.parsePrivateKey()); + byte[] keyEnc = derX.getOctets(); + byte[] keyBytes = new byte[keyEnc.length]; + + for (int i = 0; i != keyEnc.length; i++) + { + keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // was little endian + } + + this.x = new BigInteger(1, keyBytes); + this.gost3410Spec = GOST3410ParameterSpec.fromPublicKeyAlg(params); + } + + BCGOST3410PrivateKey( + GOST3410PrivateKeyParameters params, + GOST3410ParameterSpec spec) + { + this.x = params.getX(); + this.gost3410Spec = spec; + + if (spec == null) + { + throw new IllegalArgumentException("spec is null"); + } + } + + public String getAlgorithm() + { + return "GOST3410"; + } + + /** + * return the encoding format we produce in getEncoded(). + * + * @return the string "PKCS#8" + */ + public String getFormat() + { + return "PKCS#8"; + } + + /** + * Return a PKCS8 representation of the key. The sequence returned + * represents a full PrivateKeyInfo object. + * + * @return a PKCS8 representation of the key. + */ + public byte[] getEncoded() + { + PrivateKeyInfo info; + byte[] keyEnc = this.getX().toByteArray(); + byte[] keyBytes; + + if (keyEnc[0] == 0) + { + keyBytes = new byte[keyEnc.length - 1]; + } + else + { + keyBytes = new byte[keyEnc.length]; + } + + for (int i = 0; i != keyBytes.length; i++) + { + keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // must be little endian + } + + try + { + if (gost3410Spec instanceof GOST3410ParameterSpec) + { + info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94, new GOST3410PublicKeyAlgParameters(new ASN1ObjectIdentifier(gost3410Spec.getPublicKeyParamSetOID()), new ASN1ObjectIdentifier(gost3410Spec.getDigestParamSetOID()))), new DEROctetString(keyBytes)); + } + else + { + info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94), new DEROctetString(keyBytes)); + } + + return info.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + return null; + } + } + + public GOST3410Params getParameters() + { + return gost3410Spec; + } + + public BigInteger getX() + { + return x; + } + + public boolean equals( + Object o) + { + if (!(o instanceof GOST3410PrivateKey)) + { + return false; + } + + GOST3410PrivateKey other = (GOST3410PrivateKey)o; + + return this.getX().equals(other.getX()) + && this.getParameters().getPublicKeyParameters().equals(other.getParameters().getPublicKeyParameters()) + && this.getParameters().getDigestParamSetOID().equals(other.getParameters().getDigestParamSetOID()) + && compareObj(this.getParameters().getEncryptionParamSetOID(), other.getParameters().getEncryptionParamSetOID()); + } + + private boolean compareObj(Object o1, Object o2) + { + if (o1 == o2) + { + return true; + } + + if (o1 == null) + { + return false; + } + + return o1.equals(o2); + } + + public int hashCode() + { + return this.getX().hashCode() ^ gost3410Spec.hashCode(); + } + + public void setBagAttribute( + ASN1ObjectIdentifier oid, + ASN1Encodable attribute) + { + attrCarrier.setBagAttribute(oid, attribute); + } + + public ASN1Encodable getBagAttribute( + ASN1ObjectIdentifier oid) + { + return attrCarrier.getBagAttribute(oid); + } + + public Enumeration getBagAttributeKeys() + { + return attrCarrier.getBagAttributeKeys(); + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + String publicKeyParamSetOID = (String)in.readObject(); + if (publicKeyParamSetOID != null) + { + this.gost3410Spec = new GOST3410ParameterSpec(publicKeyParamSetOID, (String)in.readObject(), (String)in.readObject()); + } + else + { + this.gost3410Spec = new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), (BigInteger)in.readObject())); + in.readObject(); + in.readObject(); + } + this.attrCarrier = new PKCS12BagAttributeCarrierImpl(); + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + if (gost3410Spec.getPublicKeyParamSetOID() != null) + { + out.writeObject(gost3410Spec.getPublicKeyParamSetOID()); + out.writeObject(gost3410Spec.getDigestParamSetOID()); + out.writeObject(gost3410Spec.getEncryptionParamSetOID()); + } + else + { + out.writeObject(null); + out.writeObject(gost3410Spec.getPublicKeyParameters().getP()); + out.writeObject(gost3410Spec.getPublicKeyParameters().getQ()); + out.writeObject(gost3410Spec.getPublicKeyParameters().getA()); + out.writeObject(gost3410Spec.getDigestParamSetOID()); + out.writeObject(gost3410Spec.getEncryptionParamSetOID()); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PublicKey.java new file mode 100644 index 0000000..1729b96 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PublicKey.java @@ -0,0 +1,224 @@ +package org.bouncycastle.jcajce.provider.asymmetric.gost; + +import java.io.IOException; +import java.io.ObjectInputStream; +import java.io.ObjectOutputStream; +import java.math.BigInteger; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters; +import org.bouncycastle.asn1.x509.AlgorithmIdentifier; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil; +import org.bouncycastle.jce.interfaces.GOST3410Params; +import org.bouncycastle.jce.interfaces.GOST3410PublicKey; +import org.bouncycastle.jce.spec.GOST3410ParameterSpec; +import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; +import org.bouncycastle.jce.spec.GOST3410PublicKeySpec; + +public class BCGOST3410PublicKey + implements GOST3410PublicKey +{ + static final long serialVersionUID = -6251023343619275990L; + + private BigInteger y; + private transient GOST3410Params gost3410Spec; + + BCGOST3410PublicKey( + GOST3410PublicKeySpec spec) + { + this.y = spec.getY(); + this.gost3410Spec = new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec(spec.getP(), spec.getQ(), spec.getA())); + } + + BCGOST3410PublicKey( + GOST3410PublicKey key) + { + this.y = key.getY(); + this.gost3410Spec = key.getParameters(); + } + + BCGOST3410PublicKey( + GOST3410PublicKeyParameters params, + GOST3410ParameterSpec spec) + { + this.y = params.getY(); + this.gost3410Spec = spec; + } + + BCGOST3410PublicKey( + BigInteger y, + GOST3410ParameterSpec gost3410Spec) + { + this.y = y; + this.gost3410Spec = gost3410Spec; + } + + BCGOST3410PublicKey( + SubjectPublicKeyInfo info) + { + GOST3410PublicKeyAlgParameters params = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters()); + DEROctetString derY; + + try + { + derY = (DEROctetString)info.parsePublicKey(); + + byte[] keyEnc = derY.getOctets(); + byte[] keyBytes = new byte[keyEnc.length]; + + for (int i = 0; i != keyEnc.length; i++) + { + keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // was little endian + } + + this.y = new BigInteger(1, keyBytes); + } + catch (IOException e) + { + throw new IllegalArgumentException("invalid info structure in GOST3410 public key"); + } + + this.gost3410Spec = GOST3410ParameterSpec.fromPublicKeyAlg(params); + } + + public String getAlgorithm() + { + return "GOST3410"; + } + + public String getFormat() + { + return "X.509"; + } + + public byte[] getEncoded() + { + SubjectPublicKeyInfo info; + byte[] keyEnc = this.getY().toByteArray(); + byte[] keyBytes; + + if (keyEnc[0] == 0) + { + keyBytes = new byte[keyEnc.length - 1]; + } + else + { + keyBytes = new byte[keyEnc.length]; + } + + for (int i = 0; i != keyBytes.length; i++) + { + keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // must be little endian + } + + try + { + if (gost3410Spec instanceof GOST3410ParameterSpec) + { + if (gost3410Spec.getEncryptionParamSetOID() != null) + { + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94, new GOST3410PublicKeyAlgParameters(new ASN1ObjectIdentifier(gost3410Spec.getPublicKeyParamSetOID()), new ASN1ObjectIdentifier(gost3410Spec.getDigestParamSetOID()), new ASN1ObjectIdentifier(gost3410Spec.getEncryptionParamSetOID()))), new DEROctetString(keyBytes)); + } + else + { + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94, new GOST3410PublicKeyAlgParameters(new ASN1ObjectIdentifier(gost3410Spec.getPublicKeyParamSetOID()), new ASN1ObjectIdentifier(gost3410Spec.getDigestParamSetOID()))), new DEROctetString(keyBytes)); + } + } + else + { + info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94), new DEROctetString(keyBytes)); + } + + return KeyUtil.getEncodedSubjectPublicKeyInfo(info); + } + catch (IOException e) + { + return null; + } + } + + public GOST3410Params getParameters() + { + return gost3410Spec; + } + + public BigInteger getY() + { + return y; + } + + public String toString() + { + StringBuffer buf = new StringBuffer(); + String nl = System.getProperty("line.separator"); + + buf.append("GOST3410 Public Key").append(nl); + buf.append(" y: ").append(this.getY().toString(16)).append(nl); + + return buf.toString(); + } + + public boolean equals(Object o) + { + if (o instanceof BCGOST3410PublicKey) + { + BCGOST3410PublicKey other = (BCGOST3410PublicKey)o; + + return this.y.equals(other.y) && this.gost3410Spec.equals(other.gost3410Spec); + } + + return false; + } + + public int hashCode() + { + return y.hashCode() ^ gost3410Spec.hashCode(); + } + + private void readObject( + ObjectInputStream in) + throws IOException, ClassNotFoundException + { + in.defaultReadObject(); + + String publicKeyParamSetOID = (String)in.readObject(); + if (publicKeyParamSetOID != null) + { + this.gost3410Spec = new GOST3410ParameterSpec(publicKeyParamSetOID, (String)in.readObject(), (String)in.readObject()); + } + else + { + this.gost3410Spec = new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), (BigInteger)in.readObject())); + in.readObject(); + in.readObject(); + } + } + + private void writeObject( + ObjectOutputStream out) + throws IOException + { + out.defaultWriteObject(); + + if (gost3410Spec.getPublicKeyParamSetOID() != null) + { + out.writeObject(gost3410Spec.getPublicKeyParamSetOID()); + out.writeObject(gost3410Spec.getDigestParamSetOID()); + out.writeObject(gost3410Spec.getEncryptionParamSetOID()); + } + else + { + out.writeObject(null); + out.writeObject(gost3410Spec.getPublicKeyParameters().getP()); + out.writeObject(gost3410Spec.getPublicKeyParameters().getQ()); + out.writeObject(gost3410Spec.getPublicKeyParameters().getA()); + out.writeObject(gost3410Spec.getDigestParamSetOID()); + out.writeObject(gost3410Spec.getEncryptionParamSetOID()); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyFactorySpi.java new file mode 100644 index 0000000..ceaf967 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyFactorySpi.java @@ -0,0 +1,121 @@ +package org.bouncycastle.jcajce.provider.asymmetric.gost; + +import java.io.IOException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi; +import org.bouncycastle.jce.interfaces.GOST3410PrivateKey; +import org.bouncycastle.jce.interfaces.GOST3410PublicKey; +import org.bouncycastle.jce.spec.GOST3410PrivateKeySpec; +import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; +import org.bouncycastle.jce.spec.GOST3410PublicKeySpec; + +public class KeyFactorySpi + extends BaseKeyFactorySpi +{ + public KeyFactorySpi() + { + } + + protected KeySpec engineGetKeySpec( + Key key, + Class spec) + throws InvalidKeySpecException + { + if (spec.isAssignableFrom(GOST3410PublicKeySpec.class) && key instanceof GOST3410PublicKey) + { + GOST3410PublicKey k = (GOST3410PublicKey)key; + GOST3410PublicKeyParameterSetSpec parameters = k.getParameters().getPublicKeyParameters(); + + return new GOST3410PublicKeySpec(k.getY(), parameters.getP(), parameters.getQ(), parameters.getA()); + } + else if (spec.isAssignableFrom(GOST3410PrivateKeySpec.class) && key instanceof GOST3410PrivateKey) + { + GOST3410PrivateKey k = (GOST3410PrivateKey)key; + GOST3410PublicKeyParameterSetSpec parameters = k.getParameters().getPublicKeyParameters(); + + return new GOST3410PrivateKeySpec(k.getX(), parameters.getP(), parameters.getQ(), parameters.getA()); + } + + return super.engineGetKeySpec(key, spec); + } + + protected Key engineTranslateKey( + Key key) + throws InvalidKeyException + { + if (key instanceof GOST3410PublicKey) + { + return new BCGOST3410PublicKey((GOST3410PublicKey)key); + } + else if (key instanceof GOST3410PrivateKey) + { + return new BCGOST3410PrivateKey((GOST3410PrivateKey)key); + } + + throw new InvalidKeyException("key type unknown"); + } + + protected PrivateKey engineGeneratePrivate( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof GOST3410PrivateKeySpec) + { + return new BCGOST3410PrivateKey((GOST3410PrivateKeySpec)keySpec); + } + + return super.engineGeneratePrivate(keySpec); + } + + protected PublicKey engineGeneratePublic( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof GOST3410PublicKeySpec) + { + return new BCGOST3410PublicKey((GOST3410PublicKeySpec)keySpec); + } + + return super.engineGeneratePublic(keySpec); + } + + public PrivateKey generatePrivate(PrivateKeyInfo keyInfo) + throws IOException + { + ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm(); + + if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_94)) + { + return new BCGOST3410PrivateKey(keyInfo); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } + + public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo) + throws IOException + { + ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm(); + + if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_94)) + { + return new BCGOST3410PublicKey(keyInfo); + } + else + { + throw new IOException("algorithm identifier " + algOid + " in key not recognised"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyPairGeneratorSpi.java new file mode 100644 index 0000000..0a6a40e --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyPairGeneratorSpi.java @@ -0,0 +1,81 @@ +package org.bouncycastle.jcajce.provider.asymmetric.gost; + +import java.security.InvalidAlgorithmParameterException; +import java.security.KeyPair; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.generators.GOST3410KeyPairGenerator; +import org.bouncycastle.crypto.params.GOST3410KeyGenerationParameters; +import org.bouncycastle.crypto.params.GOST3410Parameters; +import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters; +import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters; +import org.bouncycastle.jce.spec.GOST3410ParameterSpec; +import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; + +public class KeyPairGeneratorSpi + extends java.security.KeyPairGenerator +{ + GOST3410KeyGenerationParameters param; + GOST3410KeyPairGenerator engine = new GOST3410KeyPairGenerator(); + GOST3410ParameterSpec gost3410Params; + int strength = 1024; + SecureRandom random = null; + boolean initialised = false; + + public KeyPairGeneratorSpi() + { + super("GOST3410"); + } + + public void initialize( + int strength, + SecureRandom random) + { + this.strength = strength; + this.random = random; + } + + private void init( + GOST3410ParameterSpec gParams, + SecureRandom random) + { + GOST3410PublicKeyParameterSetSpec spec = gParams.getPublicKeyParameters(); + + param = new GOST3410KeyGenerationParameters(random, new GOST3410Parameters(spec.getP(), spec.getQ(), spec.getA())); + + engine.init(param); + + initialised = true; + gost3410Params = gParams; + } + + public void initialize( + AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (!(params instanceof GOST3410ParameterSpec)) + { + throw new InvalidAlgorithmParameterException("parameter object not a GOST3410ParameterSpec"); + } + + init((GOST3410ParameterSpec)params, random); + } + + public KeyPair generateKeyPair() + { + if (!initialised) + { + init(new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A.getId()), new SecureRandom()); + } + + AsymmetricCipherKeyPair pair = engine.generateKeyPair(); + GOST3410PublicKeyParameters pub = (GOST3410PublicKeyParameters)pair.getPublic(); + GOST3410PrivateKeyParameters priv = (GOST3410PrivateKeyParameters)pair.getPrivate(); + + return new KeyPair(new BCGOST3410PublicKey(pub, gost3410Params), new BCGOST3410PrivateKey(priv, gost3410Params)); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/SignatureSpi.java new file mode 100644 index 0000000..30a6660 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/SignatureSpi.java @@ -0,0 +1,229 @@ +package org.bouncycastle.jcajce.provider.asymmetric.gost; + +import java.math.BigInteger; +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.SignatureException; +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; +import org.bouncycastle.asn1.x509.X509ObjectIdentifiers; +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.crypto.DSA; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.GOST3411Digest; +import org.bouncycastle.crypto.params.ParametersWithRandom; +import org.bouncycastle.crypto.signers.GOST3410Signer; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.jce.interfaces.ECKey; +import org.bouncycastle.jce.interfaces.ECPublicKey; +import org.bouncycastle.jce.interfaces.GOST3410Key; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jcajce.provider.asymmetric.util.GOST3410Util; + +public class SignatureSpi + extends java.security.SignatureSpi + implements PKCSObjectIdentifiers, X509ObjectIdentifiers +{ + private Digest digest; + private DSA signer; + private SecureRandom random; + + public SignatureSpi() + { + this.digest = new GOST3411Digest(); + this.signer = new GOST3410Signer(); + } + + protected void engineInitVerify( + PublicKey publicKey) + throws InvalidKeyException + { + CipherParameters param; + + if (publicKey instanceof ECPublicKey) + { + param = ECUtil.generatePublicKeyParameter(publicKey); + } + else if (publicKey instanceof GOST3410Key) + { + param = GOST3410Util.generatePublicKeyParameter(publicKey); + } + else + { + try + { + byte[] bytes = publicKey.getEncoded(); + + publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes)); + + if (publicKey instanceof ECPublicKey) + { + param = ECUtil.generatePublicKeyParameter(publicKey); + } + else + { + throw new InvalidKeyException("can't recognise key type in DSA based signer"); + } + } + catch (Exception e) + { + throw new InvalidKeyException("can't recognise key type in DSA based signer"); + } + } + + digest.reset(); + signer.init(false, param); + } + + protected void engineInitSign( + PrivateKey privateKey, + SecureRandom random) + throws InvalidKeyException + { + this.random = random; + engineInitSign(privateKey); + } + + protected void engineInitSign( + PrivateKey privateKey) + throws InvalidKeyException + { + CipherParameters param; + + if (privateKey instanceof ECKey) + { + param = ECUtil.generatePrivateKeyParameter(privateKey); + } + else + { + param = GOST3410Util.generatePrivateKeyParameter(privateKey); + } + + digest.reset(); + + if (random != null) + { + signer.init(true, new ParametersWithRandom(param, random)); + } + else + { + signer.init(true, param); + } + } + + protected void engineUpdate( + byte b) + throws SignatureException + { + digest.update(b); + } + + protected void engineUpdate( + byte[] b, + int off, + int len) + throws SignatureException + { + digest.update(b, off, len); + } + + protected byte[] engineSign() + throws SignatureException + { + byte[] hash = new byte[digest.getDigestSize()]; + + digest.doFinal(hash, 0); + + try + { + byte[] sigBytes = new byte[64]; + BigInteger[] sig = signer.generateSignature(hash); + byte[] r = sig[0].toByteArray(); + byte[] s = sig[1].toByteArray(); + + if (s[0] != 0) + { + System.arraycopy(s, 0, sigBytes, 32 - s.length, s.length); + } + else + { + System.arraycopy(s, 1, sigBytes, 32 - (s.length - 1), s.length - 1); + } + + if (r[0] != 0) + { + System.arraycopy(r, 0, sigBytes, 64 - r.length, r.length); + } + else + { + System.arraycopy(r, 1, sigBytes, 64 - (r.length - 1), r.length - 1); + } + + return sigBytes; + } + catch (Exception e) + { + throw new SignatureException(e.toString()); + } + } + + protected boolean engineVerify( + byte[] sigBytes) + throws SignatureException + { + byte[] hash = new byte[digest.getDigestSize()]; + + digest.doFinal(hash, 0); + + BigInteger[] sig; + + try + { + byte[] r = new byte[32]; + byte[] s = new byte[32]; + + System.arraycopy(sigBytes, 0, s, 0, 32); + + System.arraycopy(sigBytes, 32, r, 0, 32); + + sig = new BigInteger[2]; + sig[0] = new BigInteger(1, r); + sig[1] = new BigInteger(1, s); + } + catch (Exception e) + { + throw new SignatureException("error decoding signature bytes."); + } + + return signer.verifySignature(hash, sig[0], sig[1]); + } + + protected void engineSetParameter( + AlgorithmParameterSpec params) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> + */ + protected void engineSetParameter( + String param, + Object value) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated + */ + protected Object engineGetParameter( + String param) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/AlgorithmParametersSpi.java new file mode 100644 index 0000000..61f1e37 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/AlgorithmParametersSpi.java @@ -0,0 +1,138 @@ +package org.bouncycastle.jcajce.provider.asymmetric.ies; + +import java.io.IOException; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.DEROctetString; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.jce.spec.IESParameterSpec; + +public class AlgorithmParametersSpi + extends java.security.AlgorithmParametersSpi +{ + protected boolean isASN1FormatString(String format) + { + return format == null || format.equals("ASN.1"); + } + + protected AlgorithmParameterSpec engineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == null) + { + throw new NullPointerException("argument to getParameterSpec must not be null"); + } + + return localEngineGetParameterSpec(paramSpec); + } + + IESParameterSpec currentSpec; + + /** + * in the absence of a standard way of doing it this will do for + * now... + */ + protected byte[] engineGetEncoded() + { + try + { + ASN1EncodableVector v = new ASN1EncodableVector(); + + v.add(new DEROctetString(currentSpec.getDerivationV())); + v.add(new DEROctetString(currentSpec.getEncodingV())); + v.add(new ASN1Integer(currentSpec.getMacKeySize())); + + return new DERSequence(v).getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + throw new RuntimeException("Error encoding IESParameters"); + } + } + + protected byte[] engineGetEncoded( + String format) + { + if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == IESParameterSpec.class) + { + return currentSpec; + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (!(paramSpec instanceof IESParameterSpec)) + { + throw new InvalidParameterSpecException("IESParameterSpec required to initialise a IES algorithm parameters object"); + } + + this.currentSpec = (IESParameterSpec)paramSpec; + } + + protected void engineInit( + byte[] params) + throws IOException + { + try + { + ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(params); + + this.currentSpec = new IESParameterSpec( + ((ASN1OctetString)s.getObjectAt(0)).getOctets(), + ((ASN1OctetString)s.getObjectAt(0)).getOctets(), + ((ASN1Integer)s.getObjectAt(0)).getValue().intValue()); + } + catch (ClassCastException e) + { + throw new IOException("Not a valid IES Parameter encoding."); + } + catch (ArrayIndexOutOfBoundsException e) + { + throw new IOException("Not a valid IES Parameter encoding."); + } + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509")) + { + engineInit(params); + } + else + { + throw new IOException("Unknown parameter format " + format); + } + } + + protected String engineToString() + { + return "IES Parameters"; + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/CipherSpi.java new file mode 100644 index 0000000..430f6b1 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/CipherSpi.java @@ -0,0 +1,367 @@ +package org.bouncycastle.jcajce.provider.asymmetric.ies; + +import java.io.ByteArrayOutputStream; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.BadPaddingException; +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.interfaces.DHPrivateKey; +import javax.crypto.interfaces.DHPublicKey; + +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.crypto.InvalidCipherTextException; +import org.bouncycastle.crypto.agreement.DHBasicAgreement; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.engines.IESEngine; +import org.bouncycastle.crypto.generators.KDF2BytesGenerator; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.crypto.params.IESParameters; +import org.bouncycastle.jcajce.provider.asymmetric.util.DHUtil; +import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil; +import org.bouncycastle.jcajce.util.BCJcaJceHelper; +import org.bouncycastle.jcajce.util.JcaJceHelper; +import org.bouncycastle.jce.interfaces.ECPrivateKey; +import org.bouncycastle.jce.interfaces.IESKey; +import org.bouncycastle.jce.spec.IESParameterSpec; + +public class CipherSpi + extends javax.crypto.CipherSpi +{ + private final JcaJceHelper helper = new BCJcaJceHelper(); + + private IESEngine cipher; + private int state = -1; + private ByteArrayOutputStream buffer = new ByteArrayOutputStream(); + private AlgorithmParameters engineParam = null; + private IESParameterSpec engineParams = null; + + // + // specs we can handle. + // + private Class[] availableSpecs = + { + IESParameterSpec.class + }; + + public CipherSpi( + IESEngine engine) + { + cipher = engine; + } + + protected int engineGetBlockSize() + { + return 0; + } + + protected byte[] engineGetIV() + { + return null; + } + + protected int engineGetKeySize( + Key key) + { + if (!(key instanceof IESKey)) + { + throw new IllegalArgumentException("must be passed IE key"); + } + + IESKey ieKey = (IESKey)key; + + if (ieKey.getPrivate() instanceof DHPrivateKey) + { + DHPrivateKey k = (DHPrivateKey)ieKey.getPrivate(); + + return k.getX().bitLength(); + } + else if (ieKey.getPrivate() instanceof ECPrivateKey) + { + ECPrivateKey k = (ECPrivateKey)ieKey.getPrivate(); + + return k.getD().bitLength(); + } + + throw new IllegalArgumentException("not an IE key!"); + } + + protected int engineGetOutputSize( + int inputLen) + { + if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE) + { + return buffer.size() + inputLen + 20; /* SHA1 MAC size */ + } + else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE) + { + return buffer.size() + inputLen - 20; + } + else + { + throw new IllegalStateException("cipher not initialised"); + } + } + + protected AlgorithmParameters engineGetParameters() + { + if (engineParam == null) + { + if (engineParams != null) + { + String name = "IES"; + + try + { + engineParam = helper.createAlgorithmParameters(name); + engineParam.init(engineParams); + } + catch (Exception e) + { + throw new RuntimeException(e.toString()); + } + } + } + + return engineParam; + } + + protected void engineSetMode( + String mode) + { + throw new IllegalArgumentException("can't support mode " + mode); + } + + protected void engineSetPadding( + String padding) + throws NoSuchPaddingException + { + throw new NoSuchPaddingException(padding + " unavailable with RSA."); + } + + protected void engineInit( + int opmode, + Key key, + AlgorithmParameterSpec params, + SecureRandom random) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + if (!(key instanceof IESKey)) + { + throw new InvalidKeyException("must be passed IES key"); + } + + if (params == null && (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE)) + { + // + // if nothing is specified we set up for a 128 bit mac, with + // 128 bit derivation vectors. + // + byte[] d = new byte[16]; + byte[] e = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(d); + random.nextBytes(e); + + params = new IESParameterSpec(d, e, 128); + } + else if (!(params instanceof IESParameterSpec)) + { + throw new InvalidAlgorithmParameterException("must be passed IES parameters"); + } + + IESKey ieKey = (IESKey)key; + + CipherParameters pubKey; + CipherParameters privKey; + + if (ieKey.getPublic() instanceof DHPublicKey) + { + pubKey = DHUtil.generatePublicKeyParameter(ieKey.getPublic()); + privKey = DHUtil.generatePrivateKeyParameter(ieKey.getPrivate()); + + } + else + { + pubKey = ECUtil.generatePublicKeyParameter(ieKey.getPublic()); + privKey = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate()); + } + + this.engineParams = (IESParameterSpec)params; + + IESParameters p = new IESParameters(engineParams.getDerivationV(), engineParams.getEncodingV(), engineParams.getMacKeySize()); + + this.state = opmode; + + buffer.reset(); + + switch (opmode) + { + case Cipher.ENCRYPT_MODE: + case Cipher.WRAP_MODE: + cipher.init(true, privKey, pubKey, p); + break; + case Cipher.DECRYPT_MODE: + case Cipher.UNWRAP_MODE: + cipher.init(false, privKey, pubKey, p); + break; + default: + System.out.println("eeek!"); + } + } + + protected void engineInit( + int opmode, + Key key, + AlgorithmParameters params, + SecureRandom random) + throws InvalidKeyException, InvalidAlgorithmParameterException + { + AlgorithmParameterSpec paramSpec = null; + + if (params != null) + { + for (int i = 0; i != availableSpecs.length; i++) + { + try + { + paramSpec = params.getParameterSpec(availableSpecs[i]); + break; + } + catch (Exception e) + { + continue; + } + } + + if (paramSpec == null) + { + throw new InvalidAlgorithmParameterException("can't handle parameter " + params.toString()); + } + } + + engineParam = params; + engineInit(opmode, key, paramSpec, random); + } + + protected void engineInit( + int opmode, + Key key, + SecureRandom random) + throws InvalidKeyException + { + if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE) + { + try + { + engineInit(opmode, key, (AlgorithmParameterSpec)null, random); + return; + } + catch (InvalidAlgorithmParameterException e) + { + // fall through... + } + } + + throw new IllegalArgumentException("can't handle null parameter spec in IES"); + } + + protected byte[] engineUpdate( + byte[] input, + int inputOffset, + int inputLen) + { + buffer.write(input, inputOffset, inputLen); + return null; + } + + protected int engineUpdate( + byte[] input, + int inputOffset, + int inputLen, + byte[] output, + int outputOffset) + { + buffer.write(input, inputOffset, inputLen); + return 0; + } + + protected byte[] engineDoFinal( + byte[] input, + int inputOffset, + int inputLen) + throws IllegalBlockSizeException, BadPaddingException + { + if (inputLen != 0) + { + buffer.write(input, inputOffset, inputLen); + } + + try + { + byte[] buf = buffer.toByteArray(); + + buffer.reset(); + + return cipher.processBlock(buf, 0, buf.length); + } + catch (InvalidCipherTextException e) + { + throw new BadPaddingException(e.getMessage()); + } + } + + protected int engineDoFinal( + byte[] input, + int inputOffset, + int inputLen, + byte[] output, + int outputOffset) + throws IllegalBlockSizeException, BadPaddingException + { + if (inputLen != 0) + { + buffer.write(input, inputOffset, inputLen); + } + + try + { + byte[] buf = buffer.toByteArray(); + + buffer.reset(); + + buf = cipher.processBlock(buf, 0, buf.length); + + System.arraycopy(buf, 0, output, outputOffset, buf.length); + + return buf.length; + } + catch (InvalidCipherTextException e) + { + throw new BadPaddingException(e.getMessage()); + } + } + + static public class IES + extends CipherSpi + { + public IES() + { + super(new IESEngine( + new DHBasicAgreement(), + new KDF2BytesGenerator(new SHA1Digest()), + new HMac(new SHA1Digest()))); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java index aceb5ee..239e511 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java @@ -26,9 +26,7 @@ import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.InvalidCipherTextException; -// BEGIN android-removed -// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; -// END android-removed +import org.bouncycastle.crypto.encodings.ISO9796d1Encoding; import org.bouncycastle.crypto.encodings.OAEPEncoding; import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; @@ -203,12 +201,10 @@ public class CipherSpi { cipher = new PKCS1Encoding(new RSABlindedEngine()); } - // BEGIN android-removed - // else if (pad.equals("ISO9796-1PADDING")) - // { - // cipher = new ISO9796d1Encoding(new RSABlindedEngine()); - // } - // END android-removed + else if (pad.equals("ISO9796-1PADDING")) + { + cipher = new ISO9796d1Encoding(new RSABlindedEngine()); + } else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING")) { initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT)); @@ -547,50 +543,48 @@ public class CipherSpi } } - // BEGIN android-removed - // static public class PKCS1v1_5Padding - // extends CipherSpi - // { - // public PKCS1v1_5Padding() - // { - // super(new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class PKCS1v1_5Padding_PrivateOnly - // extends CipherSpi - // { - // public PKCS1v1_5Padding_PrivateOnly() - // { - // super(false, true, new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class PKCS1v1_5Padding_PublicOnly - // extends CipherSpi - // { - // public PKCS1v1_5Padding_PublicOnly() - // { - // super(true, false, new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class OAEPPadding - // extends CipherSpi - // { - // public OAEPPadding() - // { - // super(OAEPParameterSpec.DEFAULT); - // } - // } - // - // static public class ISO9796d1Padding - // extends CipherSpi - // { - // public ISO9796d1Padding() - // { - // super(new ISO9796d1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + static public class PKCS1v1_5Padding + extends CipherSpi + { + public PKCS1v1_5Padding() + { + super(new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class PKCS1v1_5Padding_PrivateOnly + extends CipherSpi + { + public PKCS1v1_5Padding_PrivateOnly() + { + super(false, true, new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class PKCS1v1_5Padding_PublicOnly + extends CipherSpi + { + public PKCS1v1_5Padding_PublicOnly() + { + super(true, false, new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class OAEPPadding + extends CipherSpi + { + public OAEPPadding() + { + super(OAEPParameterSpec.DEFAULT); + } + } + + static public class ISO9796d1Padding + extends CipherSpi + { + public ISO9796d1Padding() + { + super(new ISO9796d1Encoding(new RSABlindedEngine())); + } + } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java index 123ed41..c04bec9 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java @@ -17,31 +17,24 @@ import org.bouncycastle.asn1.DERNull; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed -// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x509.DigestInfo; import org.bouncycastle.crypto.AsymmetricBlockCipher; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Digest; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.MD2Digest; -// import org.bouncycastle.crypto.digests.MD4Digest; -// import org.bouncycastle.crypto.digests.MD5Digest; -// import org.bouncycastle.crypto.digests.NullDigest; -// import org.bouncycastle.crypto.digests.RIPEMD128Digest; -// import org.bouncycastle.crypto.digests.RIPEMD160Digest; -// import org.bouncycastle.crypto.digests.RIPEMD256Digest; -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.digests.SHA224Digest; -// import org.bouncycastle.crypto.digests.SHA256Digest; -// import org.bouncycastle.crypto.digests.SHA384Digest; -// import org.bouncycastle.crypto.digests.SHA512Digest; -// END android-removed -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added +import org.bouncycastle.crypto.digests.MD2Digest; +import org.bouncycastle.crypto.digests.MD4Digest; +import org.bouncycastle.crypto.digests.MD5Digest; +import org.bouncycastle.crypto.digests.NullDigest; +import org.bouncycastle.crypto.digests.RIPEMD128Digest; +import org.bouncycastle.crypto.digests.RIPEMD160Digest; +import org.bouncycastle.crypto.digests.RIPEMD256Digest; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.digests.SHA224Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.SHA384Digest; +import org.bouncycastle.crypto.digests.SHA512Digest; import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; import org.bouncycastle.util.Arrays; @@ -261,9 +254,7 @@ public class DigestSignatureSpi { public SHA1() { - // BEGIN android-changed - super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed + super(OIWObjectIdentifiers.idSHA1, new SHA1Digest(), new PKCS1Encoding(new RSABlindedEngine())); } } @@ -272,9 +263,7 @@ public class DigestSignatureSpi { public SHA224() { - // BEGIN android-changed - super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed + super(NISTObjectIdentifiers.id_sha224, new SHA224Digest(), new PKCS1Encoding(new RSABlindedEngine())); } } @@ -283,9 +272,7 @@ public class DigestSignatureSpi { public SHA256() { - // BEGIN android-changed - super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed + super(NISTObjectIdentifiers.id_sha256, new SHA256Digest(), new PKCS1Encoding(new RSABlindedEngine())); } } @@ -294,9 +281,7 @@ public class DigestSignatureSpi { public SHA384() { - // BEGIN android-changed - super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed + super(NISTObjectIdentifiers.id_sha384, new SHA384Digest(), new PKCS1Encoding(new RSABlindedEngine())); } } @@ -305,78 +290,70 @@ public class DigestSignatureSpi { public SHA512() { - // BEGIN android-changed - super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed + super(NISTObjectIdentifiers.id_sha512, new SHA512Digest(), new PKCS1Encoding(new RSABlindedEngine())); } } - // BEGIN android-removed - // static public class MD2 - // extends DigestSignatureSpi - // { - // public MD2() - // { - // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class MD4 - // extends DigestSignatureSpi - // { - // public MD4() - // { - // super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + static public class MD2 + extends DigestSignatureSpi + { + public MD2() + { + super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class MD4 + extends DigestSignatureSpi + { + public MD4() + { + super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } static public class MD5 extends DigestSignatureSpi { public MD5() { - // BEGIN android-changed - super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine())); - // END android-changed + super(PKCSObjectIdentifiers.md5, new MD5Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class RIPEMD160 + extends DigestSignatureSpi + { + public RIPEMD160() + { + super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); } } - // BEGIN android-removed - // static public class RIPEMD160 - // extends DigestSignatureSpi - // { - // public RIPEMD160() - // { - // super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class RIPEMD128 - // extends DigestSignatureSpi - // { - // public RIPEMD128() - // { - // super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class RIPEMD256 - // extends DigestSignatureSpi - // { - // public RIPEMD256() - // { - // super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // - // static public class noneRSA - // extends DigestSignatureSpi - // { - // public noneRSA() - // { - // super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); - // } - // } - // END android-removed + static public class RIPEMD128 + extends DigestSignatureSpi + { + public RIPEMD128() + { + super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class RIPEMD256 + extends DigestSignatureSpi + { + public RIPEMD256() + { + super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } + + static public class noneRSA + extends DigestSignatureSpi + { + public noneRSA() + { + super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine())); + } + } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/ISOSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/ISOSignatureSpi.java new file mode 100644 index 0000000..4d24e96 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/ISOSignatureSpi.java @@ -0,0 +1,142 @@ +package org.bouncycastle.jcajce.provider.asymmetric.rsa; + +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SignatureException; +import java.security.SignatureSpi; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.crypto.AsymmetricBlockCipher; +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.MD5Digest; +import org.bouncycastle.crypto.digests.RIPEMD160Digest; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.engines.RSABlindedEngine; +import org.bouncycastle.crypto.signers.ISO9796d2Signer; + +public class ISOSignatureSpi + extends SignatureSpi +{ + private ISO9796d2Signer signer; + + protected ISOSignatureSpi( + Digest digest, + AsymmetricBlockCipher cipher) + { + signer = new ISO9796d2Signer(cipher, digest, true); + } + + protected void engineInitVerify( + PublicKey publicKey) + throws InvalidKeyException + { + CipherParameters param = RSAUtil.generatePublicKeyParameter((RSAPublicKey)publicKey); + + signer.init(false, param); + } + + protected void engineInitSign( + PrivateKey privateKey) + throws InvalidKeyException + { + CipherParameters param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey); + + signer.init(true, param); + } + + protected void engineUpdate( + byte b) + throws SignatureException + { + signer.update(b); + } + + protected void engineUpdate( + byte[] b, + int off, + int len) + throws SignatureException + { + signer.update(b, off, len); + } + + protected byte[] engineSign() + throws SignatureException + { + try + { + byte[] sig = signer.generateSignature(); + + return sig; + } + catch (Exception e) + { + throw new SignatureException(e.toString()); + } + } + + protected boolean engineVerify( + byte[] sigBytes) + throws SignatureException + { + boolean yes = signer.verifySignature(sigBytes); + + return yes; + } + + protected void engineSetParameter( + AlgorithmParameterSpec params) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> + */ + protected void engineSetParameter( + String param, + Object value) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated + */ + protected Object engineGetParameter( + String param) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + static public class SHA1WithRSAEncryption + extends ISOSignatureSpi + { + public SHA1WithRSAEncryption() + { + super(new SHA1Digest(), new RSABlindedEngine()); + } + } + + static public class MD5WithRSAEncryption + extends ISOSignatureSpi + { + public MD5WithRSAEncryption() + { + super(new MD5Digest(), new RSABlindedEngine()); + } + } + + static public class RIPEMD160WithRSAEncryption + extends ISOSignatureSpi + { + public RIPEMD160WithRSAEncryption() + { + super(new RIPEMD160Digest(), new RSABlindedEngine()); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/PSSSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/PSSSignatureSpi.java new file mode 100644 index 0000000..ea632fc --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/PSSSignatureSpi.java @@ -0,0 +1,398 @@ +package org.bouncycastle.jcajce.provider.asymmetric.rsa; + +import java.io.ByteArrayOutputStream; +import java.security.AlgorithmParameters; +import java.security.InvalidKeyException; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SecureRandom; +import java.security.SignatureException; +import java.security.SignatureSpi; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.MGF1ParameterSpec; +import java.security.spec.PSSParameterSpec; + +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.crypto.AsymmetricBlockCipher; +import org.bouncycastle.crypto.CryptoException; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.engines.RSABlindedEngine; +import org.bouncycastle.crypto.params.ParametersWithRandom; +import org.bouncycastle.jcajce.provider.util.DigestFactory; +import org.bouncycastle.jcajce.util.BCJcaJceHelper; +import org.bouncycastle.jcajce.util.JcaJceHelper; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +public class PSSSignatureSpi + extends SignatureSpi +{ + private final JcaJceHelper helper = new BCJcaJceHelper(); + + private AlgorithmParameters engineParams; + private PSSParameterSpec paramSpec; + private PSSParameterSpec originalSpec; + private AsymmetricBlockCipher signer; + private Digest contentDigest; + private Digest mgfDigest; + private int saltLength; + private byte trailer; + private boolean isRaw; + + private org.bouncycastle.crypto.signers.PSSSigner pss; + + private byte getTrailer( + int trailerField) + { + if (trailerField == 1) + { + return org.bouncycastle.crypto.signers.PSSSigner.TRAILER_IMPLICIT; + } + + throw new IllegalArgumentException("unknown trailer field"); + } + + private void setupContentDigest() + { + if (isRaw) + { + this.contentDigest = new NullPssDigest(mgfDigest); + } + else + { + this.contentDigest = mgfDigest; + } + } + + // care - this constructor is actually used by outside organisations + protected PSSSignatureSpi( + AsymmetricBlockCipher signer, + PSSParameterSpec paramSpecArg) + { + this(signer, paramSpecArg, false); + } + + // care - this constructor is actually used by outside organisations + protected PSSSignatureSpi( + AsymmetricBlockCipher signer, + PSSParameterSpec baseParamSpec, + boolean isRaw) + { + this.signer = signer; + this.originalSpec = baseParamSpec; + + if (baseParamSpec == null) + { + this.paramSpec = PSSParameterSpec.DEFAULT; + } + else + { + this.paramSpec = baseParamSpec; + } + + this.mgfDigest = DigestFactory.getDigest(paramSpec.getDigestAlgorithm()); + this.saltLength = paramSpec.getSaltLength(); + this.trailer = getTrailer(paramSpec.getTrailerField()); + this.isRaw = isRaw; + + setupContentDigest(); + } + + protected void engineInitVerify( + PublicKey publicKey) + throws InvalidKeyException + { + if (!(publicKey instanceof RSAPublicKey)) + { + throw new InvalidKeyException("Supplied key is not a RSAPublicKey instance"); + } + + pss = new org.bouncycastle.crypto.signers.PSSSigner(signer, contentDigest, mgfDigest, saltLength, trailer); + pss.init(false, + RSAUtil.generatePublicKeyParameter((RSAPublicKey)publicKey)); + } + + protected void engineInitSign( + PrivateKey privateKey, + SecureRandom random) + throws InvalidKeyException + { + if (!(privateKey instanceof RSAPrivateKey)) + { + throw new InvalidKeyException("Supplied key is not a RSAPrivateKey instance"); + } + + pss = new org.bouncycastle.crypto.signers.PSSSigner(signer, contentDigest, mgfDigest, saltLength, trailer); + pss.init(true, new ParametersWithRandom(RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey), random)); + } + + protected void engineInitSign( + PrivateKey privateKey) + throws InvalidKeyException + { + if (!(privateKey instanceof RSAPrivateKey)) + { + throw new InvalidKeyException("Supplied key is not a RSAPrivateKey instance"); + } + + pss = new org.bouncycastle.crypto.signers.PSSSigner(signer, contentDigest, mgfDigest, saltLength, trailer); + pss.init(true, RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey)); + } + + protected void engineUpdate( + byte b) + throws SignatureException + { + pss.update(b); + } + + protected void engineUpdate( + byte[] b, + int off, + int len) + throws SignatureException + { + pss.update(b, off, len); + } + + protected byte[] engineSign() + throws SignatureException + { + try + { + return pss.generateSignature(); + } + catch (CryptoException e) + { + throw new SignatureException(e.getMessage()); + } + } + + protected boolean engineVerify( + byte[] sigBytes) + throws SignatureException + { + return pss.verifySignature(sigBytes); + } + + protected void engineSetParameter( + AlgorithmParameterSpec params) + throws InvalidParameterException + { + if (params instanceof PSSParameterSpec) + { + PSSParameterSpec newParamSpec = (PSSParameterSpec)params; + + if (originalSpec != null) + { + if (!DigestFactory.isSameDigest(originalSpec.getDigestAlgorithm(), newParamSpec.getDigestAlgorithm())) + { + throw new InvalidParameterException("parameter must be using " + originalSpec.getDigestAlgorithm()); + } + } + if (!newParamSpec.getMGFAlgorithm().equalsIgnoreCase("MGF1") && !newParamSpec.getMGFAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1.getId())) + { + throw new InvalidParameterException("unknown mask generation function specified"); + } + + if (!(newParamSpec.getMGFParameters() instanceof MGF1ParameterSpec)) + { + throw new InvalidParameterException("unkown MGF parameters"); + } + + MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)newParamSpec.getMGFParameters(); + + if (!DigestFactory.isSameDigest(mgfParams.getDigestAlgorithm(), newParamSpec.getDigestAlgorithm())) + { + throw new InvalidParameterException("digest algorithm for MGF should be the same as for PSS parameters."); + } + + Digest newDigest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm()); + + if (newDigest == null) + { + throw new InvalidParameterException("no match on MGF digest algorithm: "+ mgfParams.getDigestAlgorithm()); + } + + this.engineParams = null; + this.paramSpec = newParamSpec; + this.mgfDigest = newDigest; + this.saltLength = paramSpec.getSaltLength(); + this.trailer = getTrailer(paramSpec.getTrailerField()); + + setupContentDigest(); + } + else + { + throw new InvalidParameterException("Only PSSParameterSpec supported"); + } + } + + protected AlgorithmParameters engineGetParameters() + { + if (engineParams == null) + { + if (paramSpec != null) + { + try + { + engineParams = helper.createAlgorithmParameters("PSS"); + engineParams.init(paramSpec); + } + catch (Exception e) + { + throw new RuntimeException(e.toString()); + } + } + } + + return engineParams; + } + + /** + * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> + */ + protected void engineSetParameter( + String param, + Object value) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + protected Object engineGetParameter( + String param) + { + throw new UnsupportedOperationException("engineGetParameter unsupported"); + } + + static public class nonePSS + extends PSSSignatureSpi + { + public nonePSS() + { + super(new RSABlindedEngine(), null, true); + } + } + + static public class PSSwithRSA + extends PSSSignatureSpi + { + public PSSwithRSA() + { + super(new RSABlindedEngine(), null); + } + } + + static public class SHA1withRSA + extends PSSSignatureSpi + { + public SHA1withRSA() + { + super(new RSABlindedEngine(), PSSParameterSpec.DEFAULT); + } + } + + static public class SHA224withRSA + extends PSSSignatureSpi + { + public SHA224withRSA() + { + super(new RSABlindedEngine(), new PSSParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), 28, 1)); + } + } + + static public class SHA256withRSA + extends PSSSignatureSpi + { + public SHA256withRSA() + { + super(new RSABlindedEngine(), new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 32, 1)); + } + } + + static public class SHA384withRSA + extends PSSSignatureSpi + { + public SHA384withRSA() + { + super(new RSABlindedEngine(), new PSSParameterSpec("SHA-384", "MGF1", new MGF1ParameterSpec("SHA-384"), 48, 1)); + } + } + + static public class SHA512withRSA + extends PSSSignatureSpi + { + public SHA512withRSA() + { + super(new RSABlindedEngine(), new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-512"), 64, 1)); + } + } + + private class NullPssDigest + implements Digest + { + private ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + private Digest baseDigest; + private boolean oddTime = true; + + public NullPssDigest(Digest mgfDigest) + { + this.baseDigest = mgfDigest; + } + + public String getAlgorithmName() + { + return "NULL"; + } + + public int getDigestSize() + { + return baseDigest.getDigestSize(); + } + + public void update(byte in) + { + bOut.write(in); + } + + public void update(byte[] in, int inOff, int len) + { + bOut.write(in, inOff, len); + } + + public int doFinal(byte[] out, int outOff) + { + byte[] res = bOut.toByteArray(); + + if (oddTime) + { + System.arraycopy(res, 0, out, outOff, res.length); + } + else + { + baseDigest.update(res, 0, res.length); + + baseDigest.doFinal(out, outOff); + } + + reset(); + + oddTime = !oddTime; + + return res.length; + } + + public void reset() + { + bOut.reset(); + baseDigest.reset(); + } + + public int getByteLength() + { + return 0; + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/X931SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/X931SignatureSpi.java new file mode 100644 index 0000000..727f685 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/X931SignatureSpi.java @@ -0,0 +1,194 @@ +package org.bouncycastle.jcajce.provider.asymmetric.rsa; + +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.SignatureException; +import java.security.SignatureSpi; +import java.security.interfaces.RSAPrivateKey; +import java.security.interfaces.RSAPublicKey; +import java.security.spec.AlgorithmParameterSpec; + +import org.bouncycastle.crypto.AsymmetricBlockCipher; +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.MD5Digest; +import org.bouncycastle.crypto.digests.RIPEMD128Digest; +import org.bouncycastle.crypto.digests.RIPEMD160Digest; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.digests.SHA224Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.SHA384Digest; +import org.bouncycastle.crypto.digests.SHA512Digest; +import org.bouncycastle.crypto.digests.WhirlpoolDigest; +import org.bouncycastle.crypto.engines.RSABlindedEngine; +import org.bouncycastle.crypto.signers.ISO9796d2Signer; +import org.bouncycastle.crypto.signers.X931Signer; + +public class X931SignatureSpi + extends SignatureSpi +{ + private X931Signer signer; + + protected X931SignatureSpi( + Digest digest, + AsymmetricBlockCipher cipher) + { + signer = new X931Signer(cipher, digest); + } + + protected void engineInitVerify( + PublicKey publicKey) + throws InvalidKeyException + { + CipherParameters param = RSAUtil.generatePublicKeyParameter((RSAPublicKey)publicKey); + + signer.init(false, param); + } + + protected void engineInitSign( + PrivateKey privateKey) + throws InvalidKeyException + { + CipherParameters param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey); + + signer.init(true, param); + } + + protected void engineUpdate( + byte b) + throws SignatureException + { + signer.update(b); + } + + protected void engineUpdate( + byte[] b, + int off, + int len) + throws SignatureException + { + signer.update(b, off, len); + } + + protected byte[] engineSign() + throws SignatureException + { + try + { + byte[] sig = signer.generateSignature(); + + return sig; + } + catch (Exception e) + { + throw new SignatureException(e.toString()); + } + } + + protected boolean engineVerify( + byte[] sigBytes) + throws SignatureException + { + boolean yes = signer.verifySignature(sigBytes); + + return yes; + } + + protected void engineSetParameter( + AlgorithmParameterSpec params) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated replaced with <a href = "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"> + */ + protected void engineSetParameter( + String param, + Object value) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + /** + * @deprecated + */ + protected Object engineGetParameter( + String param) + { + throw new UnsupportedOperationException("engineSetParameter unsupported"); + } + + static public class RIPEMD128WithRSAEncryption + extends X931SignatureSpi + { + public RIPEMD128WithRSAEncryption() + { + super(new RIPEMD128Digest(), new RSABlindedEngine()); + } + } + + static public class RIPEMD160WithRSAEncryption + extends X931SignatureSpi + { + public RIPEMD160WithRSAEncryption() + { + super(new RIPEMD160Digest(), new RSABlindedEngine()); + } + } + + static public class SHA1WithRSAEncryption + extends X931SignatureSpi + { + public SHA1WithRSAEncryption() + { + super(new SHA1Digest(), new RSABlindedEngine()); + } + } + + static public class SHA224WithRSAEncryption + extends X931SignatureSpi + { + public SHA224WithRSAEncryption() + { + super(new SHA224Digest(), new RSABlindedEngine()); + } + } + + static public class SHA256WithRSAEncryption + extends X931SignatureSpi + { + public SHA256WithRSAEncryption() + { + super(new SHA256Digest(), new RSABlindedEngine()); + } + } + + static public class SHA384WithRSAEncryption + extends X931SignatureSpi + { + public SHA384WithRSAEncryption() + { + super(new SHA384Digest(), new RSABlindedEngine()); + } + } + + static public class SHA512WithRSAEncryption + extends X931SignatureSpi + { + public SHA512WithRSAEncryption() + { + super(new SHA512Digest(), new RSABlindedEngine()); + } + } + + static public class WhirlpoolWithRSAEncryption + extends X931SignatureSpi + { + public WhirlpoolWithRSAEncryption() + { + super(new WhirlpoolDigest(), new RSABlindedEngine()); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java index 5842b9e..482329c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java @@ -18,10 +18,8 @@ import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed -// import javax.crypto.spec.RC2ParameterSpec; -// import javax.crypto.spec.RC5ParameterSpec; -// END android-removed +import javax.crypto.spec.RC2ParameterSpec; +import javax.crypto.spec.RC5ParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; @@ -41,10 +39,8 @@ public abstract class BaseCipherSpi { IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed - // RC2ParameterSpec.class, - // RC5ParameterSpec.class - // END android-removed + RC2ParameterSpec.class, + RC5ParameterSpec.class }; private final JcaJceHelper helper = new BCJcaJceHelper(); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java index b8ef398..b1805f6 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java @@ -6,15 +6,11 @@ import java.security.PrivateKey; import java.security.PublicKey; import org.bouncycastle.asn1.ASN1ObjectIdentifier; -// BEGIN android-removed -// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; -// END android-removed +import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves; import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; import org.bouncycastle.asn1.sec.SECNamedCurves; -// BEGIN android-removed -// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; -// END android-removed +import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.asn1.x9.X962NamedCurves; import org.bouncycastle.asn1.x9.X962Parameters; @@ -251,16 +247,14 @@ public class ECUtil { oid = NISTNamedCurves.getOID(name); } - // BEGIN android-removed - // if (oid == null) - // { - // oid = TeleTrusTNamedCurves.getOID(name); - // } - // if (oid == null) - // { - // oid = ECGOST3410NamedCurves.getOID(name); - // } - // END android-removed + if (oid == null) + { + oid = TeleTrusTNamedCurves.getOID(name); + } + if (oid == null) + { + oid = ECGOST3410NamedCurves.getOID(name); + } } return oid; @@ -282,12 +276,10 @@ public class ECUtil { params = NISTNamedCurves.getByOID(oid); } - // BEGIN android-removed - // if (params == null) - // { - // params = TeleTrusTNamedCurves.getByOID(oid); - // } - // END android-removed + if (params == null) + { + params = TeleTrusTNamedCurves.getByOID(oid); + } } return params; @@ -305,16 +297,14 @@ public class ECUtil { name = NISTNamedCurves.getName(oid); } - // BEGIN android-removed - // if (name == null) - // { - // name = TeleTrusTNamedCurves.getName(oid); - // } - // if (name == null) - // { - // name = ECGOST3410NamedCurves.getName(oid); - // } - // END android-removed + if (name == null) + { + name = TeleTrusTNamedCurves.getName(oid); + } + if (name == null) + { + name = ECGOST3410NamedCurves.getName(oid); + } } return name; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/GOST3410Util.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/GOST3410Util.java new file mode 100644 index 0000000..850ab9d --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/GOST3410Util.java @@ -0,0 +1,52 @@ +package org.bouncycastle.jcajce.provider.asymmetric.util; + +import java.security.InvalidKeyException; +import java.security.PrivateKey; +import java.security.PublicKey; + +import org.bouncycastle.crypto.params.AsymmetricKeyParameter; +import org.bouncycastle.crypto.params.GOST3410Parameters; +import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters; +import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters; +import org.bouncycastle.jce.interfaces.GOST3410PrivateKey; +import org.bouncycastle.jce.interfaces.GOST3410PublicKey; +import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec; + +/** + * utility class for converting jce/jca GOST3410-94 objects + * objects into their org.bouncycastle.crypto counterparts. + */ +public class GOST3410Util +{ + static public AsymmetricKeyParameter generatePublicKeyParameter( + PublicKey key) + throws InvalidKeyException + { + if (key instanceof GOST3410PublicKey) + { + GOST3410PublicKey k = (GOST3410PublicKey)key; + GOST3410PublicKeyParameterSetSpec p = k.getParameters().getPublicKeyParameters(); + + return new GOST3410PublicKeyParameters(k.getY(), + new GOST3410Parameters(p.getP(), p.getQ(), p.getA())); + } + + throw new InvalidKeyException("can't identify GOST3410 public key: " + key.getClass().getName()); + } + + static public AsymmetricKeyParameter generatePrivateKeyParameter( + PrivateKey key) + throws InvalidKeyException + { + if (key instanceof GOST3410PrivateKey) + { + GOST3410PrivateKey k = (GOST3410PrivateKey)key; + GOST3410PublicKeyParameterSetSpec p = k.getParameters().getPublicKeyParameters(); + + return new GOST3410PrivateKeyParameters(k.getX(), + new GOST3410Parameters(p.getP(), p.getQ(), p.getA())); + } + + throw new InvalidKeyException("can't identify GOST3410 private key."); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/IESUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/IESUtil.java new file mode 100644 index 0000000..93ed727 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/IESUtil.java @@ -0,0 +1,32 @@ +package org.bouncycastle.jcajce.provider.asymmetric.util; + +import org.bouncycastle.crypto.engines.IESEngine; +import org.bouncycastle.jce.spec.IESParameterSpec; + +public class IESUtil +{ + public static IESParameterSpec guessParameterSpec(IESEngine engine) + { + if (engine.getCipher() == null) + { + return new IESParameterSpec(null, null, 128); + } + else if (engine.getCipher().getUnderlyingCipher().getAlgorithmName().equals("DES") || + engine.getCipher().getUnderlyingCipher().getAlgorithmName().equals("RC2") || + engine.getCipher().getUnderlyingCipher().getAlgorithmName().equals("RC5-32") || + engine.getCipher().getUnderlyingCipher().getAlgorithmName().equals("RC5-64")) + { + return new IESParameterSpec(null, null, 64, 64); + } + else if (engine.getCipher().getUnderlyingCipher().getAlgorithmName().equals("SKIPJACK")) + { + return new IESParameterSpec(null, null, 80, 80); + } + else if (engine.getCipher().getUnderlyingCipher().getAlgorithmName().equals("GOST28147")) + { + return new IESParameterSpec(null, null, 256, 256); + } + + return new IESParameterSpec(null, null, 128, 128); + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java index 8bb4c3a..b82d091 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java @@ -37,9 +37,7 @@ import org.bouncycastle.asn1.pkcs.SignedData; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; import org.bouncycastle.util.io.pem.PemObject; -// BEGIN android-removed -// import org.bouncycastle.util.io.pem.PemWriter; -// END android-removed +import org.bouncycastle.util.io.pem.PemWriter; /** * CertPath implementation for X.509 certificates. @@ -56,9 +54,7 @@ public class PKIXCertPath { List encodings = new ArrayList(); encodings.add("PkiPath"); - // BEGIN android-removed - // encodings.add("PEM"); - // END android-removed + encodings.add("PEM"); encodings.add("PKCS7"); certPathEncodings = Collections.unmodifiableList(encodings); } @@ -305,29 +301,27 @@ public class PKIXCertPath return toDEREncoded(new ContentInfo( PKCSObjectIdentifiers.signedData, sd)); } - // BEGIN android-removed - // else if (encoding.equalsIgnoreCase("PEM")) - // { - // ByteArrayOutputStream bOut = new ByteArrayOutputStream(); - // PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); - // - // try - // { - // for (int i = 0; i != certificates.size(); i++) - // { - // pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); - // } - // - // pWrt.close(); - // } - // catch (Exception e) - // { - // throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); - // } - // - // return bOut.toByteArray(); - // } - // END android-removed + else if (encoding.equalsIgnoreCase("PEM")) + { + ByteArrayOutputStream bOut = new ByteArrayOutputStream(); + PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut)); + + try + { + for (int i = 0; i != certificates.size(); i++) + { + pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded())); + } + + pWrt.close(); + } + catch (Exception e) + { + throw new CertificateEncodingException("can't encode certificate for PEM encoded path"); + } + + return bOut.toByteArray(); + } else { throw new CertificateEncodingException("unsupported encoding: " + encoding); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java index 3157ea6..56df634 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java @@ -55,9 +55,6 @@ import org.bouncycastle.asn1.x509.Extension; import org.bouncycastle.asn1.x509.Extensions; import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.asn1.x509.KeyUsage; -// BEGIN android-added -import org.bouncycastle.asn1.x509.X509Name; -// END android-added import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl; import org.bouncycastle.jce.X509Principal; import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier; @@ -537,20 +534,12 @@ class X509CertificateObject } } - // BEGIN android-changed - private byte[] encoded; - // END android-changed public byte[] getEncoded() throws CertificateEncodingException { try { - // BEGIN android-changed - if (encoded == null) { - encoded = c.getEncoded(ASN1Encoding.DER); - } - return encoded; - // END android-changed + return c.getEncoded(ASN1Encoding.DER); } catch (IOException e) { @@ -850,9 +839,7 @@ class X509CertificateObject list.add(genName.getEncoded()); break; case GeneralName.directoryName: - // BEGIN android-changed - list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols)); - // END android-changed + list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString()); break; case GeneralName.dNSName: case GeneralName.rfc822Name: diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java index 61b0545..8488f80 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java @@ -16,16 +16,12 @@ import org.bouncycastle.asn1.ASN1Null; import org.bouncycastle.asn1.ASN1ObjectIdentifier; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.DERNull; -// BEGIN android-removed -// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// END android-removed +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; -// BEGIN android-removed -// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; -// END android-removed +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.asn1.x9.X9ObjectIdentifiers; import org.bouncycastle.jce.provider.BouncyCastleProvider; @@ -147,24 +143,22 @@ class X509SignatureUtil { return "SHA512"; } - // BEGIN android-removed - // else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) - // { - // return "RIPEMD128"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) - // { - // return "RIPEMD160"; - // } - // else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) - // { - // return "RIPEMD256"; - // } - // else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) - // { - // return "GOST3411"; - // } - // END android-removed + else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID)) + { + return "RIPEMD128"; + } + else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID)) + { + return "RIPEMD160"; + } + else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID)) + { + return "RIPEMD256"; + } + else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID)) + { + return "GOST3411"; + } else { return digestAlgOID.getId(); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/GOST3411.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/GOST3411.java new file mode 100644 index 0000000..2112673 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/GOST3411.java @@ -0,0 +1,94 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.GOST3411Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; + +public class GOST3411 +{ + private GOST3411() + { + + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new GOST3411Digest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new GOST3411Digest((GOST3411Digest)digest); + + return d; + } + } + + /** + * GOST3411 HMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new GOST3411Digest())); + } + } + + /** + * PBEWithHmacGOST3411 + */ + public static class PBEWithMacKeyFactory + extends PBESecretKeyFactory + { + public PBEWithMacKeyFactory() + { + super("PBEwithHmacGOST3411", null, false, PKCS12, GOST3411, 256, 0); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACGOST3411", 256, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = GOST3411.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.GOST3411", PREFIX + "$Digest"); + provider.addAlgorithm("Alg.Alias.MessageDigest.GOST", "GOST3411"); + provider.addAlgorithm("Alg.Alias.MessageDigest.GOST-3411", "GOST3411"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + CryptoProObjectIdentifiers.gostR3411, "GOST3411"); + + provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACGOST3411", PREFIX + "$PBEWithMacKeyFactory"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + CryptoProObjectIdentifiers.gostR3411, "PBEWITHHMACGOST3411"); + + addHMACAlgorithm(provider, "GOST3411", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + addHMACAlias(provider, "GOST3411", CryptoProObjectIdentifiers.gostR3411); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD2.java new file mode 100644 index 0000000..5a3a2bf --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD2.java @@ -0,0 +1,75 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.MD2Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; + +public class MD2 +{ + private MD2() + { + + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new MD2Digest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new MD2Digest((MD2Digest)digest); + + return d; + } + } + + /** + * MD2 HMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new MD2Digest())); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACMD2", 128, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = MD2.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.MD2", PREFIX + "$Digest"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md2, "MD2"); + + addHMACAlgorithm(provider, "MD2", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD4.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD4.java new file mode 100644 index 0000000..8a30baa --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD4.java @@ -0,0 +1,75 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.MD4Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; + +public class MD4 +{ + private MD4() + { + + } + + /** + * MD4 HashMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new MD4Digest())); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACMD4", 128, new CipherKeyGenerator()); + } + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new MD4Digest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new MD4Digest((MD4Digest)digest); + + return d; + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = MD4.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.MD4", PREFIX + "$Digest"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md4, "MD4"); + + addHMACAlgorithm(provider, "MD4", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD128.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD128.java new file mode 100644 index 0000000..e913f65 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD128.java @@ -0,0 +1,75 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.RIPEMD128Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; + +public class RIPEMD128 +{ + private RIPEMD128() + { + + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new RIPEMD128Digest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new RIPEMD128Digest((RIPEMD128Digest)digest); + + return d; + } + } + + /** + * RIPEMD128 HashMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new RIPEMD128Digest())); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACRIPEMD128", 128, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = RIPEMD128.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.RIPEMD128", PREFIX + "$Digest"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128"); + + addHMACAlgorithm(provider, "RIPEMD128", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD160.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD160.java new file mode 100644 index 0000000..f081713 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD160.java @@ -0,0 +1,113 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.asn1.iana.IANAObjectIdentifiers; +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.RIPEMD160Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; + +public class RIPEMD160 +{ + private RIPEMD160() + { + + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new RIPEMD160Digest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new RIPEMD160Digest((RIPEMD160Digest)digest); + + return d; + } + } + + /** + * RIPEMD160 HMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new RIPEMD160Digest())); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACRIPEMD160", 160, new CipherKeyGenerator()); + } + } + + + // + // PKCS12 states that the same algorithm should be used + // for the key generation as is used in the HMAC, so that + // is what we do here. + // + + /** + * PBEWithHmacRIPEMD160 + */ + public static class PBEWithHmac + extends BaseMac + { + public PBEWithHmac() + { + super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160); + } + } + + /** + * PBEWithHmacRIPEMD160 + */ + public static class PBEWithHmacKeyFactory + extends PBESecretKeyFactory + { + public PBEWithHmacKeyFactory() + { + super("PBEwithHmacRIPEMD160", null, false, PKCS12, RIPEMD160, 160, 0); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = RIPEMD160.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.RIPEMD160", PREFIX + "$Digest"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160"); + + addHMACAlgorithm(provider, "RIPEMD160", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + addHMACAlias(provider, "RIPEMD160", IANAObjectIdentifiers.hmacRIPEMD160); + + + provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACRIPEMD160", PREFIX + "$PBEWithHmacKeyFactory"); + provider.addAlgorithm("Mac.PBEWITHHMACRIPEMD160", PREFIX + "$PBEWithHmac"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD256.java new file mode 100644 index 0000000..dcb1b56 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD256.java @@ -0,0 +1,75 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.RIPEMD256Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; + +public class RIPEMD256 +{ + private RIPEMD256() + { + + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new RIPEMD256Digest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new RIPEMD256Digest((RIPEMD256Digest)digest); + + return d; + } + } + + /** + * RIPEMD256 HMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new RIPEMD256Digest())); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACRIPEMD256", 256, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = RIPEMD256.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.RIPEMD256", PREFIX + "$Digest"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256"); + + addHMACAlgorithm(provider, "RIPEMD256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD320.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD320.java new file mode 100644 index 0000000..12e0fd8 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD320.java @@ -0,0 +1,73 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.RIPEMD320Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; + +public class RIPEMD320 +{ + private RIPEMD320() + { + + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new RIPEMD320Digest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new RIPEMD320Digest((RIPEMD320Digest)digest); + + return d; + } + } + + /** + * RIPEMD320 HMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new RIPEMD320Digest())); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACRIPEMD320", 320, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = RIPEMD320.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.RIPEMD320", PREFIX + "$Digest"); + + addHMACAlgorithm(provider, "RIPEMD320", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java index 4504f30..785cf65 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java @@ -45,19 +45,17 @@ public class SHA256 } } - // BEGIN android-removed - // /** - // * PBEWithHmacSHA - // */ - // public static class PBEWithMacKeyFactory - // extends PBESecretKeyFactory - // { - // public PBEWithMacKeyFactory() - // { - // super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); - // } - // } - // END android-removed + /** + * PBEWithHmacSHA + */ + public static class PBEWithMacKeyFactory + extends PBESecretKeyFactory + { + public PBEWithMacKeyFactory() + { + super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0); + } + } /** * HMACSHA256 @@ -86,11 +84,9 @@ public class SHA256 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256"); - // BEGIN android-removed - // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); - // END android-removed + provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256"); addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA3.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA3.java new file mode 100644 index 0000000..2c832fb --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA3.java @@ -0,0 +1,171 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.SHA3Digest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; + +public class SHA3 +{ + private SHA3() + { + + } + + static public class DigestSHA3 + extends BCMessageDigest + implements Cloneable + { + public DigestSHA3(int size) + { + super(new SHA3Digest(size)); + } + + public Object clone() + throws CloneNotSupportedException + { + BCMessageDigest d = (BCMessageDigest)super.clone(); + d.digest = new SHA3Digest((SHA3Digest)digest); + + return d; + } + } + + static public class Digest224 + extends DigestSHA3 + { + public Digest224() + { + super(224); + } + } + + static public class Digest256 + extends DigestSHA3 + { + public Digest256() + { + super(256); + } + } + + static public class Digest384 + extends DigestSHA3 + { + public Digest384() + { + super(384); + } + } + + static public class Digest512 + extends DigestSHA3 + { + public Digest512() + { + super(512); + } + } + + /** + * SHA3 HMac + */ + public static class HashMac224 + extends BaseMac + { + public HashMac224() + { + super(new HMac(new SHA3Digest(224))); + } + } + + public static class HashMac256 + extends BaseMac + { + public HashMac256() + { + super(new HMac(new SHA3Digest(256))); + } + } + + public static class HashMac384 + extends BaseMac + { + public HashMac384() + { + super(new HMac(new SHA3Digest(384))); + } + } + + public static class HashMac512 + extends BaseMac + { + public HashMac512() + { + super(new HMac(new SHA3Digest(512))); + } + } + + public static class KeyGenerator224 + extends BaseKeyGenerator + { + public KeyGenerator224() + { + super("HMACSHA3-224", 224, new CipherKeyGenerator()); + } + } + + public static class KeyGenerator256 + extends BaseKeyGenerator + { + public KeyGenerator256() + { + super("HMACSHA3-256", 256, new CipherKeyGenerator()); + } + } + + public static class KeyGenerator384 + extends BaseKeyGenerator + { + public KeyGenerator384() + { + super("HMACSHA3-384", 384, new CipherKeyGenerator()); + } + } + + public static class KeyGenerator512 + extends BaseKeyGenerator + { + public KeyGenerator512() + { + super("HMACSHA3-512", 512, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = SHA3.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.SHA3-224", PREFIX + "$Digest224"); + provider.addAlgorithm("MessageDigest.SHA3-256", PREFIX + "$Digest256"); + provider.addAlgorithm("MessageDigest.SHA3-384", PREFIX + "$Digest384"); + provider.addAlgorithm("MessageDigest.SHA3-512", PREFIX + "$Digest512"); + // look for an object identifier (NIST???) for SHA3 family + // provider.addAlgorithm("Alg.Alias.MessageDigest." + OIWObjectIdentifiers.idSHA3, "SHA3-224"); // ***** + + addHMACAlgorithm(provider, "SHA3-224", PREFIX + "$HashMac224", PREFIX + "$KeyGenerator224"); + addHMACAlgorithm(provider, "SHA3-256", PREFIX + "$HashMac256", PREFIX + "$KeyGenerator256"); + addHMACAlgorithm(provider, "SHA3-384", PREFIX + "$HashMac384", PREFIX + "$KeyGenerator384"); + addHMACAlgorithm(provider, "SHA3-512", PREFIX + "$HashMac512", PREFIX + "$KeyGenerator512"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java index e563579..f811df6 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java @@ -5,9 +5,7 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.digests.SHA384Digest; import org.bouncycastle.crypto.macs.HMac; -// BEGIN android-removed -// import org.bouncycastle.crypto.macs.OldHMac; -// END android-removed +import org.bouncycastle.crypto.macs.OldHMac; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -59,16 +57,14 @@ public class SHA384 } } - // BEGIN android-removed - // public static class OldSHA384 - // extends BaseMac - // { - // public OldSHA384() - // { - // super(new OldHMac(new SHA384Digest())); - // } - // } - // END android-removed + public static class OldSHA384 + extends BaseMac + { + public OldSHA384() + { + super(new OldHMac(new SHA384Digest())); + } + } public static class Mappings extends DigestAlgorithmProvider @@ -84,9 +80,7 @@ public class SHA384 provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest"); provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384"); - // BEGIN android-removed - // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); - // END android-removed + provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384"); addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java index 903eec1..48adf73 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java @@ -4,13 +4,9 @@ import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.digests.SHA512Digest; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.SHA512tDigest; -// END android-removed +import org.bouncycastle.crypto.digests.SHA512tDigest; import org.bouncycastle.crypto.macs.HMac; -// BEGIN android-removed -// import org.bouncycastle.crypto.macs.OldHMac; -// END android-removed +import org.bouncycastle.crypto.macs.OldHMac; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -41,44 +37,42 @@ public class SHA512 } } - // BEGIN android-removed - // static public class DigestT - // extends BCMessageDigest - // implements Cloneable - // { - // public DigestT(int bitLength) - // { - // super(new SHA512tDigest(bitLength)); - // } - // - // public Object clone() - // throws CloneNotSupportedException - // { - // DigestT d = (DigestT)super.clone(); - // d.digest = new SHA512tDigest((SHA512tDigest)digest); - // - // return d; - // } - // } - // - // static public class DigestT224 - // extends DigestT - // { - // public DigestT224() - // { - // super(224); - // } - // } - // - // static public class DigestT256 - // extends DigestT - // { - // public DigestT256() - // { - // super(256); - // } - // } - // END android-removed + static public class DigestT + extends BCMessageDigest + implements Cloneable + { + public DigestT(int bitLength) + { + super(new SHA512tDigest(bitLength)); + } + + public Object clone() + throws CloneNotSupportedException + { + DigestT d = (DigestT)super.clone(); + d.digest = new SHA512tDigest((SHA512tDigest)digest); + + return d; + } + } + + static public class DigestT224 + extends DigestT + { + public DigestT224() + { + super(224); + } + } + + static public class DigestT256 + extends DigestT + { + public DigestT256() + { + super(256); + } + } public static class HashMac extends BaseMac @@ -89,37 +83,35 @@ public class SHA512 } } - // BEGIN android-removed - // public static class HashMacT224 - // extends BaseMac - // { - // public HashMacT224() - // { - // super(new HMac(new SHA512tDigest(224))); - // } - // } - // - // public static class HashMacT256 - // extends BaseMac - // { - // public HashMacT256() - // { - // super(new HMac(new SHA512tDigest(256))); - // } - // } - // - // /** - // * SHA-512 HMac - // */ - // public static class OldSHA512 - // extends BaseMac - // { - // public OldSHA512() - // { - // super(new OldHMac(new SHA512Digest())); - // } - // } - // END android-removed + public static class HashMacT224 + extends BaseMac + { + public HashMacT224() + { + super(new HMac(new SHA512tDigest(224))); + } + } + + public static class HashMacT256 + extends BaseMac + { + public HashMacT256() + { + super(new HMac(new SHA512tDigest(256))); + } + } + + /** + * SHA-512 HMac + */ + public static class OldSHA512 + extends BaseMac + { + public OldSHA512() + { + super(new OldHMac(new SHA512Digest())); + } + } /** * HMACSHA512 @@ -133,25 +125,23 @@ public class SHA512 } } - // BEGIN android-removed - // public static class KeyGeneratorT224 - // extends BaseKeyGenerator - // { - // public KeyGeneratorT224() - // { - // super("HMACSHA512/224", 224, new CipherKeyGenerator()); - // } - // } - // - // public static class KeyGeneratorT256 - // extends BaseKeyGenerator - // { - // public KeyGeneratorT256() - // { - // super("HMACSHA512/256", 256, new CipherKeyGenerator()); - // } - // } - // END android-removed + public static class KeyGeneratorT224 + extends BaseKeyGenerator + { + public KeyGeneratorT224() + { + super("HMACSHA512/224", 224, new CipherKeyGenerator()); + } + } + + public static class KeyGeneratorT256 + extends BaseKeyGenerator + { + public KeyGeneratorT256() + { + super("HMACSHA512/256", 256, new CipherKeyGenerator()); + } + } public static class Mappings extends DigestAlgorithmProvider @@ -168,25 +158,21 @@ public class SHA512 provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512"); provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512"); - // BEGIN android-removed - // provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); - // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); - // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); - // - // provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); - // provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); - // provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); - // - // provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); - // END android-removed + provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224"); + provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224"); + + provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256"); + provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256"); + provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256"); + + provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512"); addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512); - // BEGIN android-removed - // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); - // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); - // END android-removed + addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224", PREFIX + "$KeyGeneratorT224"); + addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256", PREFIX + "$KeyGeneratorT256"); } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SM3.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SM3.java new file mode 100644 index 0000000..8050e35 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SM3.java @@ -0,0 +1,47 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.crypto.digests.SM3Digest; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; + +public class SM3 +{ + private SM3() + { + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new SM3Digest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new SM3Digest((SM3Digest)digest); + + return d; + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = SM3.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.SM3", PREFIX + "$Digest"); + provider.addAlgorithm("Alg.Alias.MessageDigest.SM3", "SM3"); + provider.addAlgorithm("Alg.Alias.MessageDigest.1.2.156.197.1.401", "SM3"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Skein.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Skein.java new file mode 100644 index 0000000..1191049 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Skein.java @@ -0,0 +1,740 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.SkeinDigest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.crypto.macs.SkeinMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; + +public class Skein +{ + private Skein() + { + } + + public static class DigestSkein256 + extends BCMessageDigest + implements Cloneable + { + public DigestSkein256(int outputSize) + { + super(new SkeinDigest(SkeinDigest.SKEIN_256, outputSize)); + } + + public Object clone() + throws CloneNotSupportedException + { + BCMessageDigest d = (BCMessageDigest)super.clone(); + d.digest = new SkeinDigest((SkeinDigest)digest); + + return d; + } + } + + public static class Digest_256_128 + extends DigestSkein256 + { + public Digest_256_128() + { + super(128); + } + } + + public static class Digest_256_160 + extends DigestSkein256 + { + public Digest_256_160() + { + super(160); + } + } + + public static class Digest_256_224 + extends DigestSkein256 + { + public Digest_256_224() + { + super(224); + } + } + + public static class Digest_256_256 + extends DigestSkein256 + { + public Digest_256_256() + { + super(256); + } + } + + public static class DigestSkein512 + extends BCMessageDigest + implements Cloneable + { + public DigestSkein512(int outputSize) + { + super(new SkeinDigest(SkeinDigest.SKEIN_512, outputSize)); + } + + public Object clone() + throws CloneNotSupportedException + { + BCMessageDigest d = (BCMessageDigest)super.clone(); + d.digest = new SkeinDigest((SkeinDigest)digest); + + return d; + } + } + + public static class Digest_512_128 + extends DigestSkein512 + { + public Digest_512_128() + { + super(128); + } + } + + public static class Digest_512_160 + extends DigestSkein512 + { + public Digest_512_160() + { + super(160); + } + } + + public static class Digest_512_224 + extends DigestSkein512 + { + public Digest_512_224() + { + super(224); + } + } + + public static class Digest_512_256 + extends DigestSkein512 + { + public Digest_512_256() + { + super(256); + } + } + + public static class Digest_512_384 + extends DigestSkein512 + { + public Digest_512_384() + { + super(384); + } + } + + public static class Digest_512_512 + extends DigestSkein512 + { + public Digest_512_512() + { + super(512); + } + } + + public static class DigestSkein1024 + extends BCMessageDigest + implements Cloneable + { + public DigestSkein1024(int outputSize) + { + super(new SkeinDigest(SkeinDigest.SKEIN_1024, outputSize)); + } + + public Object clone() + throws CloneNotSupportedException + { + BCMessageDigest d = (BCMessageDigest)super.clone(); + d.digest = new SkeinDigest((SkeinDigest)digest); + + return d; + } + } + + public static class Digest_1024_384 + extends DigestSkein1024 + { + public Digest_1024_384() + { + super(384); + } + } + + public static class Digest_1024_512 + extends DigestSkein1024 + { + public Digest_1024_512() + { + super(512); + } + } + + public static class Digest_1024_1024 + extends DigestSkein1024 + { + public Digest_1024_1024() + { + super(1024); + } + } + + /** + * Skein HMac + */ + public static class HashMac_256_128 + extends BaseMac + { + public HashMac_256_128() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_256, 128))); + } + } + + public static class HashMac_256_160 + extends BaseMac + { + public HashMac_256_160() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_256, 160))); + } + } + + public static class HashMac_256_224 + extends BaseMac + { + public HashMac_256_224() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_256, 224))); + } + } + + public static class HashMac_256_256 + extends BaseMac + { + public HashMac_256_256() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_256, 256))); + } + } + + public static class HashMac_512_128 + extends BaseMac + { + public HashMac_512_128() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 128))); + } + } + + public static class HashMac_512_160 + extends BaseMac + { + public HashMac_512_160() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 160))); + } + } + + public static class HashMac_512_224 + extends BaseMac + { + public HashMac_512_224() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 224))); + } + } + + public static class HashMac_512_256 + extends BaseMac + { + public HashMac_512_256() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 256))); + } + } + + public static class HashMac_512_384 + extends BaseMac + { + public HashMac_512_384() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 384))); + } + } + + public static class HashMac_512_512 + extends BaseMac + { + public HashMac_512_512() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 512))); + } + } + + public static class HashMac_1024_384 + extends BaseMac + { + public HashMac_1024_384() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_1024, 384))); + } + } + + public static class HashMac_1024_512 + extends BaseMac + { + public HashMac_1024_512() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_1024, 512))); + } + } + + public static class HashMac_1024_1024 + extends BaseMac + { + public HashMac_1024_1024() + { + super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_1024, 1024))); + } + } + + public static class HMacKeyGenerator_256_128 + extends BaseKeyGenerator + { + public HMacKeyGenerator_256_128() + { + super("HMACSkein-256-128", 128, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_256_160 + extends BaseKeyGenerator + { + public HMacKeyGenerator_256_160() + { + super("HMACSkein-256-160", 160, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_256_224 + extends BaseKeyGenerator + { + public HMacKeyGenerator_256_224() + { + super("HMACSkein-256-224", 224, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_256_256 + extends BaseKeyGenerator + { + public HMacKeyGenerator_256_256() + { + super("HMACSkein-256-256", 256, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_512_128 + extends BaseKeyGenerator + { + public HMacKeyGenerator_512_128() + { + super("HMACSkein-512-128", 128, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_512_160 + extends BaseKeyGenerator + { + public HMacKeyGenerator_512_160() + { + super("HMACSkein-512-160", 160, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_512_224 + extends BaseKeyGenerator + { + public HMacKeyGenerator_512_224() + { + super("HMACSkein-512-224", 224, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_512_256 + extends BaseKeyGenerator + { + public HMacKeyGenerator_512_256() + { + super("HMACSkein-512-256", 256, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_512_384 + extends BaseKeyGenerator + { + public HMacKeyGenerator_512_384() + { + super("HMACSkein-512-384", 384, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_512_512 + extends BaseKeyGenerator + { + public HMacKeyGenerator_512_512() + { + super("HMACSkein-512-512", 512, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_1024_384 + extends BaseKeyGenerator + { + public HMacKeyGenerator_1024_384() + { + super("HMACSkein-1024-384", 384, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_1024_512 + extends BaseKeyGenerator + { + public HMacKeyGenerator_1024_512() + { + super("HMACSkein-1024-512", 512, new CipherKeyGenerator()); + } + } + + public static class HMacKeyGenerator_1024_1024 + extends BaseKeyGenerator + { + public HMacKeyGenerator_1024_1024() + { + super("HMACSkein-1024-1024", 1024, new CipherKeyGenerator()); + } + } + + /* + * Skein-MAC + */ + public static class SkeinMac_256_128 + extends BaseMac + { + public SkeinMac_256_128() + { + super(new SkeinMac(SkeinMac.SKEIN_256, 128)); + } + } + + public static class SkeinMac_256_160 + extends BaseMac + { + public SkeinMac_256_160() + { + super(new SkeinMac(SkeinMac.SKEIN_256, 160)); + } + } + + public static class SkeinMac_256_224 + extends BaseMac + { + public SkeinMac_256_224() + { + super(new SkeinMac(SkeinMac.SKEIN_256, 224)); + } + } + + public static class SkeinMac_256_256 + extends BaseMac + { + public SkeinMac_256_256() + { + super(new SkeinMac(SkeinMac.SKEIN_256, 256)); + } + } + + public static class SkeinMac_512_128 + extends BaseMac + { + public SkeinMac_512_128() + { + super(new SkeinMac(SkeinMac.SKEIN_512, 128)); + } + } + + public static class SkeinMac_512_160 + extends BaseMac + { + public SkeinMac_512_160() + { + super(new SkeinMac(SkeinMac.SKEIN_512, 160)); + } + } + + public static class SkeinMac_512_224 + extends BaseMac + { + public SkeinMac_512_224() + { + super(new SkeinMac(SkeinMac.SKEIN_512, 224)); + } + } + + public static class SkeinMac_512_256 + extends BaseMac + { + public SkeinMac_512_256() + { + super(new SkeinMac(SkeinMac.SKEIN_512, 256)); + } + } + + public static class SkeinMac_512_384 + extends BaseMac + { + public SkeinMac_512_384() + { + super(new SkeinMac(SkeinMac.SKEIN_512, 384)); + } + } + + public static class SkeinMac_512_512 + extends BaseMac + { + public SkeinMac_512_512() + { + super(new SkeinMac(SkeinMac.SKEIN_512, 512)); + } + } + + public static class SkeinMac_1024_384 + extends BaseMac + { + public SkeinMac_1024_384() + { + super(new SkeinMac(SkeinMac.SKEIN_1024, 384)); + } + } + + public static class SkeinMac_1024_512 + extends BaseMac + { + public SkeinMac_1024_512() + { + super(new SkeinMac(SkeinMac.SKEIN_1024, 512)); + } + } + + public static class SkeinMac_1024_1024 + extends BaseMac + { + public SkeinMac_1024_1024() + { + super(new SkeinMac(SkeinMac.SKEIN_1024, 1024)); + } + } + + public static class SkeinMacKeyGenerator_256_128 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_256_128() + { + super("Skein-MAC-256-128", 128, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_256_160 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_256_160() + { + super("Skein-MAC-256-160", 160, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_256_224 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_256_224() + { + super("Skein-MAC-256-224", 224, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_256_256 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_256_256() + { + super("Skein-MAC-256-256", 256, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_512_128 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_512_128() + { + super("Skein-MAC-512-128", 128, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_512_160 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_512_160() + { + super("Skein-MAC-512-160", 160, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_512_224 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_512_224() + { + super("Skein-MAC-512-224", 224, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_512_256 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_512_256() + { + super("Skein-MAC-512-256", 256, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_512_384 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_512_384() + { + super("Skein-MAC-512-384", 384, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_512_512 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_512_512() + { + super("Skein-MAC-512-512", 512, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_1024_384 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_1024_384() + { + super("Skein-MAC-1024-384", 384, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_1024_512 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_1024_512() + { + super("Skein-MAC-1024-512", 512, new CipherKeyGenerator()); + } + } + + public static class SkeinMacKeyGenerator_1024_1024 + extends BaseKeyGenerator + { + public SkeinMacKeyGenerator_1024_1024() + { + super("Skein-MAC-1024-1024", 1024, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = Skein.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + // Skein sizes as used in "The Skein Hash Function Family 1.3" + + provider.addAlgorithm("MessageDigest.Skein-256-128", PREFIX + "$Digest_256_128"); + provider.addAlgorithm("MessageDigest.Skein-256-160", PREFIX + "$Digest_256_160"); + provider.addAlgorithm("MessageDigest.Skein-256-224", PREFIX + "$Digest_256_224"); + provider.addAlgorithm("MessageDigest.Skein-256-256", PREFIX + "$Digest_256_256"); + + provider.addAlgorithm("MessageDigest.Skein-512-128", PREFIX + "$Digest_512_128"); + provider.addAlgorithm("MessageDigest.Skein-512-160", PREFIX + "$Digest_512_160"); + provider.addAlgorithm("MessageDigest.Skein-512-224", PREFIX + "$Digest_512_224"); + provider.addAlgorithm("MessageDigest.Skein-512-256", PREFIX + "$Digest_512_256"); + provider.addAlgorithm("MessageDigest.Skein-512-384", PREFIX + "$Digest_512_384"); + provider.addAlgorithm("MessageDigest.Skein-512-512", PREFIX + "$Digest_512_512"); + + provider.addAlgorithm("MessageDigest.Skein-1024-384", PREFIX + "$Digest_1024_384"); + provider.addAlgorithm("MessageDigest.Skein-1024-512", PREFIX + "$Digest_1024_512"); + provider.addAlgorithm("MessageDigest.Skein-1024-1024", PREFIX + "$Digest_1024_1024"); + + addHMACAlgorithm(provider, "Skein-256-128", PREFIX + "$HashMac_256_128", PREFIX + "$HMacKeyGenerator_256_128"); + addHMACAlgorithm(provider, "Skein-256-160", PREFIX + "$HashMac_256_160", PREFIX + "$HMacKeyGenerator_256_160"); + addHMACAlgorithm(provider, "Skein-256-224", PREFIX + "$HashMac_256_224", PREFIX + "$HMacKeyGenerator_256_224"); + addHMACAlgorithm(provider, "Skein-256-256", PREFIX + "$HashMac_256_256", PREFIX + "$HMacKeyGenerator_256_256"); + + addHMACAlgorithm(provider, "Skein-512-128", PREFIX + "$HashMac_512_128", PREFIX + "$HMacKeyGenerator_512_128"); + addHMACAlgorithm(provider, "Skein-512-160", PREFIX + "$HashMac_512_160", PREFIX + "$HMacKeyGenerator_512_160"); + addHMACAlgorithm(provider, "Skein-512-224", PREFIX + "$HashMac_512_224", PREFIX + "$HMacKeyGenerator_512_224"); + addHMACAlgorithm(provider, "Skein-512-256", PREFIX + "$HashMac_512_256", PREFIX + "$HMacKeyGenerator_512_256"); + addHMACAlgorithm(provider, "Skein-512-384", PREFIX + "$HashMac_512_384", PREFIX + "$HMacKeyGenerator_512_384"); + addHMACAlgorithm(provider, "Skein-512-512", PREFIX + "$HashMac_512_512", PREFIX + "$HMacKeyGenerator_512_512"); + + addHMACAlgorithm(provider, "Skein-1024-384", PREFIX + "$HashMac_1024_384", PREFIX + "$HMacKeyGenerator_1024_384"); + addHMACAlgorithm(provider, "Skein-1024-512", PREFIX + "$HashMac_1024_512", PREFIX + "$HMacKeyGenerator_1024_512"); + addHMACAlgorithm(provider, "Skein-1024-1024", PREFIX + "$HashMac_1024_1024", PREFIX + "$HMacKeyGenerator_1024_1024"); + + addSkeinMacAlgorithm(provider, 256, 128); + addSkeinMacAlgorithm(provider, 256, 160); + addSkeinMacAlgorithm(provider, 256, 224); + addSkeinMacAlgorithm(provider, 256, 256); + + addSkeinMacAlgorithm(provider, 512, 128); + addSkeinMacAlgorithm(provider, 512, 160); + addSkeinMacAlgorithm(provider, 512, 224); + addSkeinMacAlgorithm(provider, 512, 256); + addSkeinMacAlgorithm(provider, 512, 384); + addSkeinMacAlgorithm(provider, 512, 512); + + addSkeinMacAlgorithm(provider, 1024, 384); + addSkeinMacAlgorithm(provider, 1024, 512); + addSkeinMacAlgorithm(provider, 1024, 1024); + } + + private void addSkeinMacAlgorithm(ConfigurableProvider provider, int blockSize, int outputSize) + { + String mainName = "Skein-MAC-" + blockSize + "-" + outputSize; + String algorithmClassName = PREFIX + "$SkeinMac_" + blockSize + "_" + outputSize; + String keyGeneratorClassName = PREFIX + "$SkeinMacKeyGenerator_" + blockSize + "_" + outputSize; + + provider.addAlgorithm("Mac." + mainName, algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac.Skein-MAC" + blockSize + "/" + outputSize, mainName); + provider.addAlgorithm("KeyGenerator." + mainName, keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator.Skein-MAC" + blockSize + "/" + outputSize, mainName); + } + + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Tiger.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Tiger.java new file mode 100644 index 0000000..3d248aa --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Tiger.java @@ -0,0 +1,115 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.asn1.iana.IANAObjectIdentifiers; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.TigerDigest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; + +public class Tiger +{ + private Tiger() + { + + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new TigerDigest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new TigerDigest((TigerDigest)digest); + + return d; + } + } + + /** + * Tiger HMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new TigerDigest())); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACTIGER", 192, new CipherKeyGenerator()); + } + } + + /** + * Tiger HMac + */ + public static class TigerHmac + extends BaseMac + { + public TigerHmac() + { + super(new HMac(new TigerDigest())); + } + } + + /** + * PBEWithHmacTiger + */ + public static class PBEWithMacKeyFactory + extends PBESecretKeyFactory + { + public PBEWithMacKeyFactory() + { + super("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192, 0); + } + } + + /** + * PBEWithHmacTiger + */ + public static class PBEWithHashMac + extends BaseMac + { + public PBEWithHashMac() + { + super(new HMac(new TigerDigest()), PKCS12, TIGER, 192); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = Tiger.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.TIGER", PREFIX + "$Digest"); + provider.addAlgorithm("MessageDigest.Tiger", PREFIX + "$Digest"); // JDK 1.1. + + addHMACAlgorithm(provider, "TIGER", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + addHMACAlias(provider, "TIGER", IANAObjectIdentifiers.hmacTIGER); + + provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACTIGER", PREFIX + "$PBEWithMacKeyFactory"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Whirlpool.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Whirlpool.java new file mode 100644 index 0000000..bf1c06c --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Whirlpool.java @@ -0,0 +1,73 @@ +package org.bouncycastle.jcajce.provider.digest; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.digests.WhirlpoolDigest; +import org.bouncycastle.crypto.macs.HMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; + +public class Whirlpool +{ + private Whirlpool() + { + + } + + static public class Digest + extends BCMessageDigest + implements Cloneable + { + public Digest() + { + super(new WhirlpoolDigest()); + } + + public Object clone() + throws CloneNotSupportedException + { + Digest d = (Digest)super.clone(); + d.digest = new WhirlpoolDigest((WhirlpoolDigest)digest); + + return d; + } + } + + /** + * Tiger HMac + */ + public static class HashMac + extends BaseMac + { + public HashMac() + { + super(new HMac(new WhirlpoolDigest())); + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("HMACWHIRLPOOL", 512, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends DigestAlgorithmProvider + { + private static final String PREFIX = Whirlpool.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("MessageDigest.WHIRLPOOL", PREFIX + "$Digest"); + + addHMACAlgorithm(provider, "WHIRLPOOL", PREFIX + "$HashMac", PREFIX + "$KeyGenerator"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java index 9711426..30a81ff 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java @@ -17,9 +17,7 @@ public class BC public void configure(ConfigurableProvider provider) { provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std"); - // BEGIN android-removed - // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); - // END android-removed + provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1"); provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore"); provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle"); provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java index 1d4e146..73abd17 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java @@ -17,16 +17,14 @@ public class PKCS12 public void configure(ConfigurableProvider provider) { provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // BEGIN android-removed - // provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); - // - // provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); - // - // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); - // provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); - // END android-removed + provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); + + provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES"); + + provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore"); + provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES"); } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java index 53548f0..3fc0396 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java @@ -62,10 +62,8 @@ import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DEROutputStream; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERSet; -// BEGIN android-removed -// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; -// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; -// END android-removed +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.asn1.cryptopro.GOST28147Parameters; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; import org.bouncycastle.asn1.pkcs.AuthenticatedSafe; @@ -91,9 +89,7 @@ import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.digests.SHA1Digest; import org.bouncycastle.jcajce.PKCS12StoreParameter; import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; -// BEGIN android-removed -// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; -// END android-removed +import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; import org.bouncycastle.jcajce.spec.PBKDF2KeySpec; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; @@ -757,15 +753,13 @@ public class PKCS12KeyStoreSpi { cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets())); } - // BEGIN android-removed - // else - // { - // // TODO: at the moment it's just GOST, but... - // GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); - // - // cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); - // } - // END android-removed + else + { + // TODO: at the moment it's just GOST, but... + GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams); + + cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV())); + } return cipher; } @@ -1686,34 +1680,33 @@ public class PKCS12KeyStoreSpi super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); } } - // BEGIN android-removed - // public static class BCPKCS12KeyStore3DES - // extends PKCS12KeyStoreSpi - // { - // public BCPKCS12KeyStore3DES() - // { - // super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); - // } - // } - // - // public static class DefPKCS12KeyStore - // extends PKCS12KeyStoreSpi - // { - // public DefPKCS12KeyStore() - // { - // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); - // } - // } - // - // public static class DefPKCS12KeyStore3DES - // extends PKCS12KeyStoreSpi - // { - // public DefPKCS12KeyStore3DES() - // { - // super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); - // } - // } - // END android-removed + + public static class BCPKCS12KeyStore3DES + extends PKCS12KeyStoreSpi + { + public BCPKCS12KeyStore3DES() + { + super(new BouncyCastleProvider(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); + } + } + + public static class DefPKCS12KeyStore + extends PKCS12KeyStoreSpi + { + public DefPKCS12KeyStore() + { + super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC); + } + } + + public static class DefPKCS12KeyStore3DES + extends PKCS12KeyStoreSpi + { + public DefPKCS12KeyStore3DES() + { + super(null, pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC); + } + } private static class IgnoresCaseHashtable { @@ -1786,9 +1779,7 @@ public class PKCS12KeyStoreSpi keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192)); keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256)); - // BEGIN android-removed - // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); - // END android-removed + keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256)); KEY_SIZES = Collections.unmodifiableMap(keySizes); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java index d476df8..e69f39f 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java @@ -3,28 +3,16 @@ package org.bouncycastle.jcajce.provider.symmetric; import java.io.IOException; import java.lang.reflect.Constructor; import java.lang.reflect.Method; -// BEGIN android-added -import java.security.NoSuchAlgorithmException; -// END android-added -// BEGIN android-removed -// import java.security.AlgorithmParameters; -// import java.security.InvalidAlgorithmParameterException; -// END android-removed +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; import java.security.SecureRandom; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidParameterSpecException; -// BEGIN android-removed -// import javax.crypto.spec.IvParameterSpec; -// END android-removed +import javax.crypto.spec.IvParameterSpec; -// BEGIN android-added -import javax.crypto.NoSuchPaddingException; -// END android-added import org.bouncycastle.asn1.bc.BCObjectIdentifiers; -// BEGIN android-removed -// import org.bouncycastle.asn1.cms.CCMParameters; -// END android-removed +import org.bouncycastle.asn1.cms.CCMParameters; import org.bouncycastle.asn1.cms.GCMParameters; import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.crypto.BlockCipher; @@ -32,30 +20,22 @@ import org.bouncycastle.crypto.BufferedBlockCipher; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.engines.AESFastEngine; import org.bouncycastle.crypto.engines.AESWrapEngine; -// BEGIN android-removed -// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; -// import org.bouncycastle.crypto.engines.RFC5649WrapEngine; -// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; -// import org.bouncycastle.crypto.macs.CMac; -// import org.bouncycastle.crypto.macs.GMac; -// END android-removed +import org.bouncycastle.crypto.engines.RFC3211WrapEngine; +import org.bouncycastle.crypto.engines.RFC5649WrapEngine; +import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; +import org.bouncycastle.crypto.macs.CMac; +import org.bouncycastle.crypto.macs.GMac; import org.bouncycastle.crypto.modes.CBCBlockCipher; -// BEGIN android-removed -// import org.bouncycastle.crypto.modes.CCMBlockCipher; -// END android-removed +import org.bouncycastle.crypto.modes.CCMBlockCipher; import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.GCMBlockCipher; import org.bouncycastle.crypto.modes.OFBBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; -// END android-removed +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; -// BEGIN android-removed -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; -// END android-removed +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; @@ -118,64 +98,53 @@ public final class AES public GCM() { super(new GCMBlockCipher(new AESFastEngine())); - // BEGIN android-added - try { - engineSetMode("GCM"); - engineSetPadding("NoPadding"); - } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { - // this should not be possible - throw new RuntimeException("Could not set mode or padding for GCM mode", e); - } - // END android-added - } - } - - // BEGIN android-removed - // static public class CCM - // extends BaseBlockCipher - // { - // public CCM() - // { - // super(new CCMBlockCipher(new AESFastEngine())); - // } - // } - // - // public static class AESCMAC - // extends BaseMac - // { - // public AESCMAC() - // { - // super(new CMac(new AESFastEngine())); - // } - // } - // - // public static class AESGMAC - // extends BaseMac - // { - // public AESGMAC() - // { - // super(new GMac(new GCMBlockCipher(new AESFastEngine()))); - // } - // } - // - // public static class Poly1305 - // extends BaseMac - // { - // public Poly1305() - // { - // super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); - // } - // } - // - // public static class Poly1305KeyGen - // extends BaseKeyGenerator - // { - // public Poly1305KeyGen() - // { - // super("Poly1305-AES", 256, new Poly1305KeyGenerator()); - // } - // } - // END android-removed + } + } + + static public class CCM + extends BaseBlockCipher + { + public CCM() + { + super(new CCMBlockCipher(new AESFastEngine())); + } + } + + public static class AESCMAC + extends BaseMac + { + public AESCMAC() + { + super(new CMac(new AESFastEngine())); + } + } + + public static class AESGMAC + extends BaseMac + { + public AESGMAC() + { + super(new GMac(new GCMBlockCipher(new AESFastEngine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new AESFastEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-AES", 256, new Poly1305KeyGenerator()); + } + } static public class Wrap extends BaseWrapCipher @@ -186,25 +155,23 @@ public final class AES } } - // BEGIN android-removed - // public static class RFC3211Wrap - // extends BaseWrapCipher - // { - // public RFC3211Wrap() - // { - // super(new RFC3211WrapEngine(new AESFastEngine()), 16); - // } - // } - // - // public static class RFC5649Wrap - // extends BaseWrapCipher - // { - // public RFC5649Wrap() - // { - // super(new RFC5649WrapEngine(new AESFastEngine())); - // } - // } - // END android-removed + public static class RFC3211Wrap + extends BaseWrapCipher + { + public RFC3211Wrap() + { + super(new RFC3211WrapEngine(new AESFastEngine()), 16); + } + } + + public static class RFC5649Wrap + extends BaseWrapCipher + { + public RFC5649Wrap() + { + super(new RFC5649WrapEngine(new AESFastEngine())); + } + } /** * PBEWithAES-CBC @@ -223,9 +190,7 @@ public final class AES { public KeyGen() { - // BEGIN android-changed - this(128); - // END android-changed + this(192); } public KeyGen(int keySize) @@ -234,34 +199,32 @@ public final class AES } } - // BEGIN android-removed - // public static class KeyGen128 - // extends KeyGen - // { - // public KeyGen128() - // { - // super(128); - // } - // } - // - // public static class KeyGen192 - // extends KeyGen - // { - // public KeyGen192() - // { - // super(192); - // } - // } - // - // public static class KeyGen256 - // extends KeyGen - // { - // public KeyGen256() - // { - // super(256); - // } - // } - // END android-removed + public static class KeyGen128 + extends KeyGen + { + public KeyGen128() + { + super(128); + } + } + + public static class KeyGen192 + extends KeyGen + { + public KeyGen192() + { + super(192); + } + } + + public static class KeyGen256 + extends KeyGen + { + public KeyGen256() + { + super(256); + } + } /** * PBEWithSHA1And128BitAES-BC @@ -371,121 +334,119 @@ public final class AES } } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - // - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[16]; - // - // if (random == null) - // { - // random = new SecureRandom(); - // } - // - // random.nextBytes(iv); - // - // AlgorithmParameters params; - // - // try - // { - // params = createParametersInstance("AES"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // - // return params; - // } - // } - // - // public static class AlgParamGenCCM - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - // - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[12]; - // - // if (random == null) - // { - // random = new SecureRandom(); - // } - // - // random.nextBytes(iv); - // - // AlgorithmParameters params; - // - // try - // { - // params = createParametersInstance("CCM"); - // params.init(new CCMParameters(iv, 12).getEncoded()); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // - // return params; - // } - // } - // - // public static class AlgParamGenGCM - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - // - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] nonce = new byte[12]; - // - // if (random == null) - // { - // random = new SecureRandom(); - // } - // - // random.nextBytes(nonce); - // - // AlgorithmParameters params; - // - // try - // { - // params = createParametersInstance("GCM"); - // params.init(new GCMParameters(nonce, 12).getEncoded()); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // - // return params; - // } - // } - // END android-removed + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("AES"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParamGenCCM + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[12]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("CCM"); + params.init(new CCMParameters(iv, 12).getEncoded()); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParamGenGCM + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] nonce = new byte[12]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(nonce); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("GCM"); + params.init(new GCMParameters(nonce, 12).getEncoded()); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } public static class AlgParams extends IvAlgorithmParameters @@ -584,82 +545,80 @@ public final class AES } } - // BEGIN android-removed - // public static class AlgParamsCCM - // extends BaseAlgorithmParameters - // { - // private CCMParameters ccmParams; - // - // protected void engineInit(AlgorithmParameterSpec paramSpec) - // throws InvalidParameterSpecException - // { - // throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation."); - // } - // - // protected void engineInit(byte[] params) - // throws IOException - // { - // ccmParams = CCMParameters.getInstance(params); - // } - // - // protected void engineInit(byte[] params, String format) - // throws IOException - // { - // if (!isASN1FormatString(format)) - // { - // throw new IOException("unknown format specified"); - // } - // - // ccmParams = CCMParameters.getInstance(params); - // } - // - // protected byte[] engineGetEncoded() - // throws IOException - // { - // return ccmParams.getEncoded(); - // } - // - // protected byte[] engineGetEncoded(String format) - // throws IOException - // { - // if (!isASN1FormatString(format)) - // { - // throw new IOException("unknown format specified"); - // } - // - // return ccmParams.getEncoded(); - // } - // - // protected String engineToString() - // { - // return "CCM"; - // } - // - // protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) - // throws InvalidParameterSpecException - // { - // if (gcmSpecClass != null) - // { - // try - // { - // Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class }); - // - // return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() }); - // } - // catch (NoSuchMethodException e) - // { - // throw new InvalidParameterSpecException("no constructor found!"); // should never happen - // } - // catch (Exception e) - // { - // throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen - // } - // } - // - // throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName()); - // } - // } - // END android-removed + public static class AlgParamsCCM + extends BaseAlgorithmParameters + { + private CCMParameters ccmParams; + + protected void engineInit(AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + throw new InvalidParameterSpecException("No supported AlgorithmParameterSpec for AES parameter generation."); + } + + protected void engineInit(byte[] params) + throws IOException + { + ccmParams = CCMParameters.getInstance(params); + } + + protected void engineInit(byte[] params, String format) + throws IOException + { + if (!isASN1FormatString(format)) + { + throw new IOException("unknown format specified"); + } + + ccmParams = CCMParameters.getInstance(params); + } + + protected byte[] engineGetEncoded() + throws IOException + { + return ccmParams.getEncoded(); + } + + protected byte[] engineGetEncoded(String format) + throws IOException + { + if (!isASN1FormatString(format)) + { + throw new IOException("unknown format specified"); + } + + return ccmParams.getEncoded(); + } + + protected String engineToString() + { + return "CCM"; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec) + throws InvalidParameterSpecException + { + if (gcmSpecClass != null) + { + try + { + Constructor constructor = gcmSpecClass.getConstructor(new Class[] { Integer.TYPE, byte[].class }); + + return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(ccmParams.getIcvLen() * 8), ccmParams.getNonce() }); + } + catch (NoSuchMethodException e) + { + throw new InvalidParameterSpecException("no constructor found!"); // should never happen + } + catch (Exception e) + { + throw new InvalidParameterSpecException("construction failed: " + e.getMessage()); // should never happen + } + } + + throw new InvalidParameterSpecException("unknown parameter spec: " + paramSpec.getName()); + } + } public static class Mappings extends SymmetricAlgorithmProvider @@ -693,101 +652,92 @@ public final class AES provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); - // END android-removed + + provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES"); provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES"); provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); - // provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); - // END android-removed + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB"); + provider.addAlgorithm("Cipher." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB"); provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP"); provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); - // provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); - // provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); - // - // provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); - // END android-removed - - // BEGIN android-changed - provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM"); - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING"); - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING"); - provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING"); - // END android-changed + provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap"); + provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap"); + + provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM"); + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_CCM, "CCM"); + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_CCM, "CCM"); + + provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); + + provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM"); + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "GCM"); + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "GCM"); + provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "GCM"); provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen"); - // BEGIN android-removed - // provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); - // provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); - // - // provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); - // END android-removed + provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256"); + + provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC"); provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PBEWITHSHAAND128BITAES-CBC-BC"); provider.addAlgorithm("Alg.Alias.Cipher." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PBEWITHSHAAND192BITAES-CBC-BC"); @@ -866,10 +816,8 @@ public final class AES provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE"); - // BEGIN android-removed - // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); - // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); - // END android-removed + addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128"); + addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java index 9de8ef0..e31ab29 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java @@ -29,9 +29,7 @@ public final class ARC4 { public KeyGen() { - // BEGIN android-changed - super("ARC4", 128, new CipherKeyGenerator()); - // END android-changed + super("RC4", 128, new CipherKeyGenerator()); } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java index 0e37487..7694934 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java @@ -64,9 +64,7 @@ public final class Blowfish { provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); - // END android-removed + provider.addAlgorithm("Cipher.1.3.6.1.4.1.3029.1.2", PREFIX + "$CBC"); provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen"); provider.addAlgorithm("Alg.Alias.KeyGenerator.1.3.6.1.4.1.3029.1.2", "BLOWFISH"); provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST5.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST5.java new file mode 100644 index 0000000..7fa4ce4 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST5.java @@ -0,0 +1,221 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.io.IOException; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.misc.CAST5CBCParameters; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.CAST5Engine; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +public final class CAST5 +{ + private CAST5() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new CAST5Engine()); + } + } + + public static class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new CAST5Engine()), 64); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("CAST5", 128, new CipherKeyGenerator()); + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for CAST5 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("CAST5"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParams + extends BaseAlgorithmParameters + { + private byte[] iv; + private int keyLength = 128; + + protected byte[] engineGetEncoded() + { + byte[] tmp = new byte[iv.length]; + + System.arraycopy(iv, 0, tmp, 0, iv.length); + return tmp; + } + + protected byte[] engineGetEncoded( + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + return new CAST5CBCParameters(engineGetEncoded(), keyLength).getEncoded(); + } + + if (format.equals("RAW")) + { + return engineGetEncoded(); + } + + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == IvParameterSpec.class) + { + return new IvParameterSpec(iv); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to CAST5 parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec instanceof IvParameterSpec) + { + this.iv = ((IvParameterSpec)paramSpec).getIV(); + } + else + { + throw new InvalidParameterSpecException("IvParameterSpec required to initialise a CAST5 parameters algorithm parameters object"); + } + } + + protected void engineInit( + byte[] params) + throws IOException + { + this.iv = new byte[params.length]; + + System.arraycopy(params, 0, iv, 0, iv.length); + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + ASN1InputStream aIn = new ASN1InputStream(params); + CAST5CBCParameters p = CAST5CBCParameters.getInstance(aIn.readObject()); + + keyLength = p.getKeyLength(); + + iv = p.getIV(); + + return; + } + + if (format.equals("RAW")) + { + engineInit(params); + return; + } + + throw new IOException("Unknown parameters format in IV parameters object"); + } + + protected String engineToString() + { + return "CAST5 Parameters"; + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = CAST5.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("AlgorithmParameters.CAST5", PREFIX + "$AlgParams"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.1.2.840.113533.7.66.10", "CAST5"); + + provider.addAlgorithm("AlgorithmParameterGenerator.CAST5", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.1.2.840.113533.7.66.10", "CAST5"); + + provider.addAlgorithm("Cipher.CAST5", PREFIX + "$ECB"); + provider.addAlgorithm("Cipher.1.2.840.113533.7.66.10", PREFIX + "$CBC"); + + provider.addAlgorithm("KeyGenerator.CAST5", PREFIX + "$KeyGen"); + provider.addAlgorithm("Alg.Alias.KeyGenerator.1.2.840.113533.7.66.10", "CAST5"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST6.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST6.java new file mode 100644 index 0000000..d16e6c7 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST6.java @@ -0,0 +1,90 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.CAST6Engine; +import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; +import org.bouncycastle.crypto.macs.GMac; +import org.bouncycastle.crypto.modes.GCMBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; + +public final class CAST6 +{ + private CAST6() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new CAST6Engine(); + } + }); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("CAST6", 256, new CipherKeyGenerator()); + } + } + + public static class GMAC + extends BaseMac + { + public GMAC() + { + super(new GMac(new GCMBlockCipher(new CAST6Engine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new CAST6Engine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-CAST6", 256, new Poly1305KeyGenerator()); + } + } + + public static class Mappings + extends SymmetricAlgorithmProvider + { + private static final String PREFIX = CAST6.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Cipher.CAST6", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.CAST6", PREFIX + "$KeyGen"); + + addGMacAlgorithm(provider, "CAST6", PREFIX + "$GMAC", PREFIX + "$KeyGen"); + addPoly1305Algorithm(provider, "CAST6", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Camellia.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Camellia.java new file mode 100644 index 0000000..5dde846 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Camellia.java @@ -0,0 +1,237 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers; +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.CamelliaEngine; +import org.bouncycastle.crypto.engines.CamelliaWrapEngine; +import org.bouncycastle.crypto.engines.RFC3211WrapEngine; +import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; +import org.bouncycastle.crypto.macs.GMac; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.crypto.modes.GCMBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; + +public final class Camellia +{ + private Camellia() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new CamelliaEngine(); + } + }); + } + } + + public static class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new CamelliaEngine()), 128); + } + } + + public static class Wrap + extends BaseWrapCipher + { + public Wrap() + { + super(new CamelliaWrapEngine()); + } + } + + public static class RFC3211Wrap + extends BaseWrapCipher + { + public RFC3211Wrap() + { + super(new RFC3211WrapEngine(new CamelliaEngine()), 16); + } + } + + public static class GMAC + extends BaseMac + { + public GMAC() + { + super(new GMac(new GCMBlockCipher(new CamelliaEngine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new CamelliaEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-Camellia", 256, new Poly1305KeyGenerator()); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + this(256); + } + + public KeyGen(int keySize) + { + super("Camellia", keySize, new CipherKeyGenerator()); + } + } + + public static class KeyGen128 + extends KeyGen + { + public KeyGen128() + { + super(128); + } + } + + public static class KeyGen192 + extends KeyGen + { + public KeyGen192() + { + super(192); + } + } + + public static class KeyGen256 + extends KeyGen + { + public KeyGen256() + { + super(256); + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for Camellia parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("Camellia"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Camellia IV"; + } + } + + public static class Mappings + extends SymmetricAlgorithmProvider + { + private static final String PREFIX = Camellia.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("AlgorithmParameters.CAMELLIA", PREFIX + "$AlgParams"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NTTObjectIdentifiers.id_camellia128_cbc, "CAMELLIA"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NTTObjectIdentifiers.id_camellia192_cbc, "CAMELLIA"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NTTObjectIdentifiers.id_camellia256_cbc, "CAMELLIA"); + + provider.addAlgorithm("AlgorithmParameterGenerator.CAMELLIA", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NTTObjectIdentifiers.id_camellia128_cbc, "CAMELLIA"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NTTObjectIdentifiers.id_camellia192_cbc, "CAMELLIA"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NTTObjectIdentifiers.id_camellia256_cbc, "CAMELLIA"); + + provider.addAlgorithm("Cipher.CAMELLIA", PREFIX + "$ECB"); + provider.addAlgorithm("Cipher." + NTTObjectIdentifiers.id_camellia128_cbc, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher." + NTTObjectIdentifiers.id_camellia192_cbc, PREFIX + "$CBC"); + provider.addAlgorithm("Cipher." + NTTObjectIdentifiers.id_camellia256_cbc, PREFIX + "$CBC"); + + provider.addAlgorithm("Cipher.CAMELLIARFC3211WRAP", PREFIX + "$RFC3211Wrap"); + provider.addAlgorithm("Cipher.CAMELLIAWRAP", PREFIX + "$Wrap"); + provider.addAlgorithm("Alg.Alias.Cipher." + NTTObjectIdentifiers.id_camellia128_wrap, "CAMELLIAWRAP"); + provider.addAlgorithm("Alg.Alias.Cipher." + NTTObjectIdentifiers.id_camellia192_wrap, "CAMELLIAWRAP"); + provider.addAlgorithm("Alg.Alias.Cipher." + NTTObjectIdentifiers.id_camellia256_wrap, "CAMELLIAWRAP"); + + provider.addAlgorithm("KeyGenerator.CAMELLIA", PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator." + NTTObjectIdentifiers.id_camellia128_wrap, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NTTObjectIdentifiers.id_camellia192_wrap, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NTTObjectIdentifiers.id_camellia256_wrap, PREFIX + "$KeyGen256"); + provider.addAlgorithm("KeyGenerator." + NTTObjectIdentifiers.id_camellia128_cbc, PREFIX + "$KeyGen128"); + provider.addAlgorithm("KeyGenerator." + NTTObjectIdentifiers.id_camellia192_cbc, PREFIX + "$KeyGen192"); + provider.addAlgorithm("KeyGenerator." + NTTObjectIdentifiers.id_camellia256_cbc, PREFIX + "$KeyGen256"); + + addGMacAlgorithm(provider, "CAMELLIA", PREFIX + "$GMAC", PREFIX + "$KeyGen"); + addPoly1305Algorithm(provider, "CAMELLIA", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ChaCha.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ChaCha.java new file mode 100644 index 0000000..ff748ae --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ChaCha.java @@ -0,0 +1,51 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.ChaChaEngine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class ChaCha +{ + private ChaCha() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new ChaChaEngine(), 8); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("ChaCha", 128, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = ChaCha.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.CHACHA", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.CHACHA", PREFIX + "$KeyGen"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java index b4c7c06..2ab7086 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java @@ -19,16 +19,12 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.engines.DESEngine; -// BEGIN android-removed -// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; -// END android-removed +import org.bouncycastle.crypto.engines.RFC3211WrapEngine; import org.bouncycastle.crypto.generators.DESKeyGenerator; import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -// BEGIN android-removed -// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; -// import org.bouncycastle.crypto.macs.CMac; -// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; -// END android-removed +import org.bouncycastle.crypto.macs.CFBBlockCipherMac; +import org.bouncycastle.crypto.macs.CMac; +import org.bouncycastle.crypto.macs.ISO9797Alg3Mac; import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.paddings.ISO7816d4Padding; import org.bouncycastle.crypto.params.DESParameters; @@ -69,19 +65,17 @@ public final class DES } } - // BEGIN android-removed - // /** - // * DES CFB8 - // */ - // public static class DESCFB8 - // extends BaseMac - // { - // public DESCFB8() - // { - // super(new CFBBlockCipherMac(new DESEngine())); - // } - // } - // END android-removed + /** + * DES CFB8 + */ + public static class DESCFB8 + extends BaseMac + { + public DESCFB8() + { + super(new CFBBlockCipherMac(new DESEngine())); + } + } /** * DES64 @@ -116,49 +110,47 @@ public final class DES } } - // BEGIN android-removed - // static public class CMAC - // extends BaseMac - // { - // public CMAC() - // { - // super(new CMac(new DESEngine())); - // } - // } - // - // /** - // * DES9797Alg3with7816-4Padding - // */ - // public static class DES9797Alg3with7816d4 - // extends BaseMac - // { - // public DES9797Alg3with7816d4() - // { - // super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); - // } - // } - // - // /** - // * DES9797Alg3 - // */ - // public static class DES9797Alg3 - // extends BaseMac - // { - // public DES9797Alg3() - // { - // super(new ISO9797Alg3Mac(new DESEngine())); - // } - // } - // - // public static class RFC3211 - // extends BaseWrapCipher - // { - // public RFC3211() - // { - // super(new RFC3211WrapEngine(new DESEngine()), 8); - // } - // } - // END android-removed + static public class CMAC + extends BaseMac + { + public CMAC() + { + super(new CMac(new DESEngine())); + } + } + + /** + * DES9797Alg3with7816-4Padding + */ + public static class DES9797Alg3with7816d4 + extends BaseMac + { + public DES9797Alg3with7816d4() + { + super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding())); + } + } + + /** + * DES9797Alg3 + */ + public static class DES9797Alg3 + extends BaseMac + { + public DES9797Alg3() + { + super(new ISO9797Alg3Mac(new DESEngine())); + } + } + + public static class RFC3211 + extends BaseWrapCipher + { + public RFC3211() + { + super(new RFC3211WrapEngine(new DESEngine()), 8); + } + } public static class AlgParamGen extends BaseAlgorithmParameterGenerator @@ -358,19 +350,17 @@ public final class DES } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndDES - // */ - // static public class PBEWithMD2KeyFactory - // extends DESPBEKeyFactory - // { - // public PBEWithMD2KeyFactory() - // { - // super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); - // } - // } - // END android-removed + /** + * PBEWithMD2AndDES + */ + static public class PBEWithMD2KeyFactory + extends DESPBEKeyFactory + { + public PBEWithMD2KeyFactory() + { + super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64); + } + } /** * PBEWithMD5AndDES @@ -396,19 +386,17 @@ public final class DES } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndDES - // */ - // static public class PBEWithMD2 - // extends BaseBlockCipher - // { - // public PBEWithMD2() - // { - // super(new CBCBlockCipher(new DESEngine())); - // } - // } - // END android-removed + /** + * PBEWithMD2AndDES + */ + static public class PBEWithMD2 + extends BaseBlockCipher + { + public PBEWithMD2() + { + super(new CBCBlockCipher(new DESEngine())); + } + } /** * PBEWithMD5AndDES @@ -448,75 +436,61 @@ public final class DES { provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); - // - // addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); - // - // provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); - // END android-removed + provider.addAlgorithm("Cipher." + OIWObjectIdentifiers.desCBC, PREFIX + "$CBC"); + + addAlias(provider, OIWObjectIdentifiers.desCBC, "DES"); + + provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211"); provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator"); provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory"); - // BEGIN android-removed - // provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); - // provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); - // - // provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); - // provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); - // - // provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); - // provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); - // - // provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); - // - // provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); - // provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); - // - // provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); - // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); - // provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); - // END android-removed + provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC"); + provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC"); + + provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8"); + provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8"); + + provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64"); + provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64"); + + provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING"); + + provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3"); + provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797"); + + provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3"); + provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC"); + provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING"); provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + OIWObjectIdentifiers.desCBC, "DES"); - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); - // - // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); - // END android-removed + provider.addAlgorithm("AlgorithmParameterGenerator.DES", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES"); + + provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2"); provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5"); provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - // END android-removed + provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); - // BEGIN android-removed - // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); - // END android-removed + provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); - // END android-removed + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); - // END android-removed + provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES"); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java index 7b3addd..d7a52db 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java @@ -1,42 +1,30 @@ package org.bouncycastle.jcajce.provider.symmetric; -// BEGIN android-removed -// import java.security.AlgorithmParameters; -// import java.security.InvalidAlgorithmParameterException; -// END android-removed +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; import java.security.SecureRandom; -// BEGIN android-removed -// import java.security.spec.AlgorithmParameterSpec; -// END android-removed +import java.security.spec.AlgorithmParameterSpec; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import javax.crypto.SecretKey; import javax.crypto.spec.DESedeKeySpec; -// BEGIN android-removed -// import javax.crypto.spec.IvParameterSpec; -// END android-removed +import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.KeyGenerationParameters; import org.bouncycastle.crypto.engines.DESedeEngine; import org.bouncycastle.crypto.engines.DESedeWrapEngine; -// BEGIN android-removed -// import org.bouncycastle.crypto.engines.RFC3211WrapEngine; -// END android-removed +import org.bouncycastle.crypto.engines.RFC3211WrapEngine; import org.bouncycastle.crypto.generators.DESedeKeyGenerator; import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -// BEGIN android-removed -// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; -// import org.bouncycastle.crypto.macs.CMac; -// END android-removed +import org.bouncycastle.crypto.macs.CFBBlockCipherMac; +import org.bouncycastle.crypto.macs.CMac; import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.paddings.ISO7816d4Padding; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; -// END android-removed +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; @@ -68,19 +56,17 @@ public final class DESede } } - // BEGIN android-removed - // /** - // * DESede CFB8 - // */ - // public static class DESedeCFB8 - // extends BaseMac - // { - // public DESedeCFB8() - // { - // super(new CFBBlockCipherMac(new DESedeEngine())); - // } - // } - // END android-removed + /** + * DESede CFB8 + */ + public static class DESedeCFB8 + extends BaseMac + { + public DESedeCFB8() + { + super(new CFBBlockCipherMac(new DESedeEngine())); + } + } /** * DESede64 @@ -115,17 +101,15 @@ public final class DESede } } - // BEGIN android-removed - // static public class CMAC - // extends BaseMac - // { - // public CMAC() - // { - // super(new CMac(new DESedeEngine())); - // } - // } - // END android-removed - + static public class CMAC + extends BaseMac + { + public CMAC() + { + super(new CMac(new DESedeEngine())); + } + } + public static class Wrap extends BaseWrapCipher { @@ -134,17 +118,15 @@ public final class DESede super(new DESedeWrapEngine()); } } - - // BEGIN android-removed - // public static class RFC3211 - // extends BaseWrapCipher - // { - // public RFC3211() - // { - // super(new RFC3211WrapEngine(new DESedeEngine()), 8); - // } - // } - // END android-removed + + public static class RFC3211 + extends BaseWrapCipher + { + public RFC3211() + { + super(new RFC3211WrapEngine(new DESedeEngine()), 8); + } + } /** * DESede - the default for this is to generate a key in @@ -258,45 +240,43 @@ public final class DESede } } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); - // } - - // protected AlgorithmParameters engineGenerateParameters() - // { - // byte[] iv = new byte[8]; - - // if (random == null) - // { - // random = new SecureRandom(); - // } - - // random.nextBytes(iv); - - // AlgorithmParameters params; - - // try - // { - // params = createParametersInstance("DES"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - - // return params; - // } - // } - // END android-removed + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("DES"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } static public class KeyFactory extends BaseSecretKeyFactory @@ -380,37 +360,25 @@ public final class DESede public void configure(ConfigurableProvider provider) { provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); - // END android-removed + provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC"); provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap"); - // BEGIN android-changed - provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP"); - // END android-changed - // BEGIN android-removed - // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); - // END android-removed + provider.addAlgorithm("Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap"); + provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211"); provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE"); provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP"); provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); - // END android-removed + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE"); if (provider.hasAlgorithm("MessageDigest", "SHA-1")) { provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); - // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); - // END android-removed + provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key"); + provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key"); provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key"); - // BEGIN android-removed - // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); - // END android-removed + provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key"); provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC"); provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC"); @@ -419,37 +387,31 @@ public final class DESede } provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator"); - // BEGIN android-removed - // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); - // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); - // END android-removed + provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3"); + provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator"); provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory"); - // BEGIN android-removed - // provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); - // provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); - // - // provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); - // - // provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); - // - // provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); - // END android-removed + provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC"); + provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC"); + + provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8"); + + provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64"); + + provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); + provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING"); provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); - // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); - // END android-removed + provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST28147.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST28147.java new file mode 100644 index 0000000..a849a18 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST28147.java @@ -0,0 +1,156 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.crypto.BufferedBlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.GOST28147Engine; +import org.bouncycastle.crypto.macs.GOST28147Mac; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.crypto.modes.GCFBBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class GOST28147 +{ + private GOST28147() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new GOST28147Engine()); + } + } + + public static class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new GOST28147Engine()), 64); + } + } + + public static class GCFB + extends BaseBlockCipher + { + public GCFB() + { + super(new BufferedBlockCipher(new GCFBBlockCipher(new GOST28147Engine())), 64); + } + } + + /** + * GOST28147 + */ + public static class Mac + extends BaseMac + { + public Mac() + { + super(new GOST28147Mac()); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + this(256); + } + + public KeyGen(int keySize) + { + super("GOST28147", keySize, new CipherKeyGenerator()); + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for GOST28147 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("GOST28147"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "GOST IV"; + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = GOST28147.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Cipher.GOST28147", PREFIX + "$ECB"); + provider.addAlgorithm("Alg.Alias.Cipher.GOST", "GOST28147"); + provider.addAlgorithm("Alg.Alias.Cipher.GOST-28147", "GOST28147"); + provider.addAlgorithm("Cipher." + CryptoProObjectIdentifiers.gostR28147_gcfb, PREFIX + "$GCFB"); + + provider.addAlgorithm("KeyGenerator.GOST28147", PREFIX + "$KeyGen"); + provider.addAlgorithm("Alg.Alias.KeyGenerator.GOST", "GOST28147"); + provider.addAlgorithm("Alg.Alias.KeyGenerator.GOST-28147", "GOST28147"); + provider.addAlgorithm("Alg.Alias.KeyGenerator." + CryptoProObjectIdentifiers.gostR28147_gcfb, "GOST28147"); + + provider.addAlgorithm("Mac.GOST28147MAC", PREFIX + "$Mac"); + provider.addAlgorithm("Alg.Alias.Mac.GOST28147", "GOST28147MAC"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grain128.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grain128.java new file mode 100644 index 0000000..d7232b1 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grain128.java @@ -0,0 +1,49 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.Grain128Engine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class Grain128 +{ + private Grain128() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new Grain128Engine(), 12); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Grain128", 128, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = Grain128.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Cipher.Grain128", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.Grain128", PREFIX + "$KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grainv1.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grainv1.java new file mode 100644 index 0000000..fce224d --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grainv1.java @@ -0,0 +1,49 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.Grainv1Engine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class Grainv1 +{ + private Grainv1() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new Grainv1Engine(), 8); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Grainv1", 80, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = Grainv1.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Cipher.Grainv1", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.Grainv1", PREFIX + "$KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC128.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC128.java new file mode 100644 index 0000000..efe7ede --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC128.java @@ -0,0 +1,49 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.HC128Engine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class HC128 +{ + private HC128() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new HC128Engine(), 16); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("HC128", 128, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = HC128.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Cipher.HC128", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.HC128", PREFIX + "$KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC256.java new file mode 100644 index 0000000..dd93445 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC256.java @@ -0,0 +1,49 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.HC256Engine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class HC256 +{ + private HC256() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new HC256Engine(), 32); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("HC256", 256, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = HC256.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Cipher.HC256", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.HC256", PREFIX + "$KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/IDEA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/IDEA.java new file mode 100644 index 0000000..6910051 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/IDEA.java @@ -0,0 +1,257 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.io.IOException; +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidParameterSpecException; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.misc.IDEACBCPar; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.IDEAEngine; +import org.bouncycastle.crypto.macs.CBCBlockCipherMac; +import org.bouncycastle.crypto.macs.CFBBlockCipherMac; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class IDEA +{ + private IDEA() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new IDEAEngine()); + } + } + + public static class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new IDEAEngine()), 64); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("IDEA", 128, new CipherKeyGenerator()); + } + } + + public static class PBEWithSHAAndIDEAKeyGen + extends PBESecretKeyFactory + { + public PBEWithSHAAndIDEAKeyGen() + { + super("PBEwithSHAandIDEA-CBC", null, true, PKCS12, SHA1, 128, 64); + } + } + + static public class PBEWithSHAAndIDEA + extends BaseBlockCipher + { + public PBEWithSHAAndIDEA() + { + super(new CBCBlockCipher(new IDEAEngine())); + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for IDEA parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("IDEA"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParams + extends BaseAlgorithmParameters + { + private byte[] iv; + + protected byte[] engineGetEncoded() + throws IOException + { + return engineGetEncoded("ASN.1"); + } + + protected byte[] engineGetEncoded( + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + return new IDEACBCPar(engineGetEncoded("RAW")).getEncoded(); + } + + if (format.equals("RAW")) + { + byte[] tmp = new byte[iv.length]; + + System.arraycopy(iv, 0, tmp, 0, iv.length); + return tmp; + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == IvParameterSpec.class) + { + return new IvParameterSpec(iv); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to IV parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (!(paramSpec instanceof IvParameterSpec)) + { + throw new InvalidParameterSpecException("IvParameterSpec required to initialise a IV parameters algorithm parameters object"); + } + + this.iv = ((IvParameterSpec)paramSpec).getIV(); + } + + protected void engineInit( + byte[] params) + throws IOException + { + this.iv = new byte[params.length]; + + System.arraycopy(params, 0, iv, 0, iv.length); + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (format.equals("RAW")) + { + engineInit(params); + return; + } + if (format.equals("ASN.1")) + { + ASN1InputStream aIn = new ASN1InputStream(params); + IDEACBCPar oct = new IDEACBCPar((ASN1Sequence)aIn.readObject()); + + engineInit(oct.getIV()); + return; + } + + throw new IOException("Unknown parameters format in IV parameters object"); + } + + protected String engineToString() + { + return "IDEA Parameters"; + } + } + + public static class Mac + extends BaseMac + { + public Mac() + { + super(new CBCBlockCipherMac(new IDEAEngine())); + } + } + + public static class CFB8Mac + extends BaseMac + { + public CFB8Mac() + { + super(new CFBBlockCipherMac(new IDEAEngine())); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = IDEA.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("AlgorithmParameterGenerator.IDEA", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("AlgorithmParameterGenerator.1.3.6.1.4.1.188.7.1.1.2", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("AlgorithmParameters.IDEA", PREFIX + "$AlgParams"); + provider.addAlgorithm("AlgorithmParameters.1.3.6.1.4.1.188.7.1.1.2", PREFIX + "$AlgParams"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDIDEA", "PKCS12PBE"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDIDEA-CBC", "PKCS12PBE"); + provider.addAlgorithm("Cipher.IDEA", PREFIX + "$ECB"); + provider.addAlgorithm("Cipher.1.3.6.1.4.1.188.7.1.1.2", PREFIX + "$CBC"); + provider.addAlgorithm("Cipher.PBEWITHSHAANDIDEA-CBC", PREFIX + "$PBEWithSHAAndIDEA"); + provider.addAlgorithm("KeyGenerator.IDEA", PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator.1.3.6.1.4.1.188.7.1.1.2", PREFIX + "$KeyGen"); + provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDIDEA-CBC", PREFIX + "$PBEWithSHAAndIDEAKeyGen"); + provider.addAlgorithm("Mac.IDEAMAC", PREFIX + "$Mac"); + provider.addAlgorithm("Alg.Alias.Mac.IDEA", "IDEAMAC"); + provider.addAlgorithm("Mac.IDEAMAC/CFB8", PREFIX + "$CFB8Mac"); + provider.addAlgorithm("Alg.Alias.Mac.IDEA/CFB8", "IDEAMAC/CFB8"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Noekeon.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Noekeon.java new file mode 100644 index 0000000..1fefd14 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Noekeon.java @@ -0,0 +1,152 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.NoekeonEngine; +import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; +import org.bouncycastle.crypto.macs.GMac; +import org.bouncycastle.crypto.modes.GCMBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; + +public final class Noekeon +{ + private Noekeon() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new NoekeonEngine(); + } + }); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Noekeon", 128, new CipherKeyGenerator()); + } + } + + public static class GMAC + extends BaseMac + { + public GMAC() + { + super(new GMac(new GCMBlockCipher(new NoekeonEngine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new NoekeonEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-Noekeon", 256, new Poly1305KeyGenerator()); + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for Noekeon parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("Noekeon"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Noekeon IV"; + } + } + + public static class Mappings + extends SymmetricAlgorithmProvider + { + private static final String PREFIX = Noekeon.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("AlgorithmParameters.NOEKEON", PREFIX + "$AlgParams"); + + provider.addAlgorithm("AlgorithmParameterGenerator.NOEKEON", PREFIX + "$AlgParamGen"); + + provider.addAlgorithm("Cipher.NOEKEON", PREFIX + "$ECB"); + + provider.addAlgorithm("KeyGenerator.NOEKEON", PREFIX + "$KeyGen"); + + addGMacAlgorithm(provider, "NOEKEON", PREFIX + "$GMAC", PREFIX + "$KeyGen"); + addPoly1305Algorithm(provider, "NOEKEON", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java new file mode 100644 index 0000000..4b0d8b9 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java @@ -0,0 +1,228 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.io.IOException; +import java.security.spec.AlgorithmParameterSpec; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.InvalidParameterSpecException; +import java.security.spec.KeySpec; + +import javax.crypto.SecretKey; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.PBEParameterSpec; + +import org.bouncycastle.asn1.ASN1Encoding; +import org.bouncycastle.asn1.ASN1ObjectIdentifier; +import org.bouncycastle.asn1.ASN1Primitive; +import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers; +import org.bouncycastle.asn1.pkcs.PBKDF2Params; +import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; +import org.bouncycastle.crypto.CipherParameters; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory; +import org.bouncycastle.jcajce.provider.symmetric.util.PBE; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; +import org.bouncycastle.jcajce.spec.PBKDF2KeySpec; + +public class PBEPBKDF2 +{ + private PBEPBKDF2() + { + + } + + public static class AlgParams + extends BaseAlgorithmParameters + { + PBKDF2Params params; + + protected byte[] engineGetEncoded() + { + try + { + return params.getEncoded(ASN1Encoding.DER); + } + catch (IOException e) + { + throw new RuntimeException("Oooops! " + e.toString()); + } + } + + protected byte[] engineGetEncoded( + String format) + { + if (this.isASN1FormatString(format)) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == PBEParameterSpec.class) + { + return new PBEParameterSpec(params.getSalt(), + params.getIterationCount().intValue()); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF2 PBE parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (!(paramSpec instanceof PBEParameterSpec)) + { + throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF2 PBE parameters algorithm parameters object"); + } + + PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec; + + this.params = new PBKDF2Params(pbeSpec.getSalt(), + pbeSpec.getIterationCount()); + } + + protected void engineInit( + byte[] params) + throws IOException + { + this.params = PBKDF2Params.getInstance(ASN1Primitive.fromByteArray(params)); + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + engineInit(params); + return; + } + + throw new IOException("Unknown parameters format in PBKDF2 parameters object"); + } + + protected String engineToString() + { + return "PBKDF2 Parameters"; + } + } + + public static class BasePBKDF2 + extends BaseSecretKeyFactory + { + private int scheme; + + public BasePBKDF2(String name, int scheme) + { + super(name, PKCSObjectIdentifiers.id_PBKDF2); + + this.scheme = scheme; + } + + protected SecretKey engineGenerateSecret( + KeySpec keySpec) + throws InvalidKeySpecException + { + if (keySpec instanceof PBEKeySpec) + { + PBEKeySpec pbeSpec = (PBEKeySpec)keySpec; + + if (pbeSpec.getSalt() == null) + { + throw new InvalidKeySpecException("missing required salt"); + } + + if (pbeSpec.getIterationCount() <= 0) + { + throw new InvalidKeySpecException("positive iteration count required: " + + pbeSpec.getIterationCount()); + } + + if (pbeSpec.getKeyLength() <= 0) + { + throw new InvalidKeySpecException("positive key length required: " + + pbeSpec.getKeyLength()); + } + + if (pbeSpec.getPassword().length == 0) + { + throw new IllegalArgumentException("password empty"); + } + + if (pbeSpec instanceof PBKDF2KeySpec) + { + PBKDF2KeySpec spec = (PBKDF2KeySpec)pbeSpec; + + int digest = getDigestCode(spec.getPrf().getAlgorithm()); + int keySize = pbeSpec.getKeyLength(); + int ivSize = -1; // JDK 1,2 and earlier does not understand simplified version. + CipherParameters param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); + + return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); + } + else + { + int digest = SHA1; + int keySize = pbeSpec.getKeyLength(); + int ivSize = -1; // JDK 1,2 and earlier does not understand simplified version. + CipherParameters param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); + + return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param); + } + } + + throw new InvalidKeySpecException("Invalid KeySpec"); + } + + + private int getDigestCode(ASN1ObjectIdentifier algorithm) + throws InvalidKeySpecException + { + if (algorithm.equals(CryptoProObjectIdentifiers.gostR3411Hmac)) + { + return GOST3411; + } + else if (algorithm.equals(PKCSObjectIdentifiers.id_hmacWithSHA1)) + { + return SHA1; + } + + throw new InvalidKeySpecException("Invalid KeySpec: unknown PRF algorithm " + algorithm); + } + } + + public static class PBKDF2withUTF8 + extends BasePBKDF2 + { + public PBKDF2withUTF8() + { + super("PBKDF2", PKCS5S2_UTF8); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = PBEPBKDF2.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8"); + provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java index 4056aa7..18d780d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java @@ -12,28 +12,20 @@ import javax.crypto.spec.RC2ParameterSpec; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; -// BEGIN android-removed -// import org.bouncycastle.asn1.pkcs.RC2CBCParameter; -// import org.bouncycastle.crypto.CipherKeyGenerator; -// END android-removed +import org.bouncycastle.asn1.pkcs.RC2CBCParameter; +import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.engines.RC2Engine; -// BEGIN android-removed -// import org.bouncycastle.crypto.engines.RC2WrapEngine; -// import org.bouncycastle.crypto.macs.CBCBlockCipherMac; -// import org.bouncycastle.crypto.macs.CFBBlockCipherMac; -// END android-removed +import org.bouncycastle.crypto.engines.RC2WrapEngine; +import org.bouncycastle.crypto.macs.CBCBlockCipherMac; +import org.bouncycastle.crypto.macs.CFBBlockCipherMac; import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; -// BEGIN android-removed -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; -// END android-removed +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; -// BEGIN android-removed -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; -// END android-removed +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; import org.bouncycastle.util.Arrays; @@ -44,61 +36,59 @@ public final class RC2 { } - // BEGIN android-removed - // /** - // * RC2 - // */ - // static public class ECB - // extends BaseBlockCipher - // { - // public ECB() - // { - // super(new RC2Engine()); - // } - // } - // - // /** - // * RC2CBC - // */ - // static public class CBC - // extends BaseBlockCipher - // { - // public CBC() - // { - // super(new CBCBlockCipher(new RC2Engine()), 64); - // } - // } - // - // public static class Wrap - // extends BaseWrapCipher - // { - // public Wrap() - // { - // super(new RC2WrapEngine()); - // } - // } - // - // /** - // * RC2 - // */ - // public static class CBCMAC - // extends BaseMac - // { - // public CBCMAC() - // { - // super(new CBCBlockCipherMac(new RC2Engine())); - // } - // } - // - // public static class CFB8MAC - // extends BaseMac - // { - // public CFB8MAC() - // { - // super(new CFBBlockCipherMac(new RC2Engine())); - // } - // } - // END android-removed + /** + * RC2 + */ + static public class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new RC2Engine()); + } + } + + /** + * RC2CBC + */ + static public class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new RC2Engine()), 64); + } + } + + public static class Wrap + extends BaseWrapCipher + { + public Wrap() + { + super(new RC2WrapEngine()); + } + } + + /** + * RC2 + */ + public static class CBCMAC + extends BaseMac + { + public CBCMAC() + { + super(new CBCBlockCipherMac(new RC2Engine())); + } + } + + public static class CFB8MAC + extends BaseMac + { + public CFB8MAC() + { + super(new CFBBlockCipherMac(new RC2Engine())); + } + } /** * PBEWithSHA1AndRC2 @@ -184,19 +174,17 @@ public final class RC2 } } - // BEGIN android-removed - // /** - // * PBEWithMD2AndRC2 - // */ - // static public class PBEWithMD2KeyFactory - // extends PBESecretKeyFactory - // { - // public PBEWithMD2KeyFactory() - // { - // super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); - // } - // } - // END android-removed + /** + * PBEWithMD2AndRC2 + */ + static public class PBEWithMD2KeyFactory + extends PBESecretKeyFactory + { + public PBEWithMD2KeyFactory() + { + super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64); + } + } /** * PBEWithMD5AndRC2 @@ -210,249 +198,247 @@ public final class RC2 } } - // BEGIN android-removed - // public static class AlgParamGen - // extends BaseAlgorithmParameterGenerator - // { - // RC2ParameterSpec spec = null; - // - // protected void engineInit( - // AlgorithmParameterSpec genParamSpec, - // SecureRandom random) - // throws InvalidAlgorithmParameterException - // { - // if (genParamSpec instanceof RC2ParameterSpec) - // { - // spec = (RC2ParameterSpec)genParamSpec; - // return; - // } - // - // throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); - // } - // - // protected AlgorithmParameters engineGenerateParameters() - // { - // AlgorithmParameters params; - // - // if (spec == null) - // { - // byte[] iv = new byte[8]; - // - // if (random == null) - // { - // random = new SecureRandom(); - // } - // - // random.nextBytes(iv); - // - // try - // { - // params = createParametersInstance("RC2"); - // params.init(new IvParameterSpec(iv)); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // } - // else - // { - // try - // { - // params = createParametersInstance("RC2"); - // params.init(spec); - // } - // catch (Exception e) - // { - // throw new RuntimeException(e.getMessage()); - // } - // } - // - // return params; - // } - // } - // - // public static class KeyGenerator - // extends BaseKeyGenerator - // { - // public KeyGenerator() - // { - // super("RC2", 128, new CipherKeyGenerator()); - // } - // } - // - // public static class AlgParams - // extends BaseAlgorithmParameters - // { - // private static final short[] table = { - // 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, - // 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, - // 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, - // 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, - // 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, - // 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, - // 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, - // 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, - // 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, - // 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, - // 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, - // 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, - // 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, - // 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, - // 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, - // 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab - // }; - // - // private static final short[] ekb = { - // 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, - // 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, - // 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, - // 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, - // 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, - // 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, - // 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, - // 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, - // 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, - // 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, - // 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, - // 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, - // 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, - // 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, - // 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, - // 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd - // }; - // - // private byte[] iv; - // private int parameterVersion = 58; - // - // protected byte[] engineGetEncoded() - // { - // return Arrays.clone(iv); - // } - // - // protected byte[] engineGetEncoded( - // String format) - // throws IOException - // { - // if (this.isASN1FormatString(format)) - // { - // if (parameterVersion == -1) - // { - // return new RC2CBCParameter(engineGetEncoded()).getEncoded(); - // } - // else - // { - // return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); - // } - // } - // - // if (format.equals("RAW")) - // { - // return engineGetEncoded(); - // } - // - // return null; - // } - // - // protected AlgorithmParameterSpec localEngineGetParameterSpec( - // Class paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec == RC2ParameterSpec.class) - // { - // if (parameterVersion != -1) - // { - // if (parameterVersion < 256) - // { - // return new RC2ParameterSpec(ekb[parameterVersion], iv); - // } - // else - // { - // return new RC2ParameterSpec(parameterVersion, iv); - // } - // } - // } - // - // if (paramSpec == IvParameterSpec.class) - // { - // return new IvParameterSpec(iv); - // } - // - // throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); - // } - // - // protected void engineInit( - // AlgorithmParameterSpec paramSpec) - // throws InvalidParameterSpecException - // { - // if (paramSpec instanceof IvParameterSpec) - // { - // this.iv = ((IvParameterSpec)paramSpec).getIV(); - // } - // else if (paramSpec instanceof RC2ParameterSpec) - // { - // int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); - // if (effKeyBits != -1) - // { - // if (effKeyBits < 256) - // { - // parameterVersion = table[effKeyBits]; - // } - // else - // { - // parameterVersion = effKeyBits; - // } - // } - // - // this.iv = ((RC2ParameterSpec)paramSpec).getIV(); - // } - // else - // { - // throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); - // } - // } - // - // protected void engineInit( - // byte[] params) - // throws IOException - // { - // this.iv = Arrays.clone(params); - // } - // - // protected void engineInit( - // byte[] params, - // String format) - // throws IOException - // { - // if (this.isASN1FormatString(format)) - // { - // RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); - // - // if (p.getRC2ParameterVersion() != null) - // { - // parameterVersion = p.getRC2ParameterVersion().intValue(); - // } - // - // iv = p.getIV(); - // - // return; - // } - // - // if (format.equals("RAW")) - // { - // engineInit(params); - // return; - // } - // - // throw new IOException("Unknown parameters format in IV parameters object"); - // } - // - // protected String engineToString() - // { - // return "RC2 Parameters"; - // } - // } - // END android-removed + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + RC2ParameterSpec spec = null; + + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + if (genParamSpec instanceof RC2ParameterSpec) + { + spec = (RC2ParameterSpec)genParamSpec; + return; + } + + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + AlgorithmParameters params; + + if (spec == null) + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + try + { + params = createParametersInstance("RC2"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + } + else + { + try + { + params = createParametersInstance("RC2"); + params.init(spec); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + } + + return params; + } + } + + public static class KeyGenerator + extends BaseKeyGenerator + { + public KeyGenerator() + { + super("RC2", 128, new CipherKeyGenerator()); + } + } + + public static class AlgParams + extends BaseAlgorithmParameters + { + private static final short[] table = { + 0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0, + 0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a, + 0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36, + 0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c, + 0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60, + 0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa, + 0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e, + 0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf, + 0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6, + 0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3, + 0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c, + 0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2, + 0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5, + 0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5, + 0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f, + 0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab + }; + + private static final short[] ekb = { + 0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5, + 0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5, + 0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef, + 0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d, + 0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb, + 0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d, + 0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3, + 0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61, + 0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1, + 0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21, + 0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42, + 0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f, + 0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7, + 0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15, + 0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7, + 0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd + }; + + private byte[] iv; + private int parameterVersion = 58; + + protected byte[] engineGetEncoded() + { + return Arrays.clone(iv); + } + + protected byte[] engineGetEncoded( + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + if (parameterVersion == -1) + { + return new RC2CBCParameter(engineGetEncoded()).getEncoded(); + } + else + { + return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded(); + } + } + + if (format.equals("RAW")) + { + return engineGetEncoded(); + } + + return null; + } + + protected AlgorithmParameterSpec localEngineGetParameterSpec( + Class paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec == RC2ParameterSpec.class) + { + if (parameterVersion != -1) + { + if (parameterVersion < 256) + { + return new RC2ParameterSpec(ekb[parameterVersion], iv); + } + else + { + return new RC2ParameterSpec(parameterVersion, iv); + } + } + } + + if (paramSpec == IvParameterSpec.class) + { + return new IvParameterSpec(iv); + } + + throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object."); + } + + protected void engineInit( + AlgorithmParameterSpec paramSpec) + throws InvalidParameterSpecException + { + if (paramSpec instanceof IvParameterSpec) + { + this.iv = ((IvParameterSpec)paramSpec).getIV(); + } + else if (paramSpec instanceof RC2ParameterSpec) + { + int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits(); + if (effKeyBits != -1) + { + if (effKeyBits < 256) + { + parameterVersion = table[effKeyBits]; + } + else + { + parameterVersion = effKeyBits; + } + } + + this.iv = ((RC2ParameterSpec)paramSpec).getIV(); + } + else + { + throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object"); + } + } + + protected void engineInit( + byte[] params) + throws IOException + { + this.iv = Arrays.clone(params); + } + + protected void engineInit( + byte[] params, + String format) + throws IOException + { + if (this.isASN1FormatString(format)) + { + RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params)); + + if (p.getRC2ParameterVersion() != null) + { + parameterVersion = p.getRC2ParameterVersion().intValue(); + } + + iv = p.getIV(); + + return; + } + + if (format.equals("RAW")) + { + engineInit(params); + return; + } + + throw new IOException("Unknown parameters format in IV parameters object"); + } + + protected String engineToString() + { + return "RC2 Parameters"; + } + } public static class Mappings extends AlgorithmProvider @@ -466,36 +452,32 @@ public final class RC2 public void configure(ConfigurableProvider provider) { - // BEGIN android-removed - // provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); - // provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); - // - // provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); - // provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); - // - // provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); - // provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); - // - // provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); - // provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); - // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); - // provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); - // - // provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); - // provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); - // provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); - // provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); - // - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); - // END android-removed + provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen"); + + provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator"); + provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator"); + + provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams"); + provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams"); + + provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB"); + provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap"); + provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP"); + provider.addAlgorithm("Cipher.1.2.840.113549.3.2", PREFIX + "$CBC"); + + provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC"); + provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC"); + provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8"); + + provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); - // END android-removed + provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); @@ -503,18 +485,14 @@ public final class RC2 provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC"); - // BEGIN android-removed - // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); - // END android-removed + provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory"); - // BEGIN android-removed - // provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); - // END android-removed + provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2"); provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC5.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC5.java new file mode 100644 index 0000000..2f1d83a --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC5.java @@ -0,0 +1,177 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.RC532Engine; +import org.bouncycastle.crypto.engines.RC564Engine; +import org.bouncycastle.crypto.macs.CBCBlockCipherMac; +import org.bouncycastle.crypto.macs.CFBBlockCipherMac; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +public final class RC5 +{ + private RC5() + { + } + + /** + * RC5 + */ + public static class ECB32 + extends BaseBlockCipher + { + public ECB32() + { + super(new RC532Engine()); + } + } + + /** + * RC564 + */ + public static class ECB64 + extends BaseBlockCipher + { + public ECB64() + { + super(new RC564Engine()); + } + } + + public static class CBC32 + extends BaseBlockCipher + { + public CBC32() + { + super(new CBCBlockCipher(new RC532Engine()), 64); + } + } + + public static class KeyGen32 + extends BaseKeyGenerator + { + public KeyGen32() + { + super("RC5", 128, new CipherKeyGenerator()); + } + } + + /** + * RC5 + */ + public static class KeyGen64 + extends BaseKeyGenerator + { + public KeyGen64() + { + super("RC5-64", 256, new CipherKeyGenerator()); + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC5 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[8]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("RC5"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class Mac32 + extends BaseMac + { + public Mac32() + { + super(new CBCBlockCipherMac(new RC532Engine())); + } + } + + public static class CFB8Mac32 + extends BaseMac + { + public CFB8Mac32() + { + super(new CFBBlockCipherMac(new RC532Engine())); + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "RC5 IV"; + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = RC5.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.RC5", PREFIX + "$ECB32"); + provider.addAlgorithm("Alg.Alias.Cipher.RC5-32", "RC5"); + provider.addAlgorithm("Cipher.RC5-64", PREFIX + "$ECB64"); + provider.addAlgorithm("KeyGenerator.RC5", PREFIX + "$KeyGen32"); + provider.addAlgorithm("Alg.Alias.KeyGenerator.RC5-32", "RC5"); + provider.addAlgorithm("KeyGenerator.RC5-64", PREFIX + "$KeyGen64"); + provider.addAlgorithm("AlgorithmParameters.RC5", PREFIX + "$AlgParams"); + provider.addAlgorithm("AlgorithmParameters.RC5-64", PREFIX + "$AlgParams"); + provider.addAlgorithm("Mac.RC5MAC", PREFIX + "$Mac32"); + provider.addAlgorithm("Alg.Alias.Mac.RC5", "RC5MAC"); + provider.addAlgorithm("Mac.RC5MAC/CFB8", PREFIX + "$CFB8Mac32"); + provider.addAlgorithm("Alg.Alias.Mac.RC5/CFB8", "RC5MAC/CFB8"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC6.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC6.java new file mode 100644 index 0000000..674ea48 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC6.java @@ -0,0 +1,180 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.BufferedBlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.RC6Engine; +import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; +import org.bouncycastle.crypto.macs.GMac; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.crypto.modes.CFBBlockCipher; +import org.bouncycastle.crypto.modes.GCMBlockCipher; +import org.bouncycastle.crypto.modes.OFBBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +public final class RC6 +{ + private RC6() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new RC6Engine(); + } + }); + } + } + + public static class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new RC6Engine()), 128); + } + } + + static public class CFB + extends BaseBlockCipher + { + public CFB() + { + super(new BufferedBlockCipher(new CFBBlockCipher(new RC6Engine(), 128)), 128); + } + } + + static public class OFB + extends BaseBlockCipher + { + public OFB() + { + super(new BufferedBlockCipher(new OFBBlockCipher(new RC6Engine(), 128)), 128); + } + } + + public static class GMAC + extends BaseMac + { + public GMAC() + { + super(new GMac(new GCMBlockCipher(new RC6Engine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new RC6Engine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-RC6", 256, new Poly1305KeyGenerator()); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("RC6", 256, new CipherKeyGenerator()); + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC6 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("RC6"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "RC6 IV"; + } + } + + public static class Mappings + extends SymmetricAlgorithmProvider + { + private static final String PREFIX = RC6.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.RC6", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.RC6", PREFIX + "$KeyGen"); + provider.addAlgorithm("AlgorithmParameters.RC6", PREFIX + "$AlgParams"); + + addGMacAlgorithm(provider, "RC6", PREFIX + "$GMAC", PREFIX + "$KeyGen"); + addPoly1305Algorithm(provider, "RC6", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Rijndael.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Rijndael.java new file mode 100644 index 0000000..b8c36b7 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Rijndael.java @@ -0,0 +1,70 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.RijndaelEngine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class Rijndael +{ + private Rijndael() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new RijndaelEngine(); + } + }); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Rijndael", 192, new CipherKeyGenerator()); + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Rijndael IV"; + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = Rijndael.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.RIJNDAEL", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.RIJNDAEL", PREFIX + "$KeyGen"); + provider.addAlgorithm("AlgorithmParameters.RIJNDAEL", PREFIX + "$AlgParams"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SEED.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SEED.java new file mode 100644 index 0000000..510d92e --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SEED.java @@ -0,0 +1,182 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers; +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.SEEDEngine; +import org.bouncycastle.crypto.engines.SEEDWrapEngine; +import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; +import org.bouncycastle.crypto.macs.GMac; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.crypto.modes.GCMBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; + +public final class SEED +{ + private SEED() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new SEEDEngine(); + } + }); + } + } + + public static class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new SEEDEngine()), 128); + } + } + + public static class Wrap + extends BaseWrapCipher + { + public Wrap() + { + super(new SEEDWrapEngine()); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("SEED", 128, new CipherKeyGenerator()); + } + } + + public static class GMAC + extends BaseMac + { + public GMAC() + { + super(new GMac(new GCMBlockCipher(new SEEDEngine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new SEEDEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-SEED", 256, new Poly1305KeyGenerator()); + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for SEED parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[16]; + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("SEED"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + + return params; + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "SEED IV"; + } + } + + public static class Mappings + extends SymmetricAlgorithmProvider + { + private static final String PREFIX = SEED.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("AlgorithmParameters.SEED", PREFIX + "$AlgParams"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + KISAObjectIdentifiers.id_seedCBC, "SEED"); + + provider.addAlgorithm("AlgorithmParameterGenerator.SEED", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + KISAObjectIdentifiers.id_seedCBC, "SEED"); + + provider.addAlgorithm("Cipher.SEED", PREFIX + "$ECB"); + provider.addAlgorithm("Cipher." + KISAObjectIdentifiers.id_seedCBC, PREFIX + "$CBC"); + + provider.addAlgorithm("Cipher.SEEDWRAP", PREFIX + "$Wrap"); + provider.addAlgorithm("Alg.Alias.Cipher." + KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap, "SEEDWRAP"); + + provider.addAlgorithm("KeyGenerator.SEED", PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator." + KISAObjectIdentifiers.id_seedCBC, PREFIX + "$KeyGen"); + provider.addAlgorithm("KeyGenerator." + KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap, PREFIX + "$KeyGen"); + + addGMacAlgorithm(provider, "SEED", PREFIX + "$GMAC", PREFIX + "$KeyGen"); + addPoly1305Algorithm(provider, "SEED", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Salsa20.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Salsa20.java new file mode 100644 index 0000000..88b27a6 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Salsa20.java @@ -0,0 +1,51 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.Salsa20Engine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class Salsa20 +{ + private Salsa20() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new Salsa20Engine(), 8); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Salsa20", 128, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = Salsa20.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.SALSA20", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.SALSA20", PREFIX + "$KeyGen"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Serpent.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Serpent.java new file mode 100644 index 0000000..ec21880 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Serpent.java @@ -0,0 +1,103 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.SerpentEngine; +import org.bouncycastle.crypto.engines.TwofishEngine; +import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; +import org.bouncycastle.crypto.macs.GMac; +import org.bouncycastle.crypto.modes.GCMBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; + +public final class Serpent +{ + private Serpent() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new SerpentEngine(); + } + }); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Serpent", 192, new CipherKeyGenerator()); + } + } + + public static class SerpentGMAC + extends BaseMac + { + public SerpentGMAC() + { + super(new GMac(new GCMBlockCipher(new SerpentEngine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-Serpent", 256, new Poly1305KeyGenerator()); + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Serpent IV"; + } + } + + public static class Mappings + extends SymmetricAlgorithmProvider + { + private static final String PREFIX = Serpent.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.Serpent", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.Serpent", PREFIX + "$KeyGen"); + provider.addAlgorithm("AlgorithmParameters.Serpent", PREFIX + "$AlgParams"); + + addGMacAlgorithm(provider, "SERPENT", PREFIX + "$SerpentGMAC", PREFIX + "$KeyGen"); + addPoly1305Algorithm(provider, "SERPENT", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Shacal2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Shacal2.java new file mode 100644 index 0000000..ea4ccda --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Shacal2.java @@ -0,0 +1,123 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import java.security.AlgorithmParameters; +import java.security.InvalidAlgorithmParameterException; +import java.security.SecureRandom; +import java.security.spec.AlgorithmParameterSpec; + +import javax.crypto.spec.IvParameterSpec; + +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.Shacal2Engine; +import org.bouncycastle.crypto.modes.CBCBlockCipher; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; + +public final class Shacal2 +{ + private Shacal2() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new Shacal2Engine(); + } + }); + } + } + + public static class CBC + extends BaseBlockCipher + { + public CBC() + { + super(new CBCBlockCipher(new Shacal2Engine()), 256);//block size + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Shacal2", 512, new CipherKeyGenerator());//key size + } + } + + public static class AlgParamGen + extends BaseAlgorithmParameterGenerator + { + protected void engineInit( + AlgorithmParameterSpec genParamSpec, + SecureRandom random) + throws InvalidAlgorithmParameterException + { + throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for Shacal2 parameter generation."); + } + + protected AlgorithmParameters engineGenerateParameters() + { + byte[] iv = new byte[32];// block size 256 + + if (random == null) + { + random = new SecureRandom(); + } + + random.nextBytes(iv); + + AlgorithmParameters params; + + try + { + params = createParametersInstance("Shacal2"); + params.init(new IvParameterSpec(iv)); + } + catch (Exception e) + { + throw new RuntimeException(e.getMessage()); + } + return params; + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Shacal2 IV"; + } + } + + public static class Mappings + extends SymmetricAlgorithmProvider + { + private static final String PREFIX = Shacal2.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Cipher.Shacal2", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.Shacal2", PREFIX + "$KeyGen"); + provider.addAlgorithm("AlgorithmParameterGenerator.Shacal2", PREFIX + "$AlgParamGen"); + provider.addAlgorithm("AlgorithmParameters.Shacal2", PREFIX + "$AlgParams"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SipHash.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SipHash.java new file mode 100644 index 0000000..5a11531 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SipHash.java @@ -0,0 +1,62 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class SipHash +{ + private SipHash() + { + } + + public static class Mac24 + extends BaseMac + { + public Mac24() + { + super(new org.bouncycastle.crypto.macs.SipHash()); + } + } + + public static class Mac48 + extends BaseMac + { + public Mac48() + { + super(new org.bouncycastle.crypto.macs.SipHash(4, 8)); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("SipHash", 128, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = SipHash.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Mac.SIPHASH-2-4", PREFIX + "$Mac24"); + provider.addAlgorithm("Alg.Alias.Mac.SIPHASH", "SIPHASH-2-4"); + provider.addAlgorithm("Mac.SIPHASH-4-8", PREFIX + "$Mac48"); + + provider.addAlgorithm("KeyGenerator.SIPHASH", PREFIX + "$KeyGen"); + provider.addAlgorithm("Alg.Alias.KeyGenerator.SIPHASH-2-4", "SIPHASH"); + provider.addAlgorithm("Alg.Alias.KeyGenerator.SIPHASH-4-8", "SIPHASH"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Skipjack.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Skipjack.java new file mode 100644 index 0000000..ec75944 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Skipjack.java @@ -0,0 +1,87 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.SkipjackEngine; +import org.bouncycastle.crypto.macs.CBCBlockCipherMac; +import org.bouncycastle.crypto.macs.CFBBlockCipherMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class Skipjack +{ + private Skipjack() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new SkipjackEngine()); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Skipjack", 80, new CipherKeyGenerator()); + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Skipjack IV"; + } + } + + public static class Mac + extends BaseMac + { + public Mac() + { + super(new CBCBlockCipherMac(new SkipjackEngine())); + } + } + + public static class MacCFB8 + extends BaseMac + { + public MacCFB8() + { + super(new CFBBlockCipherMac(new SkipjackEngine())); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = Skipjack.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.SKIPJACK", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.SKIPJACK", PREFIX + "$KeyGen"); + provider.addAlgorithm("AlgorithmParameters.SKIPJACK", PREFIX + "$AlgParams"); + provider.addAlgorithm("Mac.SKIPJACKMAC", PREFIX + "$Mac"); + provider.addAlgorithm("Alg.Alias.Mac.SKIPJACK", "SKIPJACKMAC"); + provider.addAlgorithm("Mac.SKIPJACKMAC/CFB8", PREFIX + "$MacCFB8"); + provider.addAlgorithm("Alg.Alias.Mac.SKIPJACK/CFB8", "SKIPJACKMAC/CFB8"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java index fc34865..c1b3d19 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java @@ -6,31 +6,29 @@ import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; abstract class SymmetricAlgorithmProvider extends AlgorithmProvider { - // BEGIN android-removed - // protected void addGMacAlgorithm( - // ConfigurableProvider provider, - // String algorithm, - // String algorithmClassName, - // String keyGeneratorClassName) - // { - // provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); - // provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); - // - // provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); - // provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); - // } - // - // protected void addPoly1305Algorithm(ConfigurableProvider provider, - // String algorithm, - // String algorithmClassName, - // String keyGeneratorClassName) - // { - // provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); - // provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); - // - // provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); - // provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); - // } - // END android-removed + protected void addGMacAlgorithm( + ConfigurableProvider provider, + String algorithm, + String algorithmClassName, + String keyGeneratorClassName) + { + provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC"); + + provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC", algorithm + "-GMAC"); + } + + protected void addPoly1305Algorithm(ConfigurableProvider provider, + String algorithm, + String algorithmClassName, + String keyGeneratorClassName) + { + provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName); + provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm); + + provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName); + provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm); + } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TEA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TEA.java new file mode 100644 index 0000000..4bc12c9 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TEA.java @@ -0,0 +1,62 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.TEAEngine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class TEA +{ + private TEA() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new TEAEngine()); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("TEA", 128, new CipherKeyGenerator()); + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "TEA IV"; + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = TEA.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.TEA", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.TEA", PREFIX + "$KeyGen"); + provider.addAlgorithm("AlgorithmParameters.TEA", PREFIX + "$AlgParams"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Threefish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Threefish.java new file mode 100644 index 0000000..2970de6 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Threefish.java @@ -0,0 +1,120 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.ThreefishEngine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class Threefish +{ + private Threefish() + { + } + + public static class ECB_256 + extends BaseBlockCipher + { + public ECB_256() + { + super(new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256)); + } + } + + public static class ECB_512 + extends BaseBlockCipher + { + public ECB_512() + { + super(new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512)); + } + } + + public static class ECB_1024 + extends BaseBlockCipher + { + public ECB_1024() + { + super(new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024)); + } + } + + public static class KeyGen_256 + extends BaseKeyGenerator + { + public KeyGen_256() + { + super("Threefish-256", 256, new CipherKeyGenerator()); + } + } + + public static class KeyGen_512 + extends BaseKeyGenerator + { + public KeyGen_512() + { + super("Threefish-512", 512, new CipherKeyGenerator()); + } + } + + public static class KeyGen_1024 + extends BaseKeyGenerator + { + public KeyGen_1024() + { + super("Threefish-1024", 1024, new CipherKeyGenerator()); + } + } + + public static class AlgParams_256 + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Threefish-256 IV"; + } + } + + public static class AlgParams_512 + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Threefish-512 IV"; + } + } + + public static class AlgParams_1024 + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Threefish-1024 IV"; + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = Threefish.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + provider.addAlgorithm("Cipher.Threefish-256", PREFIX + "$ECB_256"); + provider.addAlgorithm("Cipher.Threefish-512", PREFIX + "$ECB_512"); + provider.addAlgorithm("Cipher.Threefish-1024", PREFIX + "$ECB_1024"); + provider.addAlgorithm("KeyGenerator.Threefish-256", PREFIX + "$KeyGen_256"); + provider.addAlgorithm("KeyGenerator.Threefish-512", PREFIX + "$KeyGen_512"); + provider.addAlgorithm("KeyGenerator.Threefish-1024", PREFIX + "$KeyGen_1024"); + provider.addAlgorithm("AlgorithmParameters.Threefish-256", PREFIX + "$AlgParams_256"); + provider.addAlgorithm("AlgorithmParameters.Threefish-512", PREFIX + "$AlgParams_512"); + provider.addAlgorithm("AlgorithmParameters.Threefish-1024", PREFIX + "$AlgParams_1024"); + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java index e2b2efd..4c3ab1c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java @@ -1,26 +1,18 @@ package org.bouncycastle.jcajce.provider.symmetric; -// BEGIN android-removed -// import org.bouncycastle.crypto.BlockCipher; -// import org.bouncycastle.crypto.CipherKeyGenerator; -// END android-removed +import org.bouncycastle.crypto.BlockCipher; +import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.engines.TwofishEngine; -// BEGIN android-removed -// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; -// import org.bouncycastle.crypto.macs.GMac; -// END android-removed +import org.bouncycastle.crypto.generators.Poly1305KeyGenerator; +import org.bouncycastle.crypto.macs.GMac; import org.bouncycastle.crypto.modes.CBCBlockCipher; -// BEGIN android-removed -// import org.bouncycastle.crypto.modes.GCMBlockCipher; -// END android-removed +import org.bouncycastle.crypto.modes.GCMBlockCipher; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; -// BEGIN android-removed -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; -// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; -// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; -// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; -// END android-removed +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory; public final class Twofish @@ -29,58 +21,56 @@ public final class Twofish { } - // BEGIN android-removed - // public static class ECB - // extends BaseBlockCipher - // { - // public ECB() - // { - // super(new BlockCipherProvider() - // { - // public BlockCipher get() - // { - // return new TwofishEngine(); - // } - // }); - // } - // } - // - // public static class KeyGen - // extends BaseKeyGenerator - // { - // public KeyGen() - // { - // super("Twofish", 256, new CipherKeyGenerator()); - // } - // } - // - // public static class GMAC - // extends BaseMac - // { - // public GMAC() - // { - // super(new GMac(new GCMBlockCipher(new TwofishEngine()))); - // } - // } - // - // public static class Poly1305 - // extends BaseMac - // { - // public Poly1305() - // { - // super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); - // } - // } - // - // public static class Poly1305KeyGen - // extends BaseKeyGenerator - // { - // public Poly1305KeyGen() - // { - // super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); - // } - // } - // END android-removed + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new BlockCipherProvider() + { + public BlockCipher get() + { + return new TwofishEngine(); + } + }); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("Twofish", 256, new CipherKeyGenerator()); + } + } + + public static class GMAC + extends BaseMac + { + public GMAC() + { + super(new GMac(new GCMBlockCipher(new TwofishEngine()))); + } + } + + public static class Poly1305 + extends BaseMac + { + public Poly1305() + { + super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine())); + } + } + + public static class Poly1305KeyGen + extends BaseKeyGenerator + { + public Poly1305KeyGen() + { + super("Poly1305-Twofish", 256, new Poly1305KeyGenerator()); + } + } /** * PBEWithSHAAndTwofish-CBC @@ -106,16 +96,14 @@ public final class Twofish } } - // BEGIN android-removed - // public static class AlgParams - // extends IvAlgorithmParameters - // { - // protected String engineToString() - // { - // return "Twofish IV"; - // } - // } - // END android-removed + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "Twofish IV"; + } + } public static class Mappings extends SymmetricAlgorithmProvider @@ -128,21 +116,17 @@ public final class Twofish public void configure(ConfigurableProvider provider) { - // BEGIN android-removed - // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); - // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); - // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); - // END android-removed + provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen"); + provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE"); provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE"); provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHA"); provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory"); - // BEGIN android-removed - // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); - // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); - // END android-removed + addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen"); + addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen"); } } } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPC.java new file mode 100644 index 0000000..1e59e07 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPC.java @@ -0,0 +1,65 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.VMPCEngine; +import org.bouncycastle.crypto.macs.VMPCMac; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class VMPC +{ + private VMPC() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new VMPCEngine(), 16); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("VMPC", 128, new CipherKeyGenerator()); + } + } + + public static class Mac + extends BaseMac + { + public Mac() + { + super(new VMPCMac()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = VMPC.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.VMPC", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.VMPC", PREFIX + "$KeyGen"); + provider.addAlgorithm("Mac.VMPCMAC", PREFIX + "$Mac"); + provider.addAlgorithm("Alg.Alias.Mac.VMPC", "VMPCMAC"); + provider.addAlgorithm("Alg.Alias.Mac.VMPC-MAC", "VMPCMAC"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPCKSA3.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPCKSA3.java new file mode 100644 index 0000000..b5d8814 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPCKSA3.java @@ -0,0 +1,51 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.VMPCKSA3Engine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class VMPCKSA3 +{ + private VMPCKSA3() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new VMPCKSA3Engine(), 16); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("VMPC-KSA3", 128, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = VMPCKSA3.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.VMPC-KSA3", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.VMPC-KSA3", PREFIX + "$KeyGen"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XSalsa20.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XSalsa20.java new file mode 100644 index 0000000..5be0640 --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XSalsa20.java @@ -0,0 +1,51 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.XSalsa20Engine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class XSalsa20 +{ + private XSalsa20() + { + } + + public static class Base + extends BaseStreamCipher + { + public Base() + { + super(new XSalsa20Engine(), 24); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("XSalsa20", 256, new CipherKeyGenerator()); + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = XSalsa20.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.XSALSA20", PREFIX + "$Base"); + provider.addAlgorithm("KeyGenerator.XSALSA20", PREFIX + "$KeyGen"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XTEA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XTEA.java new file mode 100644 index 0000000..2e946de --- /dev/null +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XTEA.java @@ -0,0 +1,62 @@ +package org.bouncycastle.jcajce.provider.symmetric; + +import org.bouncycastle.crypto.CipherKeyGenerator; +import org.bouncycastle.crypto.engines.XTEAEngine; +import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher; +import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator; +import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters; +import org.bouncycastle.jcajce.provider.util.AlgorithmProvider; + +public final class XTEA +{ + private XTEA() + { + } + + public static class ECB + extends BaseBlockCipher + { + public ECB() + { + super(new XTEAEngine()); + } + } + + public static class KeyGen + extends BaseKeyGenerator + { + public KeyGen() + { + super("XTEA", 128, new CipherKeyGenerator()); + } + } + + public static class AlgParams + extends IvAlgorithmParameters + { + protected String engineToString() + { + return "XTEA IV"; + } + } + + public static class Mappings + extends AlgorithmProvider + { + private static final String PREFIX = XTEA.class.getName(); + + public Mappings() + { + } + + public void configure(ConfigurableProvider provider) + { + + provider.addAlgorithm("Cipher.XTEA", PREFIX + "$ECB"); + provider.addAlgorithm("KeyGenerator.XTEA", PREFIX + "$KeyGen"); + provider.addAlgorithm("AlgorithmParameters.XTEA", PREFIX + "$AlgParams"); + + } + } +} diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java index 0e933b7..08ddfb4 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java @@ -20,10 +20,8 @@ import javax.crypto.SecretKey; import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed -// import javax.crypto.spec.RC2ParameterSpec; -// import javax.crypto.spec.RC5ParameterSpec; -// END android-removed +import javax.crypto.spec.RC2ParameterSpec; +import javax.crypto.spec.RC5ParameterSpec; import org.bouncycastle.asn1.cms.GCMParameters; import org.bouncycastle.crypto.BlockCipher; @@ -37,20 +35,14 @@ import org.bouncycastle.crypto.modes.CBCBlockCipher; import org.bouncycastle.crypto.modes.CCMBlockCipher; import org.bouncycastle.crypto.modes.CFBBlockCipher; import org.bouncycastle.crypto.modes.CTSBlockCipher; -// BEGIN android-removed -// import org.bouncycastle.crypto.modes.EAXBlockCipher; -// import org.bouncycastle.crypto.modes.GCFBBlockCipher; -// END android-removed +import org.bouncycastle.crypto.modes.EAXBlockCipher; +import org.bouncycastle.crypto.modes.GCFBBlockCipher; import org.bouncycastle.crypto.modes.GCMBlockCipher; -// BEGIN android-removed -// import org.bouncycastle.crypto.modes.GOFBBlockCipher; -// import org.bouncycastle.crypto.modes.OCBBlockCipher; -// END android-removed +import org.bouncycastle.crypto.modes.GOFBBlockCipher; +import org.bouncycastle.crypto.modes.OCBBlockCipher; import org.bouncycastle.crypto.modes.OFBBlockCipher; -// BEGIN android-removed -// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; -// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; -// END android-removed +import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; +import org.bouncycastle.crypto.modes.PGPCFBBlockCipher; import org.bouncycastle.crypto.modes.SICBlockCipher; import org.bouncycastle.crypto.paddings.BlockCipherPadding; import org.bouncycastle.crypto.paddings.ISO10126d2Padding; @@ -63,15 +55,11 @@ import org.bouncycastle.crypto.params.AEADParameters; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; import org.bouncycastle.crypto.params.ParametersWithRandom; -// BEGIN android-removed -// import org.bouncycastle.crypto.params.ParametersWithSBox; -// END android-removed +import org.bouncycastle.crypto.params.ParametersWithSBox; import org.bouncycastle.crypto.params.RC2Parameters; -// BEGIN android-removed -// import org.bouncycastle.crypto.params.RC5Parameters; -// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; -// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; -// END android-removed +import org.bouncycastle.crypto.params.RC5Parameters; +import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec; +import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec; import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.util.Strings; @@ -86,15 +74,11 @@ public class BaseBlockCipher // private Class[] availableSpecs = { - // BEGIN android-removed - // RC2ParameterSpec.class, - // RC5ParameterSpec.class, - // END android-removed + RC2ParameterSpec.class, + RC5ParameterSpec.class, IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed - // GOST28147ParameterSpec.class, - // END android-removed + GOST28147ParameterSpec.class, gcmSpecClass }; @@ -300,52 +284,48 @@ public class BaseBlockCipher new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize())); } } - // BEGIN android-removed - // else if (modeName.startsWith("PGP")) - // { - // boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); - // - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher( - // new PGPCFBBlockCipher(baseEngine, inlineIV)); - // } - // else if (modeName.equalsIgnoreCase("OpenPGPCFB")) - // { - // ivLength = 0; - // cipher = new BufferedGenericBlockCipher( - // new OpenPGPCFBBlockCipher(baseEngine)); - // } - // else if (modeName.startsWith("SIC")) - // { - // ivLength = baseEngine.getBlockSize(); - // if (ivLength < 16) - // { - // throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); - // } - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new SICBlockCipher(baseEngine))); - // } - // END android-removed + else if (modeName.startsWith("PGP")) + { + boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV"); + + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher( + new PGPCFBBlockCipher(baseEngine, inlineIV)); + } + else if (modeName.equalsIgnoreCase("OpenPGPCFB")) + { + ivLength = 0; + cipher = new BufferedGenericBlockCipher( + new OpenPGPCFBBlockCipher(baseEngine)); + } + else if (modeName.startsWith("SIC")) + { + ivLength = baseEngine.getBlockSize(); + if (ivLength < 16) + { + throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)"); + } + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new SICBlockCipher(baseEngine))); + } else if (modeName.startsWith("CTR")) { ivLength = baseEngine.getBlockSize(); cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( new SICBlockCipher(baseEngine))); } - // BEGIN android-removed - // else if (modeName.startsWith("GOFB")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new GOFBBlockCipher(baseEngine))); - // } - // else if (modeName.startsWith("GCFB")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( - // new GCFBBlockCipher(baseEngine))); - // } - // END android-removed + else if (modeName.startsWith("GOFB")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new GOFBBlockCipher(baseEngine))); + } + else if (modeName.startsWith("GCFB")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher( + new GCFBBlockCipher(baseEngine))); + } else if (modeName.startsWith("CTS")) { ivLength = baseEngine.getBlockSize(); @@ -356,28 +336,26 @@ public class BaseBlockCipher ivLength = 13; // CCM nonce 7..13 bytes cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine)); } - // BEGIN android-removed - // else if (modeName.startsWith("OCB")) - // { - // if (engineProvider != null) - // { - // /* - // * RFC 7253 4.2. Nonce is a string of no more than 120 bits - // */ - // ivLength = 15; - // cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); - // } - // else - // { - // throw new NoSuchAlgorithmException("can't support mode " + mode); - // } - // } - // else if (modeName.startsWith("EAX")) - // { - // ivLength = baseEngine.getBlockSize(); - // cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); - // } - // END android-removed + else if (modeName.startsWith("OCB")) + { + if (engineProvider != null) + { + /* + * RFC 7253 4.2. Nonce is a string of no more than 120 bits + */ + ivLength = 15; + cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get())); + } + else + { + throw new NoSuchAlgorithmException("can't support mode " + mode); + } + } + else if (modeName.startsWith("EAX")) + { + ivLength = baseEngine.getBlockSize(); + cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine)); + } else if (modeName.startsWith("GCM")) { ivLength = baseEngine.getBlockSize(); @@ -500,20 +478,18 @@ public class BaseBlockCipher param = new ParametersWithIV(param, iv.getIV()); } - // BEGIN android-removed - // else if (params instanceof GOST28147ParameterSpec) - // { - // // need to pick up IV and SBox. - // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - // - // param = new ParametersWithSBox(param, gost28147Param.getSbox()); - // - // if (gost28147Param.getIV() != null && ivLength != 0) - // { - // param = new ParametersWithIV(param, gost28147Param.getIV()); - // } - // } - // END android-removed + else if (params instanceof GOST28147ParameterSpec) + { + // need to pick up IV and SBox. + GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + + param = new ParametersWithSBox(param, gost28147Param.getSbox()); + + if (gost28147Param.getIV() != null && ivLength != 0) + { + param = new ParametersWithIV(param, gost28147Param.getIV()); + } + } } else if (params instanceof PBEParameterSpec) { @@ -545,14 +521,12 @@ public class BaseBlockCipher throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long."); } - // BEGIN android-removed - // if (key instanceof RepeatedSecretKeySpec) - // { - // param = new ParametersWithIV(null, p.getIV()); - // ivParam = (ParametersWithIV)param; - // } - // else - // END android-removed + if (key instanceof RepeatedSecretKeySpec) + { + param = new ParametersWithIV(null, p.getIV()); + ivParam = (ParametersWithIV)param; + } + else { param = new ParametersWithIV(new KeyParameter(key.getEncoded()), p.getIV()); ivParam = (ParametersWithIV)param; @@ -568,65 +542,63 @@ public class BaseBlockCipher param = new KeyParameter(key.getEncoded()); } } - // BEGIN android-removed - // else if (params instanceof GOST28147ParameterSpec) - // { - // GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; - // - // param = new ParametersWithSBox( - // new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); - // - // if (gost28147Param.getIV() != null && ivLength != 0) - // { - // param = new ParametersWithIV(param, gost28147Param.getIV()); - // ivParam = (ParametersWithIV)param; - // } - // } - // else if (params instanceof RC2ParameterSpec) - // { - // RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; - // - // param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); - // - // if (rc2Param.getIV() != null && ivLength != 0) - // { - // param = new ParametersWithIV(param, rc2Param.getIV()); - // ivParam = (ParametersWithIV)param; - // } - // } - // else if (params instanceof RC5ParameterSpec) - // { - // RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; - // - // param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); - // if (baseEngine.getAlgorithmName().startsWith("RC5")) - // { - // if (baseEngine.getAlgorithmName().equals("RC5-32")) - // { - // if (rc5Param.getWordSize() != 32) - // { - // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); - // } - // } - // else if (baseEngine.getAlgorithmName().equals("RC5-64")) - // { - // if (rc5Param.getWordSize() != 64) - // { - // throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); - // } - // } - // } - // else - // { - // throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); - // } - // if ((rc5Param.getIV() != null) && (ivLength != 0)) - // { - // param = new ParametersWithIV(param, rc5Param.getIV()); - // ivParam = (ParametersWithIV)param; - // } - // } - // END android-removed + else if (params instanceof GOST28147ParameterSpec) + { + GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params; + + param = new ParametersWithSBox( + new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox()); + + if (gost28147Param.getIV() != null && ivLength != 0) + { + param = new ParametersWithIV(param, gost28147Param.getIV()); + ivParam = (ParametersWithIV)param; + } + } + else if (params instanceof RC2ParameterSpec) + { + RC2ParameterSpec rc2Param = (RC2ParameterSpec)params; + + param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits()); + + if (rc2Param.getIV() != null && ivLength != 0) + { + param = new ParametersWithIV(param, rc2Param.getIV()); + ivParam = (ParametersWithIV)param; + } + } + else if (params instanceof RC5ParameterSpec) + { + RC5ParameterSpec rc5Param = (RC5ParameterSpec)params; + + param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds()); + if (baseEngine.getAlgorithmName().startsWith("RC5")) + { + if (baseEngine.getAlgorithmName().equals("RC5-32")) + { + if (rc5Param.getWordSize() != 32) + { + throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + "."); + } + } + else if (baseEngine.getAlgorithmName().equals("RC5-64")) + { + if (rc5Param.getWordSize() != 64) + { + throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + "."); + } + } + } + else + { + throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5."); + } + if ((rc5Param.getIV() != null) && (ivLength != 0)) + { + param = new ParametersWithIV(param, rc5Param.getIV()); + ivParam = (ParametersWithIV)param; + } + } else if (gcmSpecClass != null && gcmSpecClass.isInstance(params)) { if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher)) @@ -639,13 +611,11 @@ public class BaseBlockCipher Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]); Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]); - // BEGIN android-removed - // if (key instanceof RepeatedSecretKeySpec) - // { - // param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); - // } - // else - // END android-removed + if (key instanceof RepeatedSecretKeySpec) + { + param = aeadParams = new AEADParameters(null, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); + } + else { param = aeadParams = new AEADParameters(new KeyParameter(key.getEncoded()), ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0])); } @@ -897,9 +867,7 @@ public class BaseBlockCipher private boolean isAEADModeName( String modeName) { - // BEGIN android-changed - return "CCM".equals(modeName) || "GCM".equals(modeName); - // END android-changed + return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName); } /* diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java index d014972..270d648 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java @@ -16,10 +16,8 @@ import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.Mac; import org.bouncycastle.crypto.params.KeyParameter; import org.bouncycastle.crypto.params.ParametersWithIV; -// BEGIN android-removed -// import org.bouncycastle.crypto.params.SkeinParameters; -// import org.bouncycastle.jcajce.spec.SkeinParameterSpec; -// END android-removed +import org.bouncycastle.crypto.params.SkeinParameters; +import org.bouncycastle.jcajce.spec.SkeinParameterSpec; public class BaseMac extends MacSpi implements PBE @@ -81,12 +79,10 @@ public class BaseMac { param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV()); } - // BEGIN android-removed - // else if (params instanceof SkeinParameterSpec) - // { - // param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); - // } - // END android-removed + else if (params instanceof SkeinParameterSpec) + { + param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(key.getEncoded()).build(); + } else if (params == null) { param = new KeyParameter(key.getEncoded()); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java index fba61b8..665bcab 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java @@ -15,10 +15,8 @@ import javax.crypto.SecretKey; import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed -// import javax.crypto.spec.RC2ParameterSpec; -// import javax.crypto.spec.RC5ParameterSpec; -// END android-removed +import javax.crypto.spec.RC2ParameterSpec; +import javax.crypto.spec.RC5ParameterSpec; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.DataLengthException; @@ -36,10 +34,8 @@ public class BaseStreamCipher // private Class[] availableSpecs = { - // BEGIN android-removed - // RC2ParameterSpec.class, - // RC5ParameterSpec.class, - // END android-removed + RC2ParameterSpec.class, + RC5ParameterSpec.class, IvParameterSpec.class, PBEParameterSpec.class }; diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java index a26d980..5d9aea0 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java @@ -24,10 +24,8 @@ import javax.crypto.NoSuchPaddingException; import javax.crypto.ShortBufferException; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEParameterSpec; -// BEGIN android-removed -// import javax.crypto.spec.RC2ParameterSpec; -// import javax.crypto.spec.RC5ParameterSpec; -// END android-removed +import javax.crypto.spec.RC2ParameterSpec; +import javax.crypto.spec.RC5ParameterSpec; import javax.crypto.spec.SecretKeySpec; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; @@ -52,10 +50,8 @@ public abstract class BaseWrapCipher { IvParameterSpec.class, PBEParameterSpec.class, - // BEGIN android-removed - // RC2ParameterSpec.class, - // RC5ParameterSpec.class - // END android-removed + RC2ParameterSpec.class, + RC5ParameterSpec.class }; protected int pbeType = PKCS12; @@ -280,8 +276,6 @@ public abstract class BaseWrapCipher return null; } - // BEGIN android-changed - // added ShortBufferException to throws statement protected int engineDoFinal( byte[] input, int inputOffset, @@ -292,7 +286,6 @@ public abstract class BaseWrapCipher { return 0; } - // END android-changed protected byte[] engineWrap( Key key) diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java index c39a2d3..fac3ead 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java @@ -7,18 +7,13 @@ import javax.crypto.spec.PBEParameterSpec; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.PBEParametersGenerator; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.GOST3411Digest; -// import org.bouncycastle.crypto.digests.MD2Digest; -// import org.bouncycastle.crypto.digests.MD5Digest; -// import org.bouncycastle.crypto.digests.RIPEMD160Digest; -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.digests.SHA256Digest; -// import org.bouncycastle.crypto.digests.TigerDigest; -// END android-removed -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added +import org.bouncycastle.crypto.digests.GOST3411Digest; +import org.bouncycastle.crypto.digests.MD2Digest; +import org.bouncycastle.crypto.digests.MD5Digest; +import org.bouncycastle.crypto.digests.RIPEMD160Digest; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.TigerDigest; import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator; import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator; import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator; @@ -34,15 +29,11 @@ public interface PBE // static final int MD5 = 0; static final int SHA1 = 1; - // BEGIN android-removed - // static final int RIPEMD160 = 2; - // static final int TIGER = 3; - // END android-removed + static final int RIPEMD160 = 2; + static final int TIGER = 3; static final int SHA256 = 4; - // BEGIN android-removed - // static final int MD2 = 5; - // static final int GOST3411 = 6; - // END android-removed + static final int MD2 = 5; + static final int GOST3411 = 6; static final int PKCS5S1 = 0; static final int PKCS5S2 = 1; @@ -66,20 +57,14 @@ public interface PBE { switch (hash) { - // BEGIN android-removed - // case MD2: - // generator = new PKCS5S1ParametersGenerator(new MD2Digest()); - // break; - // END android-removed + case MD2: + generator = new PKCS5S1ParametersGenerator(new MD2Digest()); + break; case MD5: - // BEGIN android-changed - generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed + generator = new PKCS5S1ParametersGenerator(new MD5Digest()); break; case SHA1: - // BEGIN android-changed - generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed + generator = new PKCS5S1ParametersGenerator(new SHA1Digest()); break; default: throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1."); @@ -89,39 +74,27 @@ public interface PBE { switch (hash) { - // BEGIN android-removed - // case MD2: - // generator = new PKCS5S2ParametersGenerator(new MD2Digest()); - // break; - // END android-removed + case MD2: + generator = new PKCS5S2ParametersGenerator(new MD2Digest()); + break; case MD5: - // BEGIN android-changed - generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed + generator = new PKCS5S2ParametersGenerator(new MD5Digest()); break; case SHA1: - // BEGIN android-changed - generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed + generator = new PKCS5S2ParametersGenerator(new SHA1Digest()); + break; + case RIPEMD160: + generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); + break; + case TIGER: + generator = new PKCS5S2ParametersGenerator(new TigerDigest()); break; - // BEGIN android-removed - // case RIPEMD160: - // generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest()); - // break; - // case TIGER: - // generator = new PKCS5S2ParametersGenerator(new TigerDigest()); - // break; - // END android-removed case SHA256: - // BEGIN android-changed - generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256()); - // END android-changed + generator = new PKCS5S2ParametersGenerator(new SHA256Digest()); + break; + case GOST3411: + generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); break; - // BEGIN android-removed - // case GOST3411: - // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); - // break; - // END android-removed default: throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption."); } @@ -130,39 +103,27 @@ public interface PBE { switch (hash) { - // BEGIN android-removed - // case MD2: - // generator = new PKCS12ParametersGenerator(new MD2Digest()); - // break; - // END android-removed + case MD2: + generator = new PKCS12ParametersGenerator(new MD2Digest()); + break; case MD5: - // BEGIN android-changed - generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5()); - // END android-changed + generator = new PKCS12ParametersGenerator(new MD5Digest()); break; case SHA1: - // BEGIN android-changed - generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1()); - // END android-changed + generator = new PKCS12ParametersGenerator(new SHA1Digest()); + break; + case RIPEMD160: + generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); + break; + case TIGER: + generator = new PKCS12ParametersGenerator(new TigerDigest()); break; - // BEGIN android-removed - // case RIPEMD160: - // generator = new PKCS12ParametersGenerator(new RIPEMD160Digest()); - // break; - // case TIGER: - // generator = new PKCS12ParametersGenerator(new TigerDigest()); - // break; - // END android-removed case SHA256: - // BEGIN android-changed - generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); - // END android-changed + generator = new PKCS12ParametersGenerator(new SHA256Digest()); + break; + case GOST3411: + generator = new PKCS12ParametersGenerator(new GOST3411Digest()); break; - // BEGIN android-removed - // case GOST3411: - // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); - // break; - // END android-removed default: throw new IllegalStateException("unknown digest scheme for PBE encryption."); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java index 19ca6b1..f97e75f 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java @@ -10,17 +10,12 @@ import org.bouncycastle.asn1.nist.NISTObjectIdentifiers; import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.Digest; -// BEGIN android-removed -// import org.bouncycastle.crypto.digests.MD5Digest; -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.digests.SHA224Digest; -// import org.bouncycastle.crypto.digests.SHA256Digest; -// import org.bouncycastle.crypto.digests.SHA384Digest; -// import org.bouncycastle.crypto.digests.SHA512Digest; -// END android-removed -// BEGIN android-added -import org.bouncycastle.crypto.digests.AndroidDigestFactory; -// END android-added +import org.bouncycastle.crypto.digests.MD5Digest; +import org.bouncycastle.crypto.digests.SHA1Digest; +import org.bouncycastle.crypto.digests.SHA224Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.SHA384Digest; +import org.bouncycastle.crypto.digests.SHA512Digest; import org.bouncycastle.util.Strings; public class DigestFactory @@ -90,39 +85,27 @@ public class DigestFactory if (sha1.contains(digestName)) { - // BEGIN android-changed - return AndroidDigestFactory.getSHA1(); - // END android-changed + return new SHA1Digest(); } if (md5.contains(digestName)) { - // BEGIN android-changed - return AndroidDigestFactory.getMD5(); - // END android-changed + return new MD5Digest(); } if (sha224.contains(digestName)) { - // BEGIN android-changed - return AndroidDigestFactory.getSHA224(); - // END android-changed + return new SHA224Digest(); } if (sha256.contains(digestName)) { - // BEGIN android-changed - return AndroidDigestFactory.getSHA256(); - // END android-changed + return new SHA256Digest(); } if (sha384.contains(digestName)) { - // BEGIN android-changed - return AndroidDigestFactory.getSHA384(); - // END android-changed + return new SHA384Digest(); } if (sha512.contains(digestName)) { - // BEGIN android-changed - return AndroidDigestFactory.getSHA512(); - // END android-changed + return new SHA512Digest(); } return null; |