From 5c39dfb0425106172f6ee6d5f38083d3ec2f266d Mon Sep 17 00:00:00 2001 From: Sergio Giro Date: Wed, 5 Oct 2016 18:44:05 +0100 Subject: external/bouncycastle: add algorithms for PbeWithHmacSha mac variants Bug: 29631070 Test: run CtsLibcoreTestCases Change-Id: I5fd344c1de7c687585bc65a582e468501ee9154d --- .../bouncycastle/jcajce/provider/digest/SHA1.java | 156 ++++++++++++++++++++- .../jcajce/provider/symmetric/util/PBE.java | 32 +++++ 2 files changed, 183 insertions(+), 5 deletions(-) (limited to 'bcprov/src/main') diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java index 1fdadc24..7e26156b 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA1.java @@ -12,6 +12,12 @@ import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.crypto.CipherKeyGenerator; import org.bouncycastle.crypto.CipherParameters; import org.bouncycastle.crypto.digests.SHA1Digest; +// BEGIN ANDROID-ADDED +import org.bouncycastle.crypto.digests.SHA224Digest; +import org.bouncycastle.crypto.digests.SHA256Digest; +import org.bouncycastle.crypto.digests.SHA384Digest; +import org.bouncycastle.crypto.digests.SHA512Digest; +// END ANDROID-ADDED import org.bouncycastle.crypto.macs.HMac; import org.bouncycastle.jcajce.provider.config.ConfigurableProvider; import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey; @@ -80,6 +86,44 @@ public class SHA1 } } + // BEGIN ANDROID-ADDED + public static class SHA224Mac + extends BaseMac + { + public SHA224Mac() + { + super(new HMac(new SHA224Digest())); + } + } + + public static class SHA256Mac + extends BaseMac + { + public SHA256Mac() + { + super(new HMac(new SHA256Digest())); + } + } + + public static class SHA384Mac + extends BaseMac + { + public SHA384Mac() + { + super(new HMac(new SHA384Digest())); + } + } + + public static class SHA512Mac + extends BaseMac + { + public SHA512Mac() + { + super(new HMac(new SHA512Digest())); + } + } + // END ANDROID-ADDED + /** * PBEWithHmacSHA */ @@ -92,17 +136,28 @@ public class SHA1 } } - - public static class BasePBKDF2WithHmacSHA1 + // BEGIN ANDROID-CHANGED + // Was: public static class BasePBKDF2WithHmacSHA1 + private static class BasePBKDF2WithHmacSHA_Variant + // END ANDROID-CHANGED extends BaseSecretKeyFactory { private int scheme; - - public BasePBKDF2WithHmacSHA1(String name, int scheme) + // BEGIN ANDROID-ADDED + private int digest; + // END ANDROID-ADDED + + // BEGIN ANDROID-CHANGED + // Was: public static class BasePBKDF2WithHmacSHA1 + private BasePBKDF2WithHmacSHA_Variant(String name, int scheme, int digest) + // END ANDROID-CHANGED { super(name, PKCSObjectIdentifiers.id_PBKDF2); this.scheme = scheme; + // BEGIN ANDROID-ADDED + this.digest = digest; + // BEGIN ANDROID-ADDED } protected SecretKey engineGenerateSecret( @@ -135,7 +190,9 @@ public class SHA1 throw new IllegalArgumentException("password empty"); } - int digest = SHA1; + // BEGIN android-removed + // int digest = SHA1; + // END android-removed int keySize = pbeSpec.getKeyLength(); int ivSize = -1; // JDK 1,2 and earlier does not understand simplified version. CipherParameters param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize); @@ -147,6 +204,15 @@ public class SHA1 } } + // BEGIN android-added + public static class BasePBKDF2WithHmacSHA1 extends BasePBKDF2WithHmacSHA_Variant { + public BasePBKDF2WithHmacSHA1(String name, int scheme) + { + super(name, scheme, SHA1); + } + } + // END android-added + public static class PBKDF2WithHmacSHA1UTF8 extends BasePBKDF2WithHmacSHA1 { @@ -165,6 +231,74 @@ public class SHA1 } } + // BEGIN ANDROID-ADDED + public static class BasePBKDF2WithHmacSHA224 extends BasePBKDF2WithHmacSHA_Variant { + public BasePBKDF2WithHmacSHA224(String name, int scheme) + { + super(name, scheme, SHA224); + } + } + + public static class PBKDF2WithHmacSHA224UTF8 + extends BasePBKDF2WithHmacSHA224 + { + public PBKDF2WithHmacSHA224UTF8() + { + super("PBKDF2WithHmacSHA224", PKCS5S2_UTF8); + } + } + + public static class BasePBKDF2WithHmacSHA256 extends BasePBKDF2WithHmacSHA_Variant { + public BasePBKDF2WithHmacSHA256(String name, int scheme) + { + super(name, scheme, SHA256); + } + } + + public static class PBKDF2WithHmacSHA256UTF8 + extends BasePBKDF2WithHmacSHA256 + { + public PBKDF2WithHmacSHA256UTF8() + { + super("PBKDF2WithHmacSHA256", PKCS5S2_UTF8); + } + } + + + public static class BasePBKDF2WithHmacSHA384 extends BasePBKDF2WithHmacSHA_Variant { + public BasePBKDF2WithHmacSHA384(String name, int scheme) + { + super(name, scheme, SHA384); + } + } + + public static class PBKDF2WithHmacSHA384UTF8 + extends BasePBKDF2WithHmacSHA384 + { + public PBKDF2WithHmacSHA384UTF8() + { + super("PBKDF2WithHmacSHA384", PKCS5S2_UTF8); + } + } + + public static class BasePBKDF2WithHmacSHA512 extends BasePBKDF2WithHmacSHA_Variant { + public BasePBKDF2WithHmacSHA512(String name, int scheme) + { + super(name, scheme, SHA512); + } + } + + public static class PBKDF2WithHmacSHA512UTF8 + extends BasePBKDF2WithHmacSHA512 + { + public PBKDF2WithHmacSHA512UTF8() + { + super("PBKDF2WithHmacSHA512", PKCS5S2_UTF8); + } + } + // END ANDROID-ADDED + + public static class Mappings extends DigestAlgorithmProvider { @@ -187,12 +321,24 @@ public class SHA1 provider.addAlgorithm("Mac.PBEWITHHMACSHA", PREFIX + "$SHA1Mac"); provider.addAlgorithm("Mac.PBEWITHHMACSHA1", PREFIX + "$SHA1Mac"); + // BEGIN android-added + provider.addAlgorithm("Mac.PBEWITHHMACSHA224", PREFIX + "$SHA224Mac"); + provider.addAlgorithm("Mac.PBEWITHHMACSHA256", PREFIX + "$SHA256Mac"); + provider.addAlgorithm("Mac.PBEWITHHMACSHA384", PREFIX + "$SHA384Mac"); + provider.addAlgorithm("Mac.PBEWITHHMACSHA512", PREFIX + "$SHA512Mac"); + // END android-added provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA", "PBEWITHHMACSHA1"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + OIWObjectIdentifiers.idSHA1, "PBEWITHHMACSHA1"); provider.addAlgorithm("Alg.Alias.Mac." + OIWObjectIdentifiers.idSHA1, "PBEWITHHMACSHA"); provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA1", PREFIX + "$PBEWithMacKeyFactory"); provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1", PREFIX + "$PBKDF2WithHmacSHA1UTF8"); + // BEGIN android-added + provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA224", PREFIX + "$PBKDF2WithHmacSHA224UTF8"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA256", PREFIX + "$PBKDF2WithHmacSHA256UTF8"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA384", PREFIX + "$PBKDF2WithHmacSHA384UTF8"); + provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA512", PREFIX + "$PBKDF2WithHmacSHA512UTF8"); + // END android-added provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WithHmacSHA1AndUTF8", "PBKDF2WithHmacSHA1"); provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1And8BIT", PREFIX + "$PBKDF2WithHmacSHA18BIT"); provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2withASCII", "PBKDF2WithHmacSHA1And8BIT"); diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java index 8fead80a..d81ad32d 100644 --- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java +++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java @@ -52,6 +52,12 @@ public interface PBE static final int OPENSSL = 3; static final int PKCS5S1_UTF8 = 4; static final int PKCS5S2_UTF8 = 5; + // BEGIN android-added + static final int SHA224 = 6; + static final int SHA384 = 7; + static final int SHA512 = 8; + // END android-added + /** * uses the appropriate mixer to generate the key and IV if necessary. @@ -114,11 +120,24 @@ public interface PBE // generator = new PKCS5S2ParametersGenerator(new TigerDigest()); // break; // END android-removed + // BEGIN android-added + case SHA224: + generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA224()); + break; + // END android-added case SHA256: // BEGIN android-changed generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256()); // END android-changed break; + // BEGIN android-added + case SHA384: + generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA384()); + break; + case SHA512: + generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA512()); + break; + // END android-added // BEGIN android-removed // case GOST3411: // generator = new PKCS5S2ParametersGenerator(new GOST3411Digest()); @@ -155,11 +174,24 @@ public interface PBE // generator = new PKCS12ParametersGenerator(new TigerDigest()); // break; // END android-removed + // BEGIN android-added + case SHA224: + generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA224()); + break; + // END android-added case SHA256: // BEGIN android-changed generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256()); // END android-changed break; + // BEGIN android-added + case SHA384: + generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA384()); + break; + case SHA512: + generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA512()); + break; + // END android-added // BEGIN android-removed // case GOST3411: // generator = new PKCS12ParametersGenerator(new GOST3411Digest()); -- cgit v1.2.3