bouncycastle: upgrade to version 1.56

Merge remote-tracking branch 'aosp/upstream-master' into merge-to-156 Test: ran the following cts modules: CtsLibcoreFileIOTestCases CtsLibcoreJavaUtilCollectionsTestCases CtsLibcoreJsr166TestCases CtsLibcoreLegacy22TestCases CtsLibcoreOjTestCases CtsLibcoreOkHttpTestCases CtsLibcoreTestCases Bug: 31076342 Change-Id: Iceb926dc5a312b2047bf19d1c82fb16e42bc1461
author: Sergio Giro <sgiro@google.com> 2017-01-04 18:16:22 +0000
committer: Sergio Giro <sgiro@google.com> 2017-01-19 19:49:45 +0000
commit: 7dad97b63c47edea4e3afb374dcd00c7b7a1bdd4 (patch)
tree: 8ebc72ead6f9a80938fdba92e217da96ee451037 /bcpkix/src/main/java/org/bouncycastle/cms
parent: fba1a1dba277746d3be0667de9eb4b98494a1963 (diff)
parent: eaf604a467ff401cd0e0f74051ff5afa9e07359d (diff)
download: bouncycastle-7dad97b63c47edea4e3afb374dcd00c7b7a1bdd4.tar.gz
6 files changed, 57 insertions, 8 deletions
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAbsentContent.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAbsentContent.java
index f256e2a2..242d64bb 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAbsentContent.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAbsentContent.java
@@ -17,7 +17,7 @@ public class CMSAbsentContent
 
     public CMSAbsentContent()
     {
-        this(new ASN1ObjectIdentifier(CMSObjectIdentifiers.data.getId()));
+        this(CMSObjectIdentifiers.data);
     }
 
     public CMSAbsentContent(
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
index e8ebc83e..780d4660 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
@@ -41,7 +41,7 @@ public class DefaultCMSSignatureEncryptionAlgorithmFinder
 
     public AlgorithmIdentifier findEncryptionAlgorithm(AlgorithmIdentifier signatureAlgorithm)
     {
-               // RFC3370 section 3.2
+               // RFC3370 section 3.2 with RFC 5754 update
         if (RSA_PKCS1d5.contains(signatureAlgorithm.getAlgorithm()))
         {
             return new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE);
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultSignedAttributeTableGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultSignedAttributeTableGenerator.java
index ddfd2ebd..fb268b29 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultSignedAttributeTableGenerator.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultSignedAttributeTableGenerator.java
@@ -51,8 +51,8 @@ public class DefaultSignedAttributeTableGenerator
 
     /**
      * Create a standard attribute table from the passed in parameters - this will
-     * normally include contentType, signingTime, and messageDigest. If the constructor
-     * using an AttributeTable was used, entries in it for contentType, signingTime, and
+     * normally include contentType, signingTime, messageDigest, and CMS algorithm protection.
+     * If the constructor using an AttributeTable was used, entries in it for contentType, signingTime, and
      * messageDigest will override the generated ones.
      *
      * @param parameters source parameters for table generation.
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipient.java
index 7322fdcc..932c2762 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipient.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipient.java
@@ -1,5 +1,7 @@
 package org.bouncycastle.cms;
 
+import org.bouncycastle.asn1.DERNull;
+import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 
 public interface PasswordRecipient
@@ -8,6 +10,34 @@ public interface PasswordRecipient
     public static final int PKCS5_SCHEME2 = 0;
     public static final int PKCS5_SCHEME2_UTF8 = 1;
 
+    static final class PRF
+    {
+        public static final PRF HMacSHA1 = new PRF("HMacSHA1", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA1, DERNull.INSTANCE));
+        public static final PRF HMacSHA224 = new PRF("HMacSHA224", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA224, DERNull.INSTANCE));
+        public static final PRF HMacSHA256 = new PRF("HMacSHA256", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA256, DERNull.INSTANCE));
+        public static final PRF HMacSHA384 = new PRF("HMacSHA384", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA384, DERNull.INSTANCE));
+        public static final PRF HMacSHA512 = new PRF("HMacSHA512", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA512, DERNull.INSTANCE));
+
+        private final String hmac;
+        final AlgorithmIdentifier prfAlgID;
+
+        private PRF(String hmac, AlgorithmIdentifier prfAlgID)
+        {
+            this.hmac = hmac;
+            this.prfAlgID = prfAlgID;
+        }
+
+        public String getName()
+        {
+            return hmac;
+        }
+
+        public AlgorithmIdentifier getAlgorithmID()
+        {
+            return prfAlgID;
+        }
+    }
+
     byte[] calculateDerivedKey(int schemeID, AlgorithmIdentifier derivationAlgorithm, int keySize)
         throws CMSException;
 
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/SignerInfoGeneratorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cms/SignerInfoGeneratorBuilder.java
index 7a47a2f8..ccb6e2cf 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/SignerInfoGeneratorBuilder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/SignerInfoGeneratorBuilder.java
@@ -29,10 +29,11 @@ public class SignerInfoGeneratorBuilder
         this(digestProvider, new DefaultCMSSignatureEncryptionAlgorithmFinder());
     }
 
-        /**
-     *  Base constructor.
+    /**
+     * Base constructor with a particular finder for signature algorithms.
      *
-     * @param digestProvider  a provider of digest calculators for the algorithms required in the signature and attribute calculations.
+     * @param digestProvider a provider of digest calculators for the algorithms required in the signature and attribute calculations.
+     * @param sigEncAlgFinder finder for algorithm IDs to store for the signature encryption/signature algorithm field.
      */
     public SignerInfoGeneratorBuilder(DigestCalculatorProvider digestProvider, CMSSignatureEncryptionAlgorithmFinder sigEncAlgFinder)
     {
diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSignerInfoGeneratorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSignerInfoGeneratorBuilder.java
index 4a0e7ca4..17a2f093 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSignerInfoGeneratorBuilder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSignerInfoGeneratorBuilder.java
@@ -6,6 +6,8 @@ import java.security.cert.X509Certificate;
 import org.bouncycastle.cert.X509CertificateHolder;
 import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
 import org.bouncycastle.cms.CMSAttributeTableGenerator;
+import org.bouncycastle.cms.CMSSignatureEncryptionAlgorithmFinder;
+import org.bouncycastle.cms.DefaultCMSSignatureEncryptionAlgorithmFinder;
 import org.bouncycastle.cms.SignerInfoGenerator;
 import org.bouncycastle.cms.SignerInfoGeneratorBuilder;
 import org.bouncycastle.operator.ContentSigner;
@@ -16,9 +18,25 @@ public class JcaSignerInfoGeneratorBuilder
 {
     private SignerInfoGeneratorBuilder builder;
 
+    /**
+     *  Base constructor.
+     *
+     * @param digestProvider  a provider of digest calculators for the algorithms required in the signature and attribute calculations.
+     */
     public JcaSignerInfoGeneratorBuilder(DigestCalculatorProvider digestProvider)
     {
-        builder = new SignerInfoGeneratorBuilder(digestProvider);
+        this(digestProvider, new DefaultCMSSignatureEncryptionAlgorithmFinder());
+    }
+
+    /**
+     * Base constructor with a particular finder for signature algorithms.
+     *
+     * @param digestProvider a provider of digest calculators for the algorithms required in the signature and attribute calculations.
+     * @param sigEncAlgFinder finder for algorithm IDs to store for the signature encryption/signature algorithm field.
+     */
+    public JcaSignerInfoGeneratorBuilder(DigestCalculatorProvider digestProvider, CMSSignatureEncryptionAlgorithmFinder sigEncAlgFinder)
+    {
+        builder = new SignerInfoGeneratorBuilder(digestProvider, sigEncAlgFinder);
     }
 
     /**
author	Sergio Giro <sgiro@google.com>	2017-01-04 18:16:22 +0000
committer	Sergio Giro <sgiro@google.com>	2017-01-19 19:49:45 +0000
commit	7dad97b63c47edea4e3afb374dcd00c7b7a1bdd4 (patch)
tree	8ebc72ead6f9a80938fdba92e217da96ee451037 /bcpkix/src/main/java/org/bouncycastle/cms
parent	fba1a1dba277746d3be0667de9eb4b98494a1963 (diff)
parent	eaf604a467ff401cd0e0f74051ff5afa9e07359d (diff)
download	bouncycastle-7dad97b63c47edea4e3afb374dcd00c7b7a1bdd4.tar.gz