Bouncy Castle: Add support for PBES2 encrypted KeyStores.

Adds a private sub-Provider to BouncyCastleProvider which allows BC's PKCS12 implementation to conintue using its own implementations of some Macs and Ciphers which support PBES2. These implementions are not exposed to apps and are only used from BC internals. Bug: 230750823 Test: atest CtsLibcoreTestCases:tests.targets.security.KeyStorePkcs7FormatTest Change-Id: Ic505d0259d16cdc66f9776e818efa20ed97aa32b
author: Pete Bentley <prb@google.com> 2023-01-09 15:21:28 +0000
committer: Pete Bentley <prb@google.com> 2023-01-09 17:48:21 +0000
commit: 4fae1c6cb82e4b3e7d51e38ce0e3d7a4f22a0939 (patch)
tree: 65260259418173beabcb7083eda429d52ee967b6 /repackaged/bcprov/src/main
parent: df7def18766fefe820438604d92fc5142a9a6a49 (diff)
download: bouncycastle-4fae1c6cb82e4b3e7d51e38ce0e3d7a4f22a0939.tar.gz
10 files changed, 126 insertions, 13 deletions
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ConfigurableProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ConfigurableProvider.java
index da69af72..d6dc21ea 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ConfigurableProvider.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ConfigurableProvider.java
@@ -56,4 +56,11 @@ public interface ConfigurableProvider
     AsymmetricKeyInfoConverter getKeyInfoConverter(ASN1ObjectIdentifier oid);
 
     void addAttributes(String key, Map<String, String> attributeMap);
+
+    // BEGIN Android-added: Allow algorithms to be added privately.
+    // See BouncyCastleProvider for details.
+    void addPrivateAlgorithm(String key, String value);
+
+    void addPrivateAlgorithm(String type, ASN1ObjectIdentifier oid, String className);
+    // END Android-added: Allow algorithms to be added privately.
 }
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA224.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA224.java
index e9f436a8..ff4fde85 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA224.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA224.java
@@ -92,6 +92,8 @@ public class SHA224
             addHMACAlias(provider, "SHA224", PKCSObjectIdentifiers.id_hmacWithSHA224);
             */
             // END Android-removed: Unsupported algorithms
+            // Android-added: Private implementation needed to support PBKDF2 with PKCS#12
+            provider.addPrivateAlgorithm("Mac", NISTObjectIdentifiers.id_sha224, PREFIX + "$HashMac");
         }
     }
 }
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA256.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA256.java
index 706d4ab3..a4e8a762 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA256.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA256.java
@@ -115,6 +115,8 @@ public class SHA256
             addHMACAlias(provider, "SHA256", NISTObjectIdentifiers.id_sha256);
             */
             // END Android-removed: Unsupported algorithms
+            // Android-added: Private implementation needed to support PBKDF2 with PKCS#12
+            provider.addPrivateAlgorithm("Mac", NISTObjectIdentifiers.id_sha256, PREFIX + "$HashMac");
         }
     }
 }
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA384.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA384.java
index b7d97164..7ff261e0 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA384.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA384.java
@@ -109,6 +109,8 @@ public class SHA384
             addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384);
             */
             // END Android-removed: Unsupported algorithms
+            // Android-added: Private implementation needed to support PBKDF2 with PKCS#12
+            provider.addPrivateAlgorithm("Mac", NISTObjectIdentifiers.id_sha384, PREFIX + "$HashMac");
         }
     }
 }
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA512.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA512.java
index dbd513c7..cdc70186 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA512.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA512.java
@@ -207,6 +207,8 @@ public class SHA512
             addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256",  PREFIX + "$KeyGeneratorT256");
             */
             // END Android-removed: Unsupported algorithms
+            // Android-added: Private implementation needed to support PBKDF2 with PKCS#12
+            provider.addPrivateAlgorithm("Mac", NISTObjectIdentifiers.id_sha512, PREFIX + "$HashMac");
         }
     }
 
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index fb5f2fdd..06fbb963 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
@@ -120,9 +120,12 @@ public class PKCS12KeyStoreSpi
 {
     static final String PKCS12_MAX_IT_COUNT_PROPERTY = "com.android.org.bouncycastle.pkcs12.max_it_count";
 
-    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Android-changed: Use default provider for most JCA algorithms instead of BC.
+    // For the case where we need BC implementations, the BCJcaJceHelper will also search
+    // the list of private implementations help by BouncyCastleProvider.
     // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
     private final JcaJceHelper helper = new DefaultJcaJceHelper();
+    private final JcaJceHelper selfHelper = new BCJcaJceHelper();
 
     private static final int SALT_SIZE = 20;
     private static final int MIN_ITERATIONS = 50 * 1024;
@@ -731,7 +734,9 @@ public class PKCS12KeyStoreSpi
         PBKDF2Params func = PBKDF2Params.getInstance(alg.getKeyDerivationFunc().getParameters());
         AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
 
-        SecretKeyFactory keyFact = helper.createSecretKeyFactory(alg.getKeyDerivationFunc().getAlgorithm().getId());
+        // Android-Changed: SecretKeyFactory must be from BC due to instanceof logic.
+        // SecretKeyFactory keyFact = helper.createSecretKeyFactory(alg.getKeyDerivationFunc().getAlgorithm().getId());
+        SecretKeyFactory keyFact = selfHelper.createSecretKeyFactory(alg.getKeyDerivationFunc().getAlgorithm().getId());
         SecretKey key;
 
         if (func.isDefaultPrf())
@@ -743,7 +748,9 @@ public class PKCS12KeyStoreSpi
             key = keyFact.generateSecret(new PBKDF2KeySpec(password, func.getSalt(), validateIterationCount(func.getIterationCount()), keySizeProvider.getKeySize(encScheme), func.getPrf()));
         }
 
-        Cipher cipher = Cipher.getInstance(alg.getEncryptionScheme().getAlgorithm().getId());
+        // Android-Changed: Cipher must be from BC due to use of internal PKCS12Key tyoe.
+        // Cipher cipher = Cipher.getInstance(alg.getEncryptionScheme().getAlgorithm().getId());
+        Cipher cipher = selfHelper.createCipher(alg.getEncryptionScheme().getAlgorithm().getId());
 
         ASN1Encodable encParams = alg.getEncryptionScheme().getParameters();
         if (encParams instanceof ASN1OctetString)
@@ -1785,7 +1792,9 @@ public class PKCS12KeyStoreSpi
     {
         PBEParameterSpec defParams = new PBEParameterSpec(salt, itCount);
 
-        Mac mac = helper.createMac(oid.getId());
+        // Android-Changed: Mac must be from BC due to use of internal PKCS12Key tyoe.
+        // Mac mac = helper.createMac(oid.getId());
+        Mac mac = selfHelper.createMac(oid.getId());
         mac.init(new PKCS12Key(password, wrongPkcs12Zero), defParams);
         mac.update(data);
 
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/AES.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/AES.java
index 9e2a493d..9684f351 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/AES.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/AES.java
@@ -1146,6 +1146,11 @@ public final class AES
             // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
             // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
             // END Android-removed: Unsupported algorithms
+
+            // Android-added: Private implementations needed to support PBKDF2 with PKCS#12
+            provider.addPrivateAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC");
+            provider.addPrivateAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC");
+            provider.addPrivateAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC");
         }
     }
 }
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
index 2109104c..15880ad9 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
@@ -44,14 +44,14 @@ public class PBEPBKDF2
 
     static
     {
-        // BEGIN Android-removed: Unsupported algorithm
-        /*
-        prfCodes.put(CryptoProObjectIdentifiers.gostR3411Hmac, Integers.valueOf(PBE.GOST3411));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA1, Integers.valueOf(PBE.SHA1));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA256, Integers.valueOf(PBE.SHA256));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA224, Integers.valueOf(PBE.SHA224));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA384, Integers.valueOf(PBE.SHA384));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA512, Integers.valueOf(PBE.SHA512));
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        prfCodes.put(CryptoProObjectIdentifiers.gostR3411Hmac, Integers.valueOf(PBE.GOST3411));
         prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, Integers.valueOf(PBE.SHA3_256));
         prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, Integers.valueOf(PBE.SHA3_224));
         prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, Integers.valueOf(PBE.SHA3_384));
@@ -66,8 +66,9 @@ public class PBEPBKDF2
 
     }
 
-    // BEGIN Android-removed: Unsupported algorithms
-    /*
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
     public static class AlgParams
         extends BaseAlgorithmParameters
     {
@@ -150,8 +151,6 @@ public class PBEPBKDF2
             return "PBKDF2 Parameters";
         }
     }
-    */
-    // END Android-removed: Unsupported algorithms
 
     /**
      * @hide This class is not part of the Android public SDK API
@@ -280,8 +279,9 @@ public class PBEPBKDF2
         }
     }
 
-    // BEGIN Android-removed: Unsupported algorithms
-    /*
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
     public static class PBKDF2withUTF8
         extends BasePBKDF2
     {
@@ -291,6 +291,8 @@ public class PBEPBKDF2
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class PBKDF2withSHA224
         extends BasePBKDF2
     {
@@ -687,6 +689,9 @@ public class PBEPBKDF2
             provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA512AndAES_256", PREFIX + "$PBEWithHmacSHA512AndAES_256");
             provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1And8BIT", PREFIX + "$PBKDF2WithHmacSHA18BIT");
             // END Android-added: Android versions of algorithms.
+            // Android-added: Private implementations needed to support PBKDF2 with PKCS#12
+            provider.addPrivateAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8");
+            provider.addPrivateAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.5.12", "PBKDF2");
         }
     }
 }
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/BCJcaJceHelper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/BCJcaJceHelper.java
index 65523d84..b444878f 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/BCJcaJceHelper.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/BCJcaJceHelper.java
@@ -1,9 +1,14 @@
 /* GENERATED SOURCE. DO NOT MODIFY. */
 package com.android.org.bouncycastle.jcajce.util;
 
+import java.security.NoSuchAlgorithmException;
 import java.security.Provider;
 import java.security.Security;
 
+import javax.crypto.Cipher;
+import javax.crypto.Mac;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKeyFactory;
 import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
 
 /**
@@ -40,4 +45,45 @@ public class BCJcaJceHelper
     {
         super(getBouncyCastleProvider());
     }
+
+    // BEGIN Android-added: Look up algorithms in private provider if not found in main Provider.
+    //
+    // If code is using a BCJcajceHelper to ensure it gets its implementation from BC, then
+    // also search in the privately provided algorithms if not found in the main set.
+    @Override
+    public Cipher createCipher(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchPaddingException {
+        try {
+            return super.createCipher(algorithm);
+        } catch (NoSuchAlgorithmException e) {
+            return Cipher.getInstance(algorithm, getPrivateProvider());
+        }
+    }
+
+    @Override
+    public SecretKeyFactory createSecretKeyFactory(String algorithm)
+        throws NoSuchAlgorithmException {
+        try {
+            return super.createSecretKeyFactory(algorithm);
+        } catch (NoSuchAlgorithmException e) {
+            return SecretKeyFactory.getInstance(algorithm, getPrivateProvider());
+        }
+    }
+
+    @Override
+    public Mac createMac(String algorithm) throws NoSuchAlgorithmException {
+        try {
+            return super.createMac(algorithm);
+        } catch (NoSuchAlgorithmException e) {
+            return Mac.getInstance(algorithm, getPrivateProvider());
+        }
+    }
+
+    private Provider getPrivateProvider() {
+        if (provider instanceof BouncyCastleProvider) {
+            return ((BouncyCastleProvider) provider).getPrivateProvider();
+        }
+        throw new IllegalStateException(); // XXX
+    }
+    // END Android-added: Look up algorithms in private provider if not found in main Provider.
 }
diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProvider.java
index 61383ce7..798bb8ed 100644
--- a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProvider.java
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProvider.java
@@ -429,4 +429,37 @@ public final class BouncyCastleProvider extends Provider
         return converter.generatePrivate(privateKeyInfo);
         */
     }
+
+    // BEGIN Android-added: Allow algorithms to be provided privately for BC internals.
+    //
+    // Algorithms added via these methods are stored in a private instance of PrivateProvider,
+    // which is never added to the system-wide list of installed Providers, and is only
+    // ever searched by BC internal classes which search for algorithms using an instance
+    // of BCJcajceHelper.
+    private static final class PrivateProvider extends Provider {
+        public PrivateProvider() {
+            super("BCPrivate", 1.0, "Android BC private use only");
+        }
+    }
+
+    private final Provider privateProvider = new PrivateProvider();
+
+    public void addPrivateAlgorithm(String key, String value)
+    {
+        if (privateProvider.containsKey(key))
+        {
+            throw new IllegalStateException("duplicate provider key (" + key + ") found");
+        }
+        privateProvider.put(key, value);
+    }
+
+    public void addPrivateAlgorithm(String type, ASN1ObjectIdentifier oid, String className)
+    {
+        addPrivateAlgorithm(type + "." + oid, className);
+    }
+
+    public Provider getPrivateProvider() {
+        return privateProvider;
+    }
+    // END Android-added: Allow algorithms to be provided privately for BC internals.
 }
author	Pete Bentley <prb@google.com>	2023-01-09 15:21:28 +0000
committer	Pete Bentley <prb@google.com>	2023-01-09 17:48:21 +0000
commit	4fae1c6cb82e4b3e7d51e38ce0e3d7a4f22a0939 (patch)
tree	65260259418173beabcb7083eda429d52ee967b6 /repackaged/bcprov/src/main
parent	df7def18766fefe820438604d92fc5142a9a6a49 (diff)
download	bouncycastle-4fae1c6cb82e4b3e7d51e38ce0e3d7a4f22a0939.tar.gz