Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 6644acde 编写于 作者: V vinnie
浏览文件
操作

7194075: Various classes of sunec.jar are duplicated in rt.jar 

Reviewed-by: mullan, vinnie
Contributed-by: NStephen Flores <stephen.flores@oracle.com>
上级 733e7b93
展开全部 隐藏空白更改
内联 并排
Showing with 1263 addition and 956 deletion
make/sun/security/ec/Makefile
浏览文件 @ 6644acde
......@@ -124,15 +124,6 @@ CLASSDESTDIR = $(TEMPDIR)/classes
#
AUTO_FILES_JAVA_DIRS = $(PKGDIR)
#
# Exclude the sources that get built by ../other/Makefile
#
AUTO_JAVA_PRUNE = \
ECParameters.java \
ECPrivateKeyImpl.java \
ECPublicKeyImpl.java \
NamedCurve.java
#
# Some licensees do not get the native ECC sources, but we still need to
# be able to build "all" for them. Check here to see if the sources are
......
make/sun/security/other/Makefile
浏览文件 @ 6644acde
......@@ -49,15 +49,6 @@ AUTO_FILES_JAVA_DIRS = \
sun/security/x509 \
com/sun/net/ssl/internal/ssl
#
# EC classes used by the packages above
#
FILES_java += \
sun/security/ec/ECParameters.java \
sun/security/ec/ECPrivateKeyImpl.java \
sun/security/ec/ECPublicKeyImpl.java \
sun/security/ec/NamedCurve.java
#
# Rules
#
......
makefiles/CreateJars.gmk
浏览文件 @ 6644acde
......@@ -217,19 +217,7 @@ RT_JAR_EXCLUDES += \
sun/net/spi/nameservice/dns \
sun/nio/cs/ext \
sun/rmi/rmic \
sun/security/ec/ECDHKeyAgreement.class \
sun/security/ec/ECDSASignature.class \
sun/security/ec/ECDSASignature\$$$$Raw.class \
sun/security/ec/ECDSASignature\$$$$SHA1.class \
sun/security/ec/ECDSASignature\$$$$SHA224.class \
sun/security/ec/ECDSASignature\$$$$SHA256.class \
sun/security/ec/ECDSASignature\$$$$SHA384.class \
sun/security/ec/ECDSASignature\$$$$SHA512.class \
sun/security/ec/ECKeyFactory.class \
sun/security/ec/ECKeyPairGenerator.class \
sun/security/ec/SunEC\$$$$1.class \
sun/security/ec/SunEC.class \
sun/security/ec/SunECEntries.class \
sun/security/ec \
sun/security/internal \
sun/security/mscapi \
sun/security/pkcs11 \
......
src/share/classes/sun/security/ec/CurveDB.java 0 → 100644
浏览文件 @ 6644acde
此差异已折叠。
src/share/classes/sun/security/ec/ECDHKeyAgreement.java
浏览文件 @ 6644acde
......@@ -32,6 +32,8 @@ import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import sun.security.util.ECUtil;
/**
* KeyAgreement implementation for ECDH.
*
......@@ -104,7 +106,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
publicValue = ((ECPublicKeyImpl)ecKey).getEncodedPublicValue();
} else { // instanceof ECPublicKey
publicValue =
ECParameters.encodePoint(ecKey.getW(), params.getCurve());
ECUtil.encodePoint(ecKey.getW(), params.getCurve());
}
int keyLenBits = params.getCurve().getField().getFieldSize();
secretLen = (keyLenBits + 7) >> 3;
......@@ -120,8 +122,8 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
}
byte[] s = privateKey.getS().toByteArray();
byte[] encodedParams =
ECParameters.encodeParameters(privateKey.getParams()); // DER OID
byte[] encodedParams = // DER OID
ECUtil.encodeECParameterSpec(null, privateKey.getParams());
try {
......
src/share/classes/sun/security/ec/ECDSASignature.java
浏览文件 @ 6644acde
......@@ -275,7 +275,8 @@ abstract class ECDSASignature extends SignatureSpi {
protected byte[] engineSign() throws SignatureException {
byte[] s = privateKey.getS().toByteArray();
ECParameterSpec params = privateKey.getParams();
byte[] encodedParams = ECParameters.encodeParameters(params); // DER OID
// DER OID
byte[] encodedParams = ECUtil.encodeECParameterSpec(null, params);
int keySize = params.getCurve().getField().getFieldSize();
// seed is twice the key size (in bytes) plus 1
......@@ -301,12 +302,13 @@ abstract class ECDSASignature extends SignatureSpi {
byte[] w;
ECParameterSpec params = publicKey.getParams();
byte[] encodedParams = ECParameters.encodeParameters(params); // DER OID
// DER OID
byte[] encodedParams = ECUtil.encodeECParameterSpec(null, params);
if (publicKey instanceof ECPublicKeyImpl) {
w = ((ECPublicKeyImpl)publicKey).getEncodedPublicValue();
} else { // instanceof ECPublicKey
w = ECParameters.encodePoint(publicKey.getW(), params.getCurve());
w = ECUtil.encodePoint(publicKey.getW(), params.getCurve());
}
try {
......
src/share/classes/sun/security/ec/ECKeyPairGenerator.java
浏览文件 @ 6644acde
/*
* Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -37,6 +37,7 @@ import sun.security.ec.ECParameters;
import sun.security.ec.ECPrivateKeyImpl;
import sun.security.ec.ECPublicKeyImpl;
import sun.security.jca.JCAUtil;
import sun.security.util.ECUtil;
/**
* EC keypair generator.
......@@ -72,7 +73,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
public void initialize(int keySize, SecureRandom random) {
checkKeySize(keySize);
this.params = NamedCurve.getECParameterSpec(keySize);
this.params = ECUtil.getECParameterSpec(null, keySize);
if (params == null) {
throw new InvalidParameterException(
"No EC parameters available for key size " + keySize + " bits");
......@@ -86,14 +87,15 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
throws InvalidAlgorithmParameterException {
if (params instanceof ECParameterSpec) {
this.params = ECParameters.getNamedCurve((ECParameterSpec)params);
this.params = ECUtil.getECParameterSpec(null,
(ECParameterSpec)params);
if (this.params == null) {
throw new InvalidAlgorithmParameterException(
"Unsupported curve: " + params);
}
} else if (params instanceof ECGenParameterSpec) {
String name = ((ECGenParameterSpec)params).getName();
this.params = NamedCurve.getECParameterSpec(name);
this.params = ECUtil.getECParameterSpec(null, name);
if (this.params == null) {
throw new InvalidAlgorithmParameterException(
"Unknown curve name: " + name);
......@@ -112,7 +114,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
public KeyPair generateKeyPair() {
byte[] encodedParams =
ECParameters.encodeParameters((ECParameterSpec)params);
ECUtil.encodeECParameterSpec(null, (ECParameterSpec)params);
// seed is twice the key size (in bytes) plus 1
byte[] seed = new byte[(((keySize + 7) >> 3) + 1) * 2];
......@@ -135,7 +137,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
new ECPrivateKeyImpl(s, (ECParameterSpec)params);
// handles[1] points to the native public key
ECPoint w = ECParameters.decodePoint(getEncodedBytes(handles[1]),
ECPoint w = ECUtil.decodePoint(getEncodedBytes(handles[1]),
((ECParameterSpec)params).getCurve());
PublicKey publicKey =
new ECPublicKeyImpl(w, (ECParameterSpec)params);
......
src/share/classes/sun/security/ec/ECParameters.java
浏览文件 @ 6644acde
......@@ -26,7 +26,6 @@
package sun.security.ec;
import java.io.IOException;
import java.math.BigInteger;
import java.security.*;
import java.security.spec.*;
......@@ -77,128 +76,75 @@ import sun.security.util.*;
*/
public final class ECParameters extends AlgorithmParametersSpi {
// used by ECPublicKeyImpl and ECPrivateKeyImpl
static AlgorithmParameters getAlgorithmParameters(ECParameterSpec spec)
throws InvalidKeyException {
try {
AlgorithmParameters params =
AlgorithmParameters.getInstance("EC", "SunEC");
params.init(spec);
return params;
} catch (GeneralSecurityException e) {
throw new InvalidKeyException("EC parameters error", e);
}
}
/*
* The parameters these AlgorithmParameters object represents.
* Currently, it is always an instance of NamedCurve.
*/
private NamedCurve namedCurve;
// A public constructor is required by AlgorithmParameters class.
public ECParameters() {
// empty
}
// Used by SunPKCS11 and SunJSSE.
public static ECPoint decodePoint(byte[] data, EllipticCurve curve)
throws IOException {
if ((data.length == 0) || (data[0] != 4)) {
throw new IOException("Only uncompressed point format supported");
}
// Per ANSI X9.62, an encoded point is a 1 byte type followed by
// ceiling(log base 2 field-size / 8) bytes of x and the same of y.
int n = (data.length - 1) / 2;
if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {
throw new IOException("Point does not match field size");
}
byte[] xb = new byte[n];
byte[] yb = new byte[n];
System.arraycopy(data, 1, xb, 0, n);
System.arraycopy(data, n + 1, yb, 0, n);
return new ECPoint(new BigInteger(1, xb), new BigInteger(1, yb));
}
// AlgorithmParameterSpi methods
// Used by SunPKCS11 and SunJSSE.
public static byte[] encodePoint(ECPoint point, EllipticCurve curve) {
// get field size in bytes (rounding up)
int n = (curve.getField().getFieldSize() + 7) >> 3;
byte[] xb = trimZeroes(point.getAffineX().toByteArray());
byte[] yb = trimZeroes(point.getAffineY().toByteArray());
if ((xb.length > n) || (yb.length > n)) {
throw new RuntimeException
("Point coordinates do not match field size");
}
byte[] b = new byte[1 + (n << 1)];
b[0] = 4; // uncompressed
System.arraycopy(xb, 0, b, n - xb.length + 1, xb.length);
System.arraycopy(yb, 0, b, b.length - yb.length, yb.length);
return b;
}
protected void engineInit(AlgorithmParameterSpec paramSpec)
throws InvalidParameterSpecException {
// Copied from the SunPKCS11 code - should be moved to a common location.
// trim leading (most significant) zeroes from the result
static byte[] trimZeroes(byte[] b) {
int i = 0;
while ((i < b.length - 1) && (b[i] == 0)) {
i++;
}
if (i == 0) {
return b;
if (paramSpec == null) {
throw new InvalidParameterSpecException
("paramSpec must not be null");
}
byte[] t = new byte[b.length - i];
System.arraycopy(b, i, t, 0, t.length);
return t;
}
// Convert the given ECParameterSpec object to a NamedCurve object.
// If params does not represent a known named curve, return null.
// Used by SunPKCS11.
public static NamedCurve getNamedCurve(ECParameterSpec params) {
if ((params instanceof NamedCurve) || (params == null)) {
return (NamedCurve)params;
if (paramSpec instanceof NamedCurve) {
namedCurve = (NamedCurve)paramSpec;
return;
}
// This is a hack to allow SunJSSE to work with 3rd party crypto
// providers for ECC and not just SunPKCS11.
// This can go away once we decide how to expose curve names in the
// public API.
// Note that it assumes that the 3rd party provider encodes named
// curves using the short form, not explicitly. If it did that, then
// the SunJSSE TLS ECC extensions are wrong, which could lead to
// interoperability problems.
int fieldSize = params.getCurve().getField().getFieldSize();
for (ECParameterSpec namedCurve : NamedCurve.knownECParameterSpecs()) {
// ECParameterSpec does not define equals, so check all the
// components ourselves.
// Quick field size check first
if (namedCurve.getCurve().getField().getFieldSize() != fieldSize) {
continue;
}
if (namedCurve.getCurve().equals(params.getCurve()) == false) {
continue;
}
if (namedCurve.getGenerator().equals(params.getGenerator()) == false) {
continue;
}
if (namedCurve.getOrder().equals(params.getOrder()) == false) {
continue;
}
if (namedCurve.getCofactor() != params.getCofactor()) {
continue;
}
// everything matches our named curve, return it
return (NamedCurve)namedCurve;
}
// no match found
return null;
}
// Used by SunJSSE.
public static String getCurveName(ECParameterSpec params) {
NamedCurve curve = getNamedCurve(params);
return (curve == null) ? null : curve.getObjectIdentifier().toString();
}
if (paramSpec instanceof ECParameterSpec) {
namedCurve = CurveDB.lookup((ECParameterSpec)paramSpec);
} else if (paramSpec instanceof ECGenParameterSpec) {
String name = ((ECGenParameterSpec)paramSpec).getName();
namedCurve = CurveDB.lookup(name);
} else if (paramSpec instanceof ECKeySizeParameterSpec) {
int keySize = ((ECKeySizeParameterSpec)paramSpec).getKeySize();
namedCurve = CurveDB.lookup(keySize);
} else {
throw new InvalidParameterSpecException
("Only ECParameterSpec and ECGenParameterSpec supported");
}
// Used by SunPKCS11.
public static byte[] encodeParameters(ECParameterSpec params) {
NamedCurve curve = getNamedCurve(params);
if (curve == null) {
throw new RuntimeException("Not a known named curve: " + params);
if (namedCurve == null) {
throw new InvalidParameterSpecException(
"Not a supported curve: " + paramSpec);
}
return curve.getEncoded();
}
// Used by SunPKCS11.
public static ECParameterSpec decodeParameters(byte[] params) throws IOException {
protected void engineInit(byte[] params) throws IOException {
DerValue encodedParams = new DerValue(params);
if (encodedParams.tag == DerValue.tag_ObjectId) {
ObjectIdentifier oid = encodedParams.getOID();
ECParameterSpec spec = NamedCurve.getECParameterSpec(oid);
NamedCurve spec = CurveDB.lookup(oid.toString());
if (spec == null) {
throw new IOException("Unknown named curve: " + oid);
}
return spec;
namedCurve = spec;
return;
}
throw new IOException("Only named ECParameters supported");
......@@ -208,7 +154,8 @@ public final class ECParameters extends AlgorithmParametersSpi {
/*
if (encodedParams.tag != DerValue.tag_Sequence) {
throw new IOException("Unsupported EC parameters, tag: " + encodedParams.tag);
throw new IOException("Unsupported EC parameters, tag: " +
encodedParams.tag);
}
encodedParams.data.reset();
......@@ -217,7 +164,8 @@ public final class ECParameters extends AlgorithmParametersSpi {
int version = in.getInteger();
if (version != 1) {
throw new IOException("Unsupported EC parameters version: " + version);
throw new IOException("Unsupported EC parameters version: " +
version);
}
ECField field = parseField(in);
EllipticCurve curve = parseCurve(in, field);
......@@ -242,110 +190,49 @@ public final class ECParameters extends AlgorithmParametersSpi {
*/
}
/*
private static final ObjectIdentifier fieldTypePrime =
ObjectIdentifier.newInternal(new int[] {1, 2, 840, 10045, 1, 1});
private static final ObjectIdentifier fieldTypeChar2 =
ObjectIdentifier.newInternal(new int[] {1, 2, 840, 10045, 1, 2});
private static ECField parseField(DerInputStream in) throws IOException {
DerValue v = in.getDerValue();
ObjectIdentifier oid = v.data.getOID();
if (oid.equals(fieldTypePrime) == false) {
throw new IOException("Only prime fields supported: " + oid);
}
BigInteger fieldSize = v.data.getBigInteger();
return new ECFieldFp(fieldSize);
}
private static EllipticCurve parseCurve(DerInputStream in, ECField field)
protected void engineInit(byte[] params, String decodingMethod)
throws IOException {
DerValue v = in.getDerValue();
byte[] ab = v.data.getOctetString();
byte[] bb = v.data.getOctetString();
return new EllipticCurve(field, new BigInteger(1, ab), new BigInteger(1, bb));
engineInit(params);
}
private static ECPoint parsePoint(DerInputStream in, EllipticCurve curve)
throws IOException {
byte[] data = in.getOctetString();
return decodePoint(data, curve);
}
*/
protected <T extends AlgorithmParameterSpec> T
engineGetParameterSpec(Class<T> spec)
throws InvalidParameterSpecException {
// used by ECPublicKeyImpl and ECPrivateKeyImpl
static AlgorithmParameters getAlgorithmParameters(ECParameterSpec spec)
throws InvalidKeyException {
try {
AlgorithmParameters params =
AlgorithmParameters.getInstance("EC", "SunEC");
params.init(spec);
return params;
} catch (GeneralSecurityException e) {
throw new InvalidKeyException("EC parameters error", e);
if (spec.isAssignableFrom(ECParameterSpec.class)) {
return spec.cast(namedCurve);
}
}
// AlgorithmParameterSpi methods
// The parameters these AlgorithmParameters object represents.
// Currently, it is always an instance of NamedCurve.
private ECParameterSpec paramSpec;
protected void engineInit(AlgorithmParameterSpec paramSpec)
throws InvalidParameterSpecException {
if (paramSpec instanceof ECParameterSpec) {
this.paramSpec = getNamedCurve((ECParameterSpec)paramSpec);
if (this.paramSpec == null) {
throw new InvalidParameterSpecException
("Not a supported named curve: " + paramSpec);
}
} else if (paramSpec instanceof ECGenParameterSpec) {
String name = ((ECGenParameterSpec)paramSpec).getName();
ECParameterSpec spec = NamedCurve.getECParameterSpec(name);
if (spec == null) {
throw new InvalidParameterSpecException("Unknown curve: " + name);
}
this.paramSpec = spec;
} else if (paramSpec == null) {
throw new InvalidParameterSpecException
("paramSpec must not be null");
} else {
throw new InvalidParameterSpecException
("Only ECParameterSpec and ECGenParameterSpec supported");
if (spec.isAssignableFrom(ECGenParameterSpec.class)) {
// Ensure the name is the Object ID
String name = namedCurve.getObjectId();
return spec.cast(new ECGenParameterSpec(name));
}
}
protected void engineInit(byte[] params) throws IOException {
paramSpec = decodeParameters(params);
}
protected void engineInit(byte[] params, String decodingMethod) throws IOException {
engineInit(params);
}
protected <T extends AlgorithmParameterSpec> T engineGetParameterSpec(Class<T> spec)
throws InvalidParameterSpecException {
if (spec.isAssignableFrom(ECParameterSpec.class)) {
return spec.cast(paramSpec);
} else if (spec.isAssignableFrom(ECGenParameterSpec.class)) {
return spec.cast(new ECGenParameterSpec(getCurveName(paramSpec)));
} else {
throw new InvalidParameterSpecException
("Only ECParameterSpec and ECGenParameterSpec supported");
if (spec.isAssignableFrom(ECKeySizeParameterSpec.class)) {
int keySize = namedCurve.getCurve().getField().getFieldSize();
return spec.cast(new ECKeySizeParameterSpec(keySize));
}
throw new InvalidParameterSpecException(
"Only ECParameterSpec and ECGenParameterSpec supported");
}
protected byte[] engineGetEncoded() throws IOException {
return encodeParameters(paramSpec);
return namedCurve.getEncoded();
}
protected byte[] engineGetEncoded(String encodingMethod) throws IOException {
protected byte[] engineGetEncoded(String encodingMethod)
throws IOException {
return engineGetEncoded();
}
protected String engineToString() {
return paramSpec.toString();
if (namedCurve == null) {
return "Not initialized";
}
return namedCurve.toString();
}
}
src/share/classes/sun/security/ec/ECPrivateKeyImpl.java
浏览文件 @ 6644acde
/*
* Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -67,18 +67,17 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey {
private ECParameterSpec params;
/**
* Construct a key from its encoding. Called by the ECKeyFactory and
* the SunPKCS11 code.
* Construct a key from its encoding. Called by the ECKeyFactory.
*/
public ECPrivateKeyImpl(byte[] encoded) throws InvalidKeyException {
ECPrivateKeyImpl(byte[] encoded) throws InvalidKeyException {
decode(encoded);
}
/**
* Construct a key from its components. Used by the
* KeyFactory and the SunPKCS11 code.
* KeyFactory.
*/
public ECPrivateKeyImpl(BigInteger s, ECParameterSpec params)
ECPrivateKeyImpl(BigInteger s, ECParameterSpec params)
throws InvalidKeyException {
this.s = s;
this.params = params;
......@@ -88,7 +87,7 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey {
try {
DerOutputStream out = new DerOutputStream();
out.putInteger(1); // version 1
byte[] privBytes = ECParameters.trimZeroes(s.toByteArray());
byte[] privBytes = ECUtil.trimZeroes(s.toByteArray());
out.putOctetString(privBytes);
DerValue val =
new DerValue(DerValue.tag_Sequence, out.toByteArray());
......
src/share/classes/sun/security/ec/ECPublicKeyImpl.java
浏览文件 @ 6644acde
......@@ -49,23 +49,23 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey {
/**
* Construct a key from its components. Used by the
* ECKeyFactory and SunPKCS11.
* ECKeyFactory.
*/
@SuppressWarnings("deprecation")
public ECPublicKeyImpl(ECPoint w, ECParameterSpec params)
ECPublicKeyImpl(ECPoint w, ECParameterSpec params)
throws InvalidKeyException {
this.w = w;
this.params = params;
// generate the encoding
algid = new AlgorithmId
(AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(params));
key = ECParameters.encodePoint(w, params.getCurve());
key = ECUtil.encodePoint(w, params.getCurve());
}
/**
* Construct a key from its encoding. Used by RSAKeyFactory.
* Construct a key from its encoding.
*/
public ECPublicKeyImpl(byte[] encoded) throws InvalidKeyException {
ECPublicKeyImpl(byte[] encoded) throws InvalidKeyException {
decode(encoded);
}
......@@ -104,7 +104,7 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey {
try {
params = algParams.getParameterSpec(ECParameterSpec.class);
w = ECParameters.decodePoint(key, params.getCurve());
w = ECUtil.decodePoint(key, params.getCurve());
} catch (IOException e) {
throw new InvalidKeyException("Invalid EC key", e);
} catch (InvalidParameterSpecException e) {
......
src/share/classes/sun/security/ec/SunECEntries.java
浏览文件 @ 6644acde
......@@ -25,8 +25,11 @@
package sun.security.ec;
import java.util.Collection;
import java.util.Map;
import java.util.regex.Pattern;
/**
* Defines the entries of the SunEC provider.
*
......@@ -60,64 +63,33 @@ final class SunECEntries {
map.put("AlgorithmParameters.EC ImplementedIn", "Software");
map.put("AlgorithmParameters.EC SupportedCurves",
// A list comprising lists of curve names and object identifiers.
// '[' ( <curve-name> ',' )+ <curve-object-identifier> ']' '|'
// SEC 2 prime curves
"[secp112r1,1.3.132.0.6]|" +
"[secp112r2,1.3.132.0.7]|" +
"[secp128r1,1.3.132.0.28]|" +
"[secp128r2,1.3.132.0.29]|" +
"[secp160k1,1.3.132.0.9]|" +
"[secp160r1,1.3.132.0.8]|" +
"[secp160r2,1.3.132.0.30]|" +
"[secp192k1,1.3.132.0.31]|" +
"[secp192r1,NIST P-192,X9.62 prime192v1,1.2.840.10045.3.1.1]|" +
"[secp224k1,1.3.132.0.32]|" +
"[secp224r1,NIST P-224,1.3.132.0.33]|" +
"[secp256k1,1.3.132.0.10]|" +
"[secp256r1,NIST P-256,X9.62 prime256v1,1.2.840.10045.3.1.7]|" +
"[secp384r1,NIST P-384,1.3.132.0.34]|" +
"[secp521r1,NIST P-521,1.3.132.0.35]|" +
// ANSI X9.62 prime curves
"[X9.62 prime192v2,1.2.840.10045.3.1.2]|" +
"[X9.62 prime192v3,1.2.840.10045.3.1.3]|" +
"[X9.62 prime239v1,1.2.840.10045.3.1.4]|" +
"[X9.62 prime239v2,1.2.840.10045.3.1.5]|" +
"[X9.62 prime239v3,1.2.840.10045.3.1.6]|" +
// SEC 2 binary curves
"[sect113r1,1.3.132.0.4]|" +
"[sect113r2,1.3.132.0.5]|" +
"[sect131r1,1.3.132.0.22]|" +
"[sect131r2,1.3.132.0.23]|" +
"[sect163k1,NIST K-163,1.3.132.0.1]|" +
"[sect163r1,1.3.132.0.2]|" +
"[sect163r2,NIST B-163,1.3.132.0.15]|" +
"[sect193r1,1.3.132.0.24]|" +
"[sect193r2,1.3.132.0.25]|" +
"[sect233k1,NIST K-233,1.3.132.0.26]|" +
"[sect233r1,NIST B-233,1.3.132.0.27]|" +
"[sect239k1,1.3.132.0.3]|" +
"[sect283k1,NIST K-283,1.3.132.0.16]|" +
"[sect283r1,NIST B-283,1.3.132.0.17]|" +
"[sect409k1,NIST K-409,1.3.132.0.36]|" +
"[sect409r1,NIST B-409,1.3.132.0.37]|" +
"[sect571k1,NIST K-571,1.3.132.0.38]|" +
"[sect571r1,NIST B-571,1.3.132.0.39]|" +
// ANSI X9.62 binary curves
"[X9.62 c2tnb191v1,1.2.840.10045.3.0.5]|" +
"[X9.62 c2tnb191v2,1.2.840.10045.3.0.6]|" +
"[X9.62 c2tnb191v3,1.2.840.10045.3.0.7]|" +
"[X9.62 c2tnb239v1,1.2.840.10045.3.0.11]|" +
"[X9.62 c2tnb239v2,1.2.840.10045.3.0.12]|" +
"[X9.62 c2tnb239v3,1.2.840.10045.3.0.13]|" +
"[X9.62 c2tnb359v1,1.2.840.10045.3.0.18]|" +
"[X9.62 c2tnb431r1,1.2.840.10045.3.0.20]");
// "AlgorithmParameters.EC SupportedCurves" prop used by unit test
boolean firstCurve = true;
StringBuilder names = new StringBuilder();
Pattern nameSplitPattern = Pattern.compile(CurveDB.SPLIT_PATTERN);
Collection<? extends NamedCurve> supportedCurves =
CurveDB.getSupportedCurves();
for (NamedCurve namedCurve : supportedCurves) {
if (!firstCurve) {
names.append("|");
} else {
firstCurve = false;
}
names.append("[");
String[] commonNames = nameSplitPattern.split(namedCurve.getName());
for (String commonName : commonNames) {
names.append(commonName.trim());
names.append(",");
}
names.append(namedCurve.getObjectId());
names.append("]");
}
map.put("AlgorithmParameters.EC SupportedCurves", names.toString());
/*
* Register the algorithms below only when the full ECC implementation
......
src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java
浏览文件 @ 6644acde
......@@ -32,15 +32,12 @@ import java.security.*;
import java.security.interfaces.*;
import java.security.spec.*;
import sun.security.ec.ECPublicKeyImpl;
import sun.security.ec.ECParameters;
import sun.security.ec.NamedCurve;
import static sun.security.pkcs11.TemplateManager.*;
import sun.security.pkcs11.wrapper.*;
import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
import sun.security.util.DerValue;
import sun.security.util.ECUtil;
/**
* EC KeyFactory implemenation.
......@@ -49,46 +46,56 @@ import sun.security.util.DerValue;
* @since 1.6
*/
final class P11ECKeyFactory extends P11KeyFactory {
private static Provider sunECprovider;
private static Provider getSunECProvider() {
if (sunECprovider == null) {
sunECprovider = Security.getProvider("SunEC");
if (sunECprovider == null) {
throw new RuntimeException("Cannot load SunEC provider");
}
}
return sunECprovider;
}
P11ECKeyFactory(Token token, String algorithm) {
super(token, algorithm);
}
static ECParameterSpec getECParameterSpec(String name) {
return NamedCurve.getECParameterSpec(name);
return ECUtil.getECParameterSpec(getSunECProvider(), name);
}
static ECParameterSpec getECParameterSpec(int keySize) {
return NamedCurve.getECParameterSpec(keySize);
return ECUtil.getECParameterSpec(getSunECProvider(), keySize);
}
// Check that spec is a known supported curve and convert it to our
// ECParameterSpec subclass. If not possible, return null.
static ECParameterSpec getECParameterSpec(ECParameterSpec spec) {
return ECParameters.getNamedCurve(spec);
return ECUtil.getECParameterSpec(getSunECProvider(), spec);
}
static ECParameterSpec decodeParameters(byte[] params) throws IOException {
return ECParameters.decodeParameters(params);
return ECUtil.getECParameterSpec(getSunECProvider(), params);
}
static byte[] encodeParameters(ECParameterSpec params) {
return ECParameters.encodeParameters(params);
return ECUtil.encodeECParameterSpec(getSunECProvider(), params);
}
static ECPoint decodePoint(byte[] encoded, EllipticCurve curve) throws IOException {
return ECParameters.decodePoint(encoded, curve);
return ECUtil.decodePoint(encoded, curve);
}
// Used by ECDH KeyAgreement
static byte[] getEncodedPublicValue(PublicKey key) throws InvalidKeyException {
if (key instanceof ECPublicKeyImpl) {
return ((ECPublicKeyImpl)key).getEncodedPublicValue();
} else if (key instanceof ECPublicKey) {
if (key instanceof ECPublicKey) {
ECPublicKey ecKey = (ECPublicKey)key;
ECPoint w = ecKey.getW();
ECParameterSpec params = ecKey.getParams();
return ECParameters.encodePoint(w, params.getCurve());
return ECUtil.encodePoint(w, params.getCurve());
} else {
// should never occur
throw new InvalidKeyException
......@@ -107,7 +114,13 @@ final class P11ECKeyFactory extends P11KeyFactory {
} else if ("X.509".equals(key.getFormat())) {
// let Sun provider parse for us, then recurse
byte[] encoded = key.getEncoded();
key = new sun.security.ec.ECPublicKeyImpl(encoded);
try {
key = ECUtil.decodeX509ECPublicKey(encoded);
} catch (InvalidKeySpecException ikse) {
throw new InvalidKeyException(ikse);
}
return implTranslatePublicKey(key);
} else {
throw new InvalidKeyException("PublicKey must be instance "
......@@ -130,7 +143,13 @@ final class P11ECKeyFactory extends P11KeyFactory {
} else if ("PKCS#8".equals(key.getFormat())) {
// let Sun provider parse for us, then recurse
byte[] encoded = key.getEncoded();
key = new sun.security.ec.ECPrivateKeyImpl(encoded);
try {
key = ECUtil.decodePKCS8ECPrivateKey(encoded);
} catch (InvalidKeySpecException ikse) {
throw new InvalidKeyException(ikse);
}
return implTranslatePrivateKey(key);
} else {
throw new InvalidKeyException("PrivateKey must be instance "
......@@ -148,7 +167,7 @@ final class P11ECKeyFactory extends P11KeyFactory {
if (keySpec instanceof X509EncodedKeySpec) {
try {
byte[] encoded = ((X509EncodedKeySpec)keySpec).getEncoded();
PublicKey key = new sun.security.ec.ECPublicKeyImpl(encoded);
PublicKey key = ECUtil.decodeX509ECPublicKey(encoded);
return implTranslatePublicKey(key);
} catch (InvalidKeyException e) {
throw new InvalidKeySpecException
......@@ -178,7 +197,7 @@ final class P11ECKeyFactory extends P11KeyFactory {
if (keySpec instanceof PKCS8EncodedKeySpec) {
try {
byte[] encoded = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
PrivateKey key = new sun.security.ec.ECPrivateKeyImpl(encoded);
PrivateKey key = ECUtil.decodePKCS8ECPrivateKey(encoded);
return implTranslatePrivateKey(key);
} catch (GeneralSecurityException e) {
throw new InvalidKeySpecException
......@@ -201,10 +220,12 @@ final class P11ECKeyFactory extends P11KeyFactory {
}
}
private PublicKey generatePublic(ECPoint point, ECParameterSpec params) throws PKCS11Exception {
byte[] encodedParams = ECParameters.encodeParameters(params);
private PublicKey generatePublic(ECPoint point, ECParameterSpec params)
throws PKCS11Exception {
byte[] encodedParams =
ECUtil.encodeECParameterSpec(getSunECProvider(), params);
byte[] encodedPoint =
ECParameters.encodePoint(point, params.getCurve());
ECUtil.encodePoint(point, params.getCurve());
// Check whether the X9.63 encoding of an EC point shall be wrapped
// in an ASN.1 OCTET STRING
......@@ -238,8 +259,10 @@ final class P11ECKeyFactory extends P11KeyFactory {
}
}
private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params) throws PKCS11Exception {
byte[] encodedParams = ECParameters.encodeParameters(params);
private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params)
throws PKCS11Exception {
byte[] encodedParams =
ECUtil.encodeECParameterSpec(getSunECProvider(), params);
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
......@@ -304,7 +327,7 @@ final class P11ECKeyFactory extends P11KeyFactory {
}
KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
return KeyFactory.getInstance("EC", "SunEC");
return KeyFactory.getInstance("EC", getSunECProvider());
}
}
src/share/classes/sun/security/pkcs11/P11Key.java
浏览文件 @ 6644acde
......@@ -47,6 +47,7 @@ import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
import sun.security.util.DerValue;
import sun.security.util.Length;
import sun.security.util.ECUtil;
/**
* Key implementation classes.
......@@ -984,9 +985,9 @@ abstract class P11Key implements Key, Length {
if (encoded == null) {
fetchValues();
try {
Key key = new sun.security.ec.ECPrivateKeyImpl(s, params);
Key key = ECUtil.generateECPrivateKey(s, params);
encoded = key.getEncoded();
} catch (InvalidKeyException e) {
} catch (InvalidKeySpecException e) {
throw new ProviderException(e);
}
}
......@@ -1064,9 +1065,8 @@ abstract class P11Key implements Key, Length {
if (encoded == null) {
fetchValues();
try {
Key key = new sun.security.ec.ECPublicKeyImpl(w, params);
encoded = key.getEncoded();
} catch (InvalidKeyException e) {
return ECUtil.x509EncodeECPublicKey(w, params);
} catch (InvalidKeySpecException e) {
throw new ProviderException(e);
}
}
......
src/share/classes/sun/security/pkcs11/P11KeyStore.java
浏览文件 @ 6644acde
......@@ -65,6 +65,7 @@ import javax.security.auth.callback.UnsupportedCallbackException;
import sun.security.util.Debug;
import sun.security.util.DerValue;
import sun.security.util.ECUtil;
import sun.security.ec.ECParameters;
......@@ -1351,7 +1352,8 @@ final class P11KeyStore extends KeyStoreSpi {
token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);
byte[] encodedParams = attrs[0].getByteArray();
try {
ECParameterSpec params = ECParameters.decodeParameters(encodedParams);
ECParameterSpec params =
ECUtil.getECParameterSpec(null, encodedParams);
keyLength = params.getCurve().getField().getFieldSize();
} catch (IOException e) {
// we do not want to accept key with unsupported parameters
......@@ -1726,7 +1728,8 @@ final class P11KeyStore extends KeyStoreSpi {
idAttrs[0] = new CK_ATTRIBUTE(CKA_ID, alias);
}
byte[] encodedParams = ECParameters.encodeParameters(ecKey.getParams());
byte[] encodedParams =
ECUtil.encodeECParameterSpec(null, ecKey.getParams());
attrs = new CK_ATTRIBUTE[] {
ATTR_TOKEN_TRUE,
ATTR_CLASS_PKEY,
......@@ -1901,7 +1904,7 @@ final class P11KeyStore extends KeyStoreSpi {
ECPublicKey ecPub = (ECPublicKey)publicKey;
ECPoint point = ecPub.getW();
ECParameterSpec params = ecPub.getParams();
byte[] encodedPoint = ECParameters.encodePoint(point, params.getCurve());
byte[] encodedPoint = ECUtil.encodePoint(point, params.getCurve());
if (id) {
attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(encodedPoint));
}
......
src/share/classes/sun/security/ssl/JsseJce.java
浏览文件 @ 6644acde
......@@ -41,8 +41,7 @@ import java.security.Provider;
import sun.security.jca.Providers;
import sun.security.jca.ProviderList;
import sun.security.ec.ECParameters;
import sun.security.ec.NamedCurve;
import sun.security.util.ECUtil;
import static sun.security.ssl.SunJSSE.cryptoProvider;
......@@ -383,20 +382,20 @@ final class JsseJce {
}
static ECParameterSpec getECParameterSpec(String namedCurveOid) {
return NamedCurve.getECParameterSpec(namedCurveOid);
return ECUtil.getECParameterSpec(cryptoProvider, namedCurveOid);
}
static String getNamedCurveOid(ECParameterSpec params) {
return ECParameters.getCurveName(params);
return ECUtil.getCurveName(cryptoProvider, params);
}
static ECPoint decodePoint(byte[] encoded, EllipticCurve curve)
throws java.io.IOException {
return ECParameters.decodePoint(encoded, curve);
return ECUtil.decodePoint(encoded, curve);
}
static byte[] encodePoint(ECPoint point, EllipticCurve curve) {
return ECParameters.encodePoint(point, curve);
return ECUtil.encodePoint(point, curve);
}
// In FIPS mode, set thread local providers; otherwise a no-op.
......
src/share/classes/sun/security/util/ECKeySizeParameterSpec.java 0 → 100644
浏览文件 @ 6644acde
/*
* Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.security.spec.AlgorithmParameterSpec;
import sun.security.util.ObjectIdentifier;
/**
* This immutable class is used when randomly generating a key pair and the
* consumer only specifies the length of the key and therefore a curve for that
* key size must be picked from a the list of supported curves using this spec.
*
* @see AlgorithmParameterSpec
* @see ECGenParameterSpec
*/
public class ECKeySizeParameterSpec implements AlgorithmParameterSpec {
private int keySize;
/**
* Creates a parameter specification for EC curve
* generation using a standard (or predefined) key size
* <code>keySize</code> in order to generate the corresponding
* (precomputed) elliptic curve.
* <p>
* Note, if the curve of the specified length is not supported,
* <code>AlgorithmParameters.init</code> will throw an exception.
*
* @param keySize the key size of the curve to lookup
*/
public ECKeySizeParameterSpec(int keySize) {
this.keySize = keySize;
}
/**
* Returns the key size of this spec.
*
* @return the standard or predefined key size.
*/
public int getKeySize() {
return keySize;
}
}
src/share/classes/sun/security/util/ECUtil.java 0 → 100644
浏览文件 @ 6644acde
/*
* Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.io.IOException;
import java.math.BigInteger;
import java.security.*;
import java.security.interfaces.*;
import java.security.spec.*;
import java.util.Arrays;
import sun.security.x509.X509Key;
public class ECUtil {
// Used by SunPKCS11 and SunJSSE.
public static ECPoint decodePoint(byte[] data, EllipticCurve curve)
throws IOException {
if ((data.length == 0) || (data[0] != 4)) {
throw new IOException("Only uncompressed point format supported");
}
// Per ANSI X9.62, an encoded point is a 1 byte type followed by
// ceiling(log base 2 field-size / 8) bytes of x and the same of y.
int n = (data.length - 1) / 2;
if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {
throw new IOException("Point does not match field size");
}
byte[] xb = Arrays.copyOfRange(data, 1, 1 + n);
byte[] yb = Arrays.copyOfRange(data, n + 1, n + 1 + n);
return new ECPoint(new BigInteger(1, xb), new BigInteger(1, yb));
}
// Used by SunPKCS11 and SunJSSE.
public static byte[] encodePoint(ECPoint point, EllipticCurve curve) {
// get field size in bytes (rounding up)
int n = (curve.getField().getFieldSize() + 7) >> 3;
byte[] xb = trimZeroes(point.getAffineX().toByteArray());
byte[] yb = trimZeroes(point.getAffineY().toByteArray());
if ((xb.length > n) || (yb.length > n)) {
throw new RuntimeException
("Point coordinates do not match field size");
}
byte[] b = new byte[1 + (n << 1)];
b[0] = 4; // uncompressed
System.arraycopy(xb, 0, b, n - xb.length + 1, xb.length);
System.arraycopy(yb, 0, b, b.length - yb.length, yb.length);
return b;
}
public static byte[] trimZeroes(byte[] b) {
int i = 0;
while ((i < b.length - 1) && (b[i] == 0)) {
i++;
}
if (i == 0) {
return b;
}
return Arrays.copyOfRange(b, i, b.length);
}
private static KeyFactory getKeyFactory() {
try {
return KeyFactory.getInstance("EC", "SunEC");
} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
throw new RuntimeException(e);
}
}
public static ECPublicKey decodeX509ECPublicKey(byte[] encoded)
throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encoded);
return (ECPublicKey)keyFactory.generatePublic(keySpec);
}
public static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)keyFactory.generatePublic(keySpec);
return key.getEncoded();
}
public static ECPrivateKey decodePKCS8ECPrivateKey(byte[] encoded)
throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded);
return (ECPrivateKey)keyFactory.generatePrivate(keySpec);
}
public static ECPrivateKey generateECPrivateKey(BigInteger s,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPrivateKeySpec keySpec = new ECPrivateKeySpec(s, params);
return (ECPrivateKey)keyFactory.generatePrivate(keySpec);
}
private static AlgorithmParameters getECParameters(Provider p) {
try {
if (p != null) {
return AlgorithmParameters.getInstance("EC", p);
}
return AlgorithmParameters.getInstance("EC");
} catch (NoSuchAlgorithmException nsae) {
throw new RuntimeException(nsae);
}
}
public static byte[] encodeECParameterSpec(Provider p,
ECParameterSpec spec) {
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(spec);
} catch (InvalidParameterSpecException ipse) {
throw new RuntimeException("Not a known named curve: " + spec);
}
try {
return parameters.getEncoded();
} catch (IOException ioe) {
// it is a bug if this should happen
throw new RuntimeException(ioe);
}
}
public static ECParameterSpec getECParameterSpec(Provider p,
ECParameterSpec spec) {
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(spec);
return parameters.getParameterSpec(ECParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
}
public static ECParameterSpec getECParameterSpec(Provider p,
byte[] params)
throws IOException {
AlgorithmParameters parameters = getECParameters(p);
parameters.init(params);
try {
return parameters.getParameterSpec(ECParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
}
public static ECParameterSpec getECParameterSpec(Provider p, String name) {
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(new ECGenParameterSpec(name));
return parameters.getParameterSpec(ECParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
}
public static ECParameterSpec getECParameterSpec(Provider p, int keySize) {
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(new ECKeySizeParameterSpec(keySize));
return parameters.getParameterSpec(ECParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
}
public static String getCurveName(Provider p, ECParameterSpec spec) {
ECGenParameterSpec nameSpec;
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(spec);
nameSpec = parameters.getParameterSpec(ECGenParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
if (nameSpec == null) {
return null;
}
return nameSpec.getName();
}
private ECUtil() {}
}
test/sun/security/pkcs11/ec/TestCurves.java
浏览文件 @ 6644acde
......@@ -38,9 +38,6 @@ import java.security.spec.*;
import javax.crypto.*;
// XXX no public API to enumerate supported named curves
import sun.security.ec.NamedCurve;
public class TestCurves extends PKCS11Test {
public static void main(String[] args) throws Exception {
......@@ -57,8 +54,8 @@ public class TestCurves extends PKCS11Test {
byte[] data = new byte[2048];
random.nextBytes(data);
Collection<? extends ECParameterSpec> curves =
NamedCurve.knownECParameterSpecs();
Vector<ECParameterSpec> curves = getKnownCurves(p);
for (ECParameterSpec params : curves) {
System.out.println("Testing " + params + "...");
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", p);
......@@ -92,6 +89,66 @@ public class TestCurves extends PKCS11Test {
System.out.println("OK");
}
private static Vector<ECParameterSpec>
getKnownCurves(Provider p) throws Exception {
int index;
int begin;
int end;
String curve;
Vector<ECParameterSpec> results = new Vector<ECParameterSpec>();
String kcProp =
p.getProperty("AlgorithmParameters.EC SupportedCurves");
if (kcProp == null) {
throw new RuntimeException(
"\"AlgorithmParameters.EC SupportedCurves property\" not found");
}
index = 0;
for (;;) {
// Each set of curve names is enclosed with brackets.
begin = kcProp.indexOf('[', index);
end = kcProp.indexOf(']', index);
if (begin == -1 || end == -1) {
break;
}
/*
* Each name is separated by a comma.
* Just get the first name in the set.
*/
index = end + 1;
begin++;
end = kcProp.indexOf(',', begin);
if (end == -1) {
// Only one name in the set.
end = index -1;
}
curve = kcProp.substring(begin, end);
results.add(getECParameterSpec(p, curve));
}
if (results.size() == 0) {
throw new RuntimeException("No supported EC curves found");
}
return results;
}
private static ECParameterSpec getECParameterSpec(Provider p, String name)
throws Exception {
AlgorithmParameters parameters =
AlgorithmParameters.getInstance("EC", p);
parameters.init(new ECGenParameterSpec(name));
return parameters.getParameterSpec(ECParameterSpec.class);
}
private static void testSigning(Provider p, String algorithm,
byte[] data, KeyPair kp1, KeyPair kp2) throws Exception {
// System.out.print(" " + algorithm);
......@@ -115,6 +172,4 @@ public class TestCurves extends PKCS11Test {
throw new Exception("Signature should not verify");
}
}
}
test/sun/security/pkcs11/ec/TestECDH2.java
浏览文件 @ 6644acde
......@@ -41,7 +41,7 @@ import java.security.spec.*;
import java.security.interfaces.*;
import javax.crypto.*;
import sun.security.ec.NamedCurve;
import sun.security.util.ECUtil;
public class TestECDH2 extends PKCS11Test {
......@@ -79,8 +79,8 @@ public class TestECDH2 extends PKCS11Test {
}
private KeyPair genECKeyPair(String curvName, String privD, String pubX,
String pubY) throws Exception {
ECParameterSpec ecParams = NamedCurve.getECParameterSpec(curvName);
String pubY, Provider p) throws Exception {
ECParameterSpec ecParams = ECUtil.getECParameterSpec(p, curvName);
ECPrivateKeySpec privKeySpec =
new ECPrivateKeySpec(new BigInteger(privD, 16), ecParams);
ECPublicKeySpec pubKeySpec =
......@@ -112,12 +112,14 @@ public class TestECDH2 extends PKCS11Test {
System.out.println("Testing against NIST P-256");
long start = System.currentTimeMillis();
KeyPair kp256A = genECKeyPair("secp256r1", privD256, pubX256, pubY256);
KeyPair kp256A =
genECKeyPair("secp256r1", privD256, pubX256, pubY256, provider);
KeyPair kp256B = genECKeyPair("secp256r1");
testKeyAgreement(kp256A, kp256B, provider);
System.out.println("Testing against NIST P-384");
KeyPair kp384A = genECKeyPair("secp384r1", privD384, pubX384, pubY384);
KeyPair kp384A =
genECKeyPair("secp384r1", privD384, pubX384, pubY384, provider);
KeyPair kp384B = genECKeyPair("secp384r1");
testKeyAgreement(kp384A, kp384B, provider);
......
test/sun/security/pkcs11/ec/TestECDSA2.java
浏览文件 @ 6644acde
......@@ -40,7 +40,7 @@ import java.security.*;
import java.security.spec.*;
import java.security.interfaces.*;
import sun.security.ec.NamedCurve;
import sun.security.util.ECUtil;
public class TestECDSA2 extends PKCS11Test {
......@@ -75,8 +75,9 @@ public class TestECDSA2 extends PKCS11Test {
System.out.println(p.getName() + ": " + alg + " Passed");
}
private KeyPair genECKeyPair(String curvName, String privD, String pubX, String pubY) throws Exception {
ECParameterSpec ecParams = NamedCurve.getECParameterSpec(curvName);
private KeyPair genECKeyPair(String curvName, String privD, String pubX,
String pubY, Provider p) throws Exception {
ECParameterSpec ecParams = ECUtil.getECParameterSpec(p, curvName);
ECPrivateKeySpec privKeySpec =
new ECPrivateKeySpec(new BigInteger(privD, 16), ecParams);
ECPublicKeySpec pubKeySpec =
......@@ -108,12 +109,14 @@ public class TestECDSA2 extends PKCS11Test {
long start = System.currentTimeMillis();
if (testP256) {
// can use secp256r1, NIST P-256, X9.62 prime256v1, or 1.2.840.10045.3.1.7
KeyPair kp = genECKeyPair("secp256r1", privD256, pubX256, pubY256);
KeyPair kp =
genECKeyPair("secp256r1", privD256, pubX256, pubY256, provider);
testSignAndVerify("SHA256withECDSA", kp, provider);
}
if (testP384) {
// can use secp384r1, NIST P-384, 1.3.132.0.34
KeyPair kp = genECKeyPair("secp384r1", privD384, pubX384, pubY384);
KeyPair kp =
genECKeyPair("secp384r1", privD384, pubX384, pubY384, provider);
testSignAndVerify("SHA384withECDSA", kp, provider);
}
long stop = System.currentTimeMillis();
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册