diff options
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa')
3 files changed, 100 insertions, 41 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java index de5a9aa5..e60c36ae 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java @@ -19,6 +19,7 @@ import org.bouncycastle.asn1.pkcs.RSAESOAEPparams; import org.bouncycastle.asn1.pkcs.RSASSAPSSparams; import org.bouncycastle.asn1.x509.AlgorithmIdentifier; import org.bouncycastle.jcajce.provider.util.DigestFactory; +import org.bouncycastle.jcajce.util.MessageDigestUtils; public abstract class AlgorithmParametersSpi extends java.security.AlgorithmParametersSpi @@ -118,10 +119,15 @@ public abstract class AlgorithmParametersSpi { RSAESOAEPparams oaepP = RSAESOAEPparams.getInstance(params); + if (!oaepP.getMaskGenAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1)) + { + throw new IOException("unknown mask generation function: " + oaepP.getMaskGenAlgorithm().getAlgorithm()); + } + currentSpec = new OAEPParameterSpec( - oaepP.getHashAlgorithm().getAlgorithm().getId(), - oaepP.getMaskGenAlgorithm().getAlgorithm().getId(), - new MGF1ParameterSpec(AlgorithmIdentifier.getInstance(oaepP.getMaskGenAlgorithm().getParameters()).getAlgorithm().getId()), + MessageDigestUtils.getDigestName(oaepP.getHashAlgorithm().getAlgorithm()), + OAEPParameterSpec.DEFAULT.getMGFAlgorithm(), + new MGF1ParameterSpec(MessageDigestUtils.getDigestName(AlgorithmIdentifier.getInstance(oaepP.getMaskGenAlgorithm().getParameters()).getAlgorithm())), new PSource.PSpecified(ASN1OctetString.getInstance(oaepP.getPSourceAlgorithm().getParameters()).getOctets())); } catch (ClassCastException e) @@ -133,7 +139,7 @@ public abstract class AlgorithmParametersSpi throw new IOException("Not a valid OAEP Parameter encoding."); } } - + protected void engineInit( byte[] params, String format) @@ -225,10 +231,15 @@ public abstract class AlgorithmParametersSpi { RSASSAPSSparams pssP = RSASSAPSSparams.getInstance(params); + if (!pssP.getMaskGenAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1)) + { + throw new IOException("unknown mask generation function: " + pssP.getMaskGenAlgorithm().getAlgorithm()); + } + currentSpec = new PSSParameterSpec( - pssP.getHashAlgorithm().getAlgorithm().getId(), - pssP.getMaskGenAlgorithm().getAlgorithm().getId(), - new MGF1ParameterSpec(AlgorithmIdentifier.getInstance(pssP.getMaskGenAlgorithm().getParameters()).getAlgorithm().getId()), + MessageDigestUtils.getDigestName(pssP.getHashAlgorithm().getAlgorithm()), + PSSParameterSpec.DEFAULT.getMGFAlgorithm(), + new MGF1ParameterSpec(MessageDigestUtils.getDigestName(AlgorithmIdentifier.getInstance(pssP.getMaskGenAlgorithm().getParameters()).getAlgorithm())), pssP.getSaltLength().intValue(), pssP.getTrailerField().intValue()); } diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java index 81e50132..c98b764c 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java @@ -34,6 +34,7 @@ import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; import org.bouncycastle.crypto.params.ParametersWithRandom; import org.bouncycastle.jcajce.provider.asymmetric.util.BaseCipherSpi; +import org.bouncycastle.jcajce.provider.util.BadBlockException; import org.bouncycastle.jcajce.provider.util.DigestFactory; import org.bouncycastle.jcajce.util.BCJcaJceHelper; import org.bouncycastle.jcajce.util.JcaJceHelper; @@ -236,9 +237,27 @@ public class CipherSpi { initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT)); } + // BEGIN android-removed + // else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING")) + // { + // initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT)); + // } + // else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING")) + // { + // initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT)); + // } + // else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING")) + // { + // initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT)); + // } + // else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING")) + // { + // initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT)); + // } + // END android-removed else { - throw new NoSuchPaddingException(padding + " unavailable with RSA."); + throw new NoSuchPaddingException(padding + " unavailable with RSA."); } } @@ -308,7 +327,7 @@ public class CipherSpi { throw new InvalidAlgorithmParameterException("no match on MGF digest algorithm: "+ mgfParams.getDigestAlgorithm()); } - + cipher = new OAEPEncoding(new RSABlindedEngine(), digest, mgfDigest, ((PSource.PSpecified)spec.getPSource()).getValue()); } } @@ -466,18 +485,7 @@ public class CipherSpi } } - try - { - byte[] bytes = bOut.toByteArray(); - - bOut.reset(); - - return cipher.processBlock(bytes, 0, bytes.length); - } - catch (InvalidCipherTextException e) - { - throw new BadPaddingException(e.getMessage()); - } + return getOutput(); } protected int engineDoFinal( @@ -508,29 +516,37 @@ public class CipherSpi } } - byte[] out; + byte[] out = getOutput(); + for (int i = 0; i != out.length; i++) + { + output[outputOffset + i] = out[i]; + } + + return out.length; + } + + private byte[] getOutput() + throws BadPaddingException + { try { byte[] bytes = bOut.toByteArray(); - out = cipher.processBlock(bytes, 0, bytes.length); + return cipher.processBlock(bytes, 0, bytes.length); } catch (InvalidCipherTextException e) { - throw new BadPaddingException(e.getMessage()); + throw new BadBlockException("unable to decrypt block", e); } - finally + catch (ArrayIndexOutOfBoundsException e) { - bOut.reset(); + throw new BadBlockException("unable to decrypt block", e); } - - for (int i = 0; i != out.length; i++) + finally { - output[outputOffset + i] = out[i]; + bOut.reset(); } - - return out.length; } /** diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java index 9616a99b..1e4d854b 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java @@ -31,20 +31,16 @@ import org.bouncycastle.crypto.digests.AndroidDigestFactory; // BEGIN android-removed // import org.bouncycastle.crypto.digests.MD2Digest; // import org.bouncycastle.crypto.digests.MD4Digest; -// import org.bouncycastle.crypto.digests.MD5Digest; // import org.bouncycastle.crypto.digests.NullDigest; // import org.bouncycastle.crypto.digests.RIPEMD128Digest; // import org.bouncycastle.crypto.digests.RIPEMD160Digest; // import org.bouncycastle.crypto.digests.RIPEMD256Digest; -// import org.bouncycastle.crypto.digests.SHA1Digest; -// import org.bouncycastle.crypto.digests.SHA224Digest; -// import org.bouncycastle.crypto.digests.SHA256Digest; -// import org.bouncycastle.crypto.digests.SHA384Digest; -// import org.bouncycastle.crypto.digests.SHA512Digest; -// import org.bouncycastle.crypto.digests.SHA512tDigest; // END android-removed import org.bouncycastle.crypto.encodings.PKCS1Encoding; import org.bouncycastle.crypto.engines.RSABlindedEngine; +// BEGIN android-removed +// import org.bouncycastle.crypto.util.DigestFactory; +// END android-removed import org.bouncycastle.util.Arrays; public class DigestSignatureSpi @@ -318,7 +314,7 @@ public class DigestSignatureSpi // { // public SHA512_224() // { - // super(NISTObjectIdentifiers.id_sha512_224, new SHA512tDigest(224), new PKCS1Encoding(new RSABlindedEngine())); + // super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine())); // } // } @@ -327,7 +323,43 @@ public class DigestSignatureSpi // { // public SHA512_256() // { - // super(NISTObjectIdentifiers.id_sha512_256, new SHA512tDigest(256), new PKCS1Encoding(new RSABlindedEngine())); + // super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + + // static public class SHA3_224 + // extends DigestSignatureSpi + // { + // public SHA3_224() + // { + // super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + + // static public class SHA3_256 + // extends DigestSignatureSpi + // { + // public SHA3_256() + // { + // super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + + // static public class SHA3_384 + // extends DigestSignatureSpi + // { + // public SHA3_384() + // { + // super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine())); + // } + // } + + // static public class SHA3_512 + // extends DigestSignatureSpi + // { + // public SHA3_512() + // { + // super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine())); // } // } @@ -339,7 +371,7 @@ public class DigestSignatureSpi // super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine())); // } // } - // + // static public class MD4 // extends DigestSignatureSpi // { |