Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 6644acde 编写于 作者: V vinnie
浏览文件
操作

7194075: Various classes of sunec.jar are duplicated in rt.jar 

Reviewed-by: mullan, vinnie
Contributed-by: NStephen Flores <stephen.flores@oracle.com>
上级 733e7b93
显示空白变更内容
内联 并排
Showing with 1263 addition and 956 deletion
make/sun/security/ec/Makefile
浏览文件 @ 6644acde
...@@ -124,15 +124,6 @@ CLASSDESTDIR = $(TEMPDIR)/classes ...@@ -124,15 +124,6 @@ CLASSDESTDIR = $(TEMPDIR)/classes
# #
AUTO_FILES_JAVA_DIRS = $(PKGDIR) AUTO_FILES_JAVA_DIRS = $(PKGDIR)
#
# Exclude the sources that get built by ../other/Makefile
#
AUTO_JAVA_PRUNE = \
ECParameters.java \
ECPrivateKeyImpl.java \
ECPublicKeyImpl.java \
NamedCurve.java
# #
# Some licensees do not get the native ECC sources, but we still need to # Some licensees do not get the native ECC sources, but we still need to
# be able to build "all" for them. Check here to see if the sources are # be able to build "all" for them. Check here to see if the sources are
......
make/sun/security/other/Makefile
浏览文件 @ 6644acde
...@@ -49,15 +49,6 @@ AUTO_FILES_JAVA_DIRS = \ ...@@ -49,15 +49,6 @@ AUTO_FILES_JAVA_DIRS = \
sun/security/x509 \ sun/security/x509 \
com/sun/net/ssl/internal/ssl com/sun/net/ssl/internal/ssl
#
# EC classes used by the packages above
#
FILES_java += \
sun/security/ec/ECParameters.java \
sun/security/ec/ECPrivateKeyImpl.java \
sun/security/ec/ECPublicKeyImpl.java \
sun/security/ec/NamedCurve.java
# #
# Rules # Rules
# #
......
makefiles/CreateJars.gmk
浏览文件 @ 6644acde
...@@ -217,19 +217,7 @@ RT_JAR_EXCLUDES += \ ...@@ -217,19 +217,7 @@ RT_JAR_EXCLUDES += \
sun/net/spi/nameservice/dns \ sun/net/spi/nameservice/dns \
sun/nio/cs/ext \ sun/nio/cs/ext \
sun/rmi/rmic \ sun/rmi/rmic \
sun/security/ec/ECDHKeyAgreement.class \ sun/security/ec \
sun/security/ec/ECDSASignature.class \
sun/security/ec/ECDSASignature\$$$$Raw.class \
sun/security/ec/ECDSASignature\$$$$SHA1.class \
sun/security/ec/ECDSASignature\$$$$SHA224.class \
sun/security/ec/ECDSASignature\$$$$SHA256.class \
sun/security/ec/ECDSASignature\$$$$SHA384.class \
sun/security/ec/ECDSASignature\$$$$SHA512.class \
sun/security/ec/ECKeyFactory.class \
sun/security/ec/ECKeyPairGenerator.class \
sun/security/ec/SunEC\$$$$1.class \
sun/security/ec/SunEC.class \
sun/security/ec/SunECEntries.class \
sun/security/internal \ sun/security/internal \
sun/security/mscapi \ sun/security/mscapi \
sun/security/pkcs11 \ sun/security/pkcs11 \
......
src/share/classes/sun/security/ec/CurveDB.java 0 → 100644
浏览文件 @ 6644acde
/*
* Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.ec;
import java.math.BigInteger;
import java.security.spec.*;
import java.util.*;
import java.util.regex.Pattern;
/**
* Repository for well-known Elliptic Curve parameters. It is used by both
* the SunPKCS11 and SunJSSE code.
*
* @since 1.6
* @author Andreas Sterbenz
*/
public class CurveDB {
private final static int P = 1; // prime curve
private final static int B = 2; // binary curve
private final static int PD = 5; // prime curve, mark as default
private final static int BD = 6; // binary curve, mark as default
private static final Map<String,NamedCurve> oidMap =
new LinkedHashMap<String,NamedCurve>();
private static final Map<String,NamedCurve> nameMap =
new HashMap<String,NamedCurve>();
private static final Map<Integer,NamedCurve> lengthMap =
new HashMap<Integer,NamedCurve>();
private static Collection<? extends NamedCurve> specCollection;
static final String SPLIT_PATTERN = ",|\\[|\\]";
// Used by SunECEntries
static Collection<? extends NamedCurve>getSupportedCurves() {
return specCollection;
}
// Return a NamedCurve for the specified OID/name or null if unknown.
static NamedCurve lookup(String name) {
NamedCurve spec = oidMap.get(name);
if (spec != null) {
return spec;
}
return nameMap.get(name);
}
// Return EC parameters for the specified field size. If there are known
// NIST recommended parameters for the given length, they are returned.
// Otherwise, if there are multiple matches for the given size, an
// arbitrary one is returns.
// If no parameters are known, the method returns null.
// NOTE that this method returns both prime and binary curves.
static NamedCurve lookup(int length) {
return lengthMap.get(length);
}
// Convert the given ECParameterSpec object to a NamedCurve object.
// If params does not represent a known named curve, return null.
static NamedCurve lookup(ECParameterSpec params) {
if ((params instanceof NamedCurve) || (params == null)) {
return (NamedCurve)params;
}
// This is a hack to allow SunJSSE to work with 3rd party crypto
// providers for ECC and not just SunPKCS11.
// This can go away once we decide how to expose curve names in the
// public API.
// Note that it assumes that the 3rd party provider encodes named
// curves using the short form, not explicitly. If it did that, then
// the SunJSSE TLS ECC extensions are wrong, which could lead to
// interoperability problems.
int fieldSize = params.getCurve().getField().getFieldSize();
for (NamedCurve namedCurve : specCollection) {
// ECParameterSpec does not define equals, so check all the
// components ourselves.
// Quick field size check first
if (namedCurve.getCurve().getField().getFieldSize() != fieldSize) {
continue;
}
if (namedCurve.getCurve().equals(params.getCurve()) == false) {
continue;
}
if (namedCurve.getGenerator().equals(params.getGenerator()) ==
false) {
continue;
}
if (namedCurve.getOrder().equals(params.getOrder()) == false) {
continue;
}
if (namedCurve.getCofactor() != params.getCofactor()) {
continue;
}
// everything matches our named curve, return it
return namedCurve;
}
// no match found
return null;
}
private static BigInteger bi(String s) {
return new BigInteger(s, 16);
}
private static void add(String name, String soid, int type, String sfield,
String a, String b, String x, String y, String n, int h,
Pattern nameSplitPattern) {
BigInteger p = bi(sfield);
ECField field;
if ((type == P) || (type == PD)) {
field = new ECFieldFp(p);
} else if ((type == B) || (type == BD)) {
field = new ECFieldF2m(p.bitLength() - 1, p);
} else {
throw new RuntimeException("Invalid type: " + type);
}
EllipticCurve curve = new EllipticCurve(field, bi(a), bi(b));
ECPoint g = new ECPoint(bi(x), bi(y));
NamedCurve params = new NamedCurve(name, soid, curve, g, bi(n), h);
if (oidMap.put(soid, params) != null) {
throw new RuntimeException("Duplication oid: " + soid);
}
String[] commonNames = nameSplitPattern.split(name);
for (String commonName : commonNames) {
if (nameMap.put(commonName.trim(), params) != null) {
throw new RuntimeException("Duplication name: " + commonName);
}
}
int len = field.getFieldSize();
if ((type == PD) || (type == BD) || (lengthMap.get(len) == null)) {
// add entry if none present for this field size or if
// the curve is marked as a default curve.
lengthMap.put(len, params);
}
}
static {
Pattern nameSplitPattern = Pattern.compile(SPLIT_PATTERN);
/* SEC2 prime curves */
add("secp112r1", "1.3.132.0.6", P,
"DB7C2ABF62E35E668076BEAD208B",
"DB7C2ABF62E35E668076BEAD2088",
"659EF8BA043916EEDE8911702B22",
"09487239995A5EE76B55F9C2F098",
"A89CE5AF8724C0A23E0E0FF77500",
"DB7C2ABF62E35E7628DFAC6561C5",
1, nameSplitPattern);
add("secp112r2", "1.3.132.0.7", P,
"DB7C2ABF62E35E668076BEAD208B",
"6127C24C05F38A0AAAF65C0EF02C",
"51DEF1815DB5ED74FCC34C85D709",
"4BA30AB5E892B4E1649DD0928643",
"adcd46f5882e3747def36e956e97",
"36DF0AAFD8B8D7597CA10520D04B",
4, nameSplitPattern);
add("secp128r1", "1.3.132.0.28", P,
"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",
"E87579C11079F43DD824993C2CEE5ED3",
"161FF7528B899B2D0C28607CA52C5B86",
"CF5AC8395BAFEB13C02DA292DDED7A83",
"FFFFFFFE0000000075A30D1B9038A115",
1, nameSplitPattern);
add("secp128r2", "1.3.132.0.29", P,
"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
"D6031998D1B3BBFEBF59CC9BBFF9AEE1",
"5EEEFCA380D02919DC2C6558BB6D8A5D",
"7B6AA5D85E572983E6FB32A7CDEBC140",
"27B6916A894D3AEE7106FE805FC34B44",
"3FFFFFFF7FFFFFFFBE0024720613B5A3",
4, nameSplitPattern);
add("secp160k1", "1.3.132.0.9", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
"0000000000000000000000000000000000000000",
"0000000000000000000000000000000000000007",
"3B4C382CE37AA192A4019E763036F4F5DD4D7EBB",
"938CF935318FDCED6BC28286531733C3F03C4FEE",
"0100000000000000000001B8FA16DFAB9ACA16B6B3",
1, nameSplitPattern);
add("secp160r1", "1.3.132.0.8", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",
"1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
"4A96B5688EF573284664698968C38BB913CBFC82",
"23A628553168947D59DCC912042351377AC5FB32",
"0100000000000000000001F4C8F927AED3CA752257",
1, nameSplitPattern);
add("secp160r2", "1.3.132.0.30", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70",
"B4E134D3FB59EB8BAB57274904664D5AF50388BA",
"52DCB034293A117E1F4FF11B30F7199D3144CE6D",
"FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E",
"0100000000000000000000351EE786A818F3A1A16B",
1, nameSplitPattern);
add("secp192k1", "1.3.132.0.31", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37",
"000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000003",
"DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D",
"9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D",
"FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D",
1, nameSplitPattern);
add("secp192r1 [NIST P-192, X9.62 prime192v1]", "1.2.840.10045.3.1.1", PD,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
"64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
"188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
"07192B95FFC8DA78631011ED6B24CDD573F977A11E794811",
"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",
1, nameSplitPattern);
add("secp224k1", "1.3.132.0.32", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D",
"00000000000000000000000000000000000000000000000000000000",
"00000000000000000000000000000000000000000000000000000005",
"A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C",
"7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5",
"010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7",
1, nameSplitPattern);
add("secp224r1 [NIST P-224]", "1.3.132.0.33", PD,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
"B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
"B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
"BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
1, nameSplitPattern);
add("secp256k1", "1.3.132.0.10", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",
"0000000000000000000000000000000000000000000000000000000000000000",
"0000000000000000000000000000000000000000000000000000000000000007",
"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",
"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",
1, nameSplitPattern);
add("secp256r1 [NIST P-256, X9.62 prime256v1]", "1.2.840.10045.3.1.7", PD,
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
"5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
"6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
"4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
1, nameSplitPattern);
add("secp384r1 [NIST P-384]", "1.3.132.0.34", PD,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
"B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
"AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
"3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
1, nameSplitPattern);
add("secp521r1 [NIST P-521]", "1.3.132.0.35", PD,
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
"0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
"00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
"011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
1, nameSplitPattern);
/* ANSI X9.62 prime curves */
add("X9.62 prime192v2", "1.2.840.10045.3.1.2", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
"CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953",
"EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A",
"6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15",
"FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31",
1, nameSplitPattern);
add("X9.62 prime192v3", "1.2.840.10045.3.1.3", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
"22123DC2395A05CAA7423DAECCC94760A7D462256BD56916",
"7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896",
"38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0",
"FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13",
1, nameSplitPattern);
add("X9.62 prime239v1", "1.2.840.10045.3.1.4", P,
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
"6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A",
"0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF",
"7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B",
1, nameSplitPattern);
add("X9.62 prime239v2", "1.2.840.10045.3.1.5", P,
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
"617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C",
"38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7",
"5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA",
"7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063",
1, nameSplitPattern);
add("X9.62 prime239v3", "1.2.840.10045.3.1.6", P,
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
"255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E",
"6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A",
"1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551",
1, nameSplitPattern);
/* SEC2 binary curves */
add("sect113r1", "1.3.132.0.4", B,
"020000000000000000000000000201",
"003088250CA6E7C7FE649CE85820F7",
"00E8BEE4D3E2260744188BE0E9C723",
"009D73616F35F4AB1407D73562C10F",
"00A52830277958EE84D1315ED31886",
"0100000000000000D9CCEC8A39E56F",
2, nameSplitPattern);
add("sect113r2", "1.3.132.0.5", B,
"020000000000000000000000000201",
"00689918DBEC7E5A0DD6DFC0AA55C7",
"0095E9A9EC9B297BD4BF36E059184F",
"01A57A6A7B26CA5EF52FCDB8164797",
"00B3ADC94ED1FE674C06E695BABA1D",
"010000000000000108789B2496AF93",
2, nameSplitPattern);
add("sect131r1", "1.3.132.0.22", B,
"080000000000000000000000000000010D",
"07A11B09A76B562144418FF3FF8C2570B8",
"0217C05610884B63B9C6C7291678F9D341",
"0081BAF91FDF9833C40F9C181343638399",
"078C6E7EA38C001F73C8134B1B4EF9E150",
"0400000000000000023123953A9464B54D",
2, nameSplitPattern);
add("sect131r2", "1.3.132.0.23", B,
"080000000000000000000000000000010D",
"03E5A88919D7CAFCBF415F07C2176573B2",
"04B8266A46C55657AC734CE38F018F2192",
"0356DCD8F2F95031AD652D23951BB366A8",
"0648F06D867940A5366D9E265DE9EB240F",
"0400000000000000016954A233049BA98F",
2, nameSplitPattern);
add("sect163k1 [NIST K-163]", "1.3.132.0.1", BD,
"0800000000000000000000000000000000000000C9",
"000000000000000000000000000000000000000001",
"000000000000000000000000000000000000000001",
"02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
"0289070FB05D38FF58321F2E800536D538CCDAA3D9",
"04000000000000000000020108A2E0CC0D99F8A5EF",
2, nameSplitPattern);
add("sect163r1", "1.3.132.0.2", B,
"0800000000000000000000000000000000000000C9",
"07B6882CAAEFA84F9554FF8428BD88E246D2782AE2",
"0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9",
"0369979697AB43897789566789567F787A7876A654",
"00435EDB42EFAFB2989D51FEFCE3C80988F41FF883",
"03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B",
2, nameSplitPattern);
add("sect163r2 [NIST B-163]", "1.3.132.0.15", BD,
"0800000000000000000000000000000000000000C9",
"000000000000000000000000000000000000000001",
"020A601907B8C953CA1481EB10512F78744A3205FD",
"03F0EBA16286A2D57EA0991168D4994637E8343E36",
"00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
"040000000000000000000292FE77E70C12A4234C33",
2, nameSplitPattern);
add("sect193r1", "1.3.132.0.24", B,
"02000000000000000000000000000000000000000000008001",
"0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01",
"00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814",
"01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1",
"0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05",
"01000000000000000000000000C7F34A778F443ACC920EBA49",
2, nameSplitPattern);
add("sect193r2", "1.3.132.0.25", B,
"02000000000000000000000000000000000000000000008001",
"0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B",
"00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE",
"00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F",
"01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C",
"010000000000000000000000015AAB561B005413CCD4EE99D5",
2, nameSplitPattern);
add("sect233k1 [NIST K-233]", "1.3.132.0.26", BD,
"020000000000000000000000000000000000000004000000000000000001",
"000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000001",
"017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
"01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
"008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF",
4, nameSplitPattern);
add("sect233r1 [NIST B-233]", "1.3.132.0.27", B,
"020000000000000000000000000000000000000004000000000000000001",
"000000000000000000000000000000000000000000000000000000000001",
"0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
"00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
"01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
"01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7",
2, nameSplitPattern);
add("sect239k1", "1.3.132.0.3", B,
"800000000000000000004000000000000000000000000000000000000001",
"000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000001",
"29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC",
"76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA",
"2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5",
4, nameSplitPattern);
add("sect283k1 [NIST K-283]", "1.3.132.0.16", BD,
"0800000000000000000000000000000000000000000000000000000000000000000010A1",
"000000000000000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000000000000000001",
"0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836",
"01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61",
4, nameSplitPattern);
add("sect283r1 [NIST B-283]", "1.3.132.0.17", B,
"0800000000000000000000000000000000000000000000000000000000000000000010A1",
"000000000000000000000000000000000000000000000000000000000000000000000001",
"027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",
"05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053",
"03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",
"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307",
2, nameSplitPattern);
add("sect409k1 [NIST K-409]", "1.3.132.0.36", BD,
"02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",
"01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
"007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
4, nameSplitPattern);
add("sect409r1 [NIST B-409]", "1.3.132.0.37", B,
"02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",
"015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7",
"0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",
"010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173",
2, nameSplitPattern);
add("sect571k1 [NIST K-571]", "1.3.132.0.38", BD,
"080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972",
"0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",
"020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001",
4, nameSplitPattern);
add("sect571r1 [NIST B-571]", "1.3.132.0.39", B,
"080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",
"0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19",
"037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",
"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47",
2, nameSplitPattern);
/* ANSI X9.62 binary curves */
add("X9.62 c2tnb191v1", "1.2.840.10045.3.0.5", B,
"800000000000000000000000000000000000000000000201",
"2866537B676752636A68F56554E12640276B649EF7526267",
"2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC",
"36B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D",
"765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB",
"40000000000000000000000004A20E90C39067C893BBB9A5",
2, nameSplitPattern);
add("X9.62 c2tnb191v2", "1.2.840.10045.3.0.6", B,
"800000000000000000000000000000000000000000000201",
"401028774D7777C7B7666D1366EA432071274F89FF01E718",
"0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01",
"3809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10",
"17434386626D14F3DBF01760D9213A3E1CF37AEC437D668A",
"20000000000000000000000050508CB89F652824E06B8173",
4, nameSplitPattern);
add("X9.62 c2tnb191v3", "1.2.840.10045.3.0.7", B,
"800000000000000000000000000000000000000000000201",
"6C01074756099122221056911C77D77E77A777E7E7E77FCB",
"71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8",
"375D4CE24FDE434489DE8746E71786015009E66E38A926DD",
"545A39176196575D985999366E6AD34CE0A77CD7127B06BE",
"155555555555555555555555610C0B196812BFB6288A3EA3",
6, nameSplitPattern);
add("X9.62 c2tnb239v1", "1.2.840.10045.3.0.11", B,
"800000000000000000000000000000000000000000000000001000000001",
"32010857077C5431123A46B808906756F543423E8D27877578125778AC76",
"790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16",
"57927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D",
"61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305",
"2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447",
4, nameSplitPattern);
add("X9.62 c2tnb239v2", "1.2.840.10045.3.0.12", B,
"800000000000000000000000000000000000000000000000001000000001",
"4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F",
"5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B",
"28F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205",
"5667334C45AFF3B5A03BAD9DD75E2C71A99362567D5453F7FA6E227EC833",
"1555555555555555555555555555553C6F2885259C31E3FCDF154624522D",
6, nameSplitPattern);
add("X9.62 c2tnb239v3", "1.2.840.10045.3.0.13", B,
"800000000000000000000000000000000000000000000000001000000001",
"01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F",
"6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40",
"70F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92",
"2E5A0EAF6E5E1305B9004DCE5C0ED7FE59A35608F33837C816D80B79F461",
"0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF",
0xA, nameSplitPattern);
add("X9.62 c2tnb359v1", "1.2.840.10045.3.0.18", B,
"800000000000000000000000000000000000000000000000000000000000000000000000100000000000000001",
"5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05656FB549016A96656A557",
"2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC345626089687742B6329E70680231988",
"3C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE98E8E707C07A2239B1B097",
"53D7E08529547048121E9C95F3791DD804963948F34FAE7BF44EA82365DC7868FE57E4AE2DE211305A407104BD",
"01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB964FE7719E74F490758D3B",
0x4C, nameSplitPattern);
add("X9.62 c2tnb431r1", "1.2.840.10045.3.0.20", B,
"800000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000001",
"1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0EB9906D0957F6C6FEACD615468DF104DE296CD8F",
"10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B626D4E50A8DD731B107A9962381FB5D807BF2618",
"120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C21E7C5EFE965361F6C2999C0C247B0DBD70CE6B7",
"20D0AF8903A96F8D5FA2C255745D3C451B302C9346D9B7E485E7BCE41F6B591F3E8F6ADDCBB0BC4C2F947A7DE1A89B625D6A598B3760",
"0340340340340340340340340340340340340340340340340340340323C313FAB50589703B5EC68D3587FEC60D161CC149C1AD4A91",
0x2760, nameSplitPattern);
/* ANSI X9.62 binary curves from the 1998 standard but forbidden
* in the 2005 version of the standard.
* We don't register them but leave them here for the time being in
* case we need to support them after all.
*/
/*
add("X9.62 c2pnb163v1", "1.2.840.10045.3.0.1", B,
"080000000000000000000000000000000000000107",
"072546B5435234A422E0789675F432C89435DE5242",
"00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9",
"07AF69989546103D79329FCC3D74880F33BBE803CB",
"01EC23211B5966ADEA1D3F87F7EA5848AEF0B7CA9F",
"0400000000000000000001E60FC8821CC74DAEAFC1",
2, nameSplitPattern);
add("X9.62 c2pnb163v2", "1.2.840.10045.3.0.2", B,
"080000000000000000000000000000000000000107",
"0108B39E77C4B108BED981ED0E890E117C511CF072",
"0667ACEB38AF4E488C407433FFAE4F1C811638DF20",
"0024266E4EB5106D0A964D92C4860E2671DB9B6CC5",
"079F684DDF6684C5CD258B3890021B2386DFD19FC5",
"03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7",
2, nameSplitPattern);
add("X9.62 c2pnb163v3", "1.2.840.10045.3.0.3", B,
"080000000000000000000000000000000000000107",
"07A526C63D3E25A256A007699F5447E32AE456B50E",
"03F7061798EB99E238FD6F1BF95B48FEEB4854252B",
"02F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB",
"05B935590C155E17EA48EB3FF3718B893DF59A05D0",
"03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309",
2, nameSplitPattern);
add("X9.62 c2pnb176w1", "1.2.840.10045.3.0.4", B,
"0100000000000000000000000000000000080000000007",
"E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B",
"5DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2",
"8D16C2866798B600F9F08BB4A8E860F3298CE04A5798",
"6FA4539C2DADDDD6BAB5167D61B436E1D92BB16A562C",
"00010092537397ECA4F6145799D62B0A19CE06FE26AD",
0xFF6E, nameSplitPattern);
add("X9.62 c2pnb208w1", "1.2.840.10045.3.0.10", B,
"010000000000000000000000000000000800000000000000000007",
"0000000000000000000000000000000000000000000000000000",
"C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E",
"89FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A",
"0F55B51A06E78E9AC38A035FF520D8B01781BEB1A6BB08617DE3",
"000101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D",
0xFE48, nameSplitPattern);
add("X9.62 c2pnb272w1", "1.2.840.10045.3.0.16", B,
"010000000000000000000000000000000000000000000000000000010000000000000B",
"91A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20",
"7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7",
"6108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D",
"10C7695716851EEF6BA7F6872E6142FBD241B830FF5EFCACECCAB05E02005DDE9D23",
"000100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521",
0xFF06, nameSplitPattern);
add("X9.62 c2pnb304w1", "1.2.840.10045.3.0.17", B,
"010000000000000000000000000000000000000000000000000000000000000000000000000807",
"FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A0396C8E681",
"BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E55827340BE",
"197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F740A2614",
"E19FBEB76E0DA171517ECF401B50289BF014103288527A9B416A105E80260B549FDC1B92C03B",
"000101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164443051D",
0xFE2E, nameSplitPattern);
add("X9.62 c2pnb368w1", "1.2.840.10045.3.0.19", B,
"0100000000000000000000000000000000000000000000000000000000000000000000002000000000000000000007",
"E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62F0AB7519CCD2A1A906AE30D",
"FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112D84D164F444F8F74786046A",
"1085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E789E927BE216F02E1FB136A5F",
"7B3EB1BDDCBA62D5D8B2059B525797FC73822C59059C623A45FF3843CEE8F87CD1855ADAA81E2A0750B80FDA2310",
"00010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E909AE40A6F131E9CFCE5BD967",
0xFF70, nameSplitPattern);
*/
specCollection = Collections.unmodifiableCollection(oidMap.values());
}
}
src/share/classes/sun/security/ec/ECDHKeyAgreement.java
浏览文件 @ 6644acde
...@@ -32,6 +32,8 @@ import java.security.spec.*; ...@@ -32,6 +32,8 @@ import java.security.spec.*;
import javax.crypto.*; import javax.crypto.*;
import javax.crypto.spec.*; import javax.crypto.spec.*;
import sun.security.util.ECUtil;
/** /**
* KeyAgreement implementation for ECDH. * KeyAgreement implementation for ECDH.
* *
...@@ -104,7 +106,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi { ...@@ -104,7 +106,7 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
publicValue = ((ECPublicKeyImpl)ecKey).getEncodedPublicValue(); publicValue = ((ECPublicKeyImpl)ecKey).getEncodedPublicValue();
} else { // instanceof ECPublicKey } else { // instanceof ECPublicKey
publicValue = publicValue =
ECParameters.encodePoint(ecKey.getW(), params.getCurve()); ECUtil.encodePoint(ecKey.getW(), params.getCurve());
} }
int keyLenBits = params.getCurve().getField().getFieldSize(); int keyLenBits = params.getCurve().getField().getFieldSize();
secretLen = (keyLenBits + 7) >> 3; secretLen = (keyLenBits + 7) >> 3;
...@@ -120,8 +122,8 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi { ...@@ -120,8 +122,8 @@ public final class ECDHKeyAgreement extends KeyAgreementSpi {
} }
byte[] s = privateKey.getS().toByteArray(); byte[] s = privateKey.getS().toByteArray();
byte[] encodedParams = byte[] encodedParams = // DER OID
ECParameters.encodeParameters(privateKey.getParams()); // DER OID ECUtil.encodeECParameterSpec(null, privateKey.getParams());
try { try {
......
src/share/classes/sun/security/ec/ECDSASignature.java
浏览文件 @ 6644acde
...@@ -275,7 +275,8 @@ abstract class ECDSASignature extends SignatureSpi { ...@@ -275,7 +275,8 @@ abstract class ECDSASignature extends SignatureSpi {
protected byte[] engineSign() throws SignatureException { protected byte[] engineSign() throws SignatureException {
byte[] s = privateKey.getS().toByteArray(); byte[] s = privateKey.getS().toByteArray();
ECParameterSpec params = privateKey.getParams(); ECParameterSpec params = privateKey.getParams();
byte[] encodedParams = ECParameters.encodeParameters(params); // DER OID // DER OID
byte[] encodedParams = ECUtil.encodeECParameterSpec(null, params);
int keySize = params.getCurve().getField().getFieldSize(); int keySize = params.getCurve().getField().getFieldSize();
// seed is twice the key size (in bytes) plus 1 // seed is twice the key size (in bytes) plus 1
...@@ -301,12 +302,13 @@ abstract class ECDSASignature extends SignatureSpi { ...@@ -301,12 +302,13 @@ abstract class ECDSASignature extends SignatureSpi {
byte[] w; byte[] w;
ECParameterSpec params = publicKey.getParams(); ECParameterSpec params = publicKey.getParams();
byte[] encodedParams = ECParameters.encodeParameters(params); // DER OID // DER OID
byte[] encodedParams = ECUtil.encodeECParameterSpec(null, params);
if (publicKey instanceof ECPublicKeyImpl) { if (publicKey instanceof ECPublicKeyImpl) {
w = ((ECPublicKeyImpl)publicKey).getEncodedPublicValue(); w = ((ECPublicKeyImpl)publicKey).getEncodedPublicValue();
} else { // instanceof ECPublicKey } else { // instanceof ECPublicKey
w = ECParameters.encodePoint(publicKey.getW(), params.getCurve()); w = ECUtil.encodePoint(publicKey.getW(), params.getCurve());
} }
try { try {
......
src/share/classes/sun/security/ec/ECKeyPairGenerator.java
浏览文件 @ 6644acde
/* /*
* Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -37,6 +37,7 @@ import sun.security.ec.ECParameters; ...@@ -37,6 +37,7 @@ import sun.security.ec.ECParameters;
import sun.security.ec.ECPrivateKeyImpl; import sun.security.ec.ECPrivateKeyImpl;
import sun.security.ec.ECPublicKeyImpl; import sun.security.ec.ECPublicKeyImpl;
import sun.security.jca.JCAUtil; import sun.security.jca.JCAUtil;
import sun.security.util.ECUtil;
/** /**
* EC keypair generator. * EC keypair generator.
...@@ -72,7 +73,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi { ...@@ -72,7 +73,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
public void initialize(int keySize, SecureRandom random) { public void initialize(int keySize, SecureRandom random) {
checkKeySize(keySize); checkKeySize(keySize);
this.params = NamedCurve.getECParameterSpec(keySize); this.params = ECUtil.getECParameterSpec(null, keySize);
if (params == null) { if (params == null) {
throw new InvalidParameterException( throw new InvalidParameterException(
"No EC parameters available for key size " + keySize + " bits"); "No EC parameters available for key size " + keySize + " bits");
...@@ -86,14 +87,15 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi { ...@@ -86,14 +87,15 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
throws InvalidAlgorithmParameterException { throws InvalidAlgorithmParameterException {
if (params instanceof ECParameterSpec) { if (params instanceof ECParameterSpec) {
this.params = ECParameters.getNamedCurve((ECParameterSpec)params); this.params = ECUtil.getECParameterSpec(null,
(ECParameterSpec)params);
if (this.params == null) { if (this.params == null) {
throw new InvalidAlgorithmParameterException( throw new InvalidAlgorithmParameterException(
"Unsupported curve: " + params); "Unsupported curve: " + params);
} }
} else if (params instanceof ECGenParameterSpec) { } else if (params instanceof ECGenParameterSpec) {
String name = ((ECGenParameterSpec)params).getName(); String name = ((ECGenParameterSpec)params).getName();
this.params = NamedCurve.getECParameterSpec(name); this.params = ECUtil.getECParameterSpec(null, name);
if (this.params == null) { if (this.params == null) {
throw new InvalidAlgorithmParameterException( throw new InvalidAlgorithmParameterException(
"Unknown curve name: " + name); "Unknown curve name: " + name);
...@@ -112,7 +114,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi { ...@@ -112,7 +114,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
public KeyPair generateKeyPair() { public KeyPair generateKeyPair() {
byte[] encodedParams = byte[] encodedParams =
ECParameters.encodeParameters((ECParameterSpec)params); ECUtil.encodeECParameterSpec(null, (ECParameterSpec)params);
// seed is twice the key size (in bytes) plus 1 // seed is twice the key size (in bytes) plus 1
byte[] seed = new byte[(((keySize + 7) >> 3) + 1) * 2]; byte[] seed = new byte[(((keySize + 7) >> 3) + 1) * 2];
...@@ -135,7 +137,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi { ...@@ -135,7 +137,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
new ECPrivateKeyImpl(s, (ECParameterSpec)params); new ECPrivateKeyImpl(s, (ECParameterSpec)params);
// handles[1] points to the native public key // handles[1] points to the native public key
ECPoint w = ECParameters.decodePoint(getEncodedBytes(handles[1]), ECPoint w = ECUtil.decodePoint(getEncodedBytes(handles[1]),
((ECParameterSpec)params).getCurve()); ((ECParameterSpec)params).getCurve());
PublicKey publicKey = PublicKey publicKey =
new ECPublicKeyImpl(w, (ECParameterSpec)params); new ECPublicKeyImpl(w, (ECParameterSpec)params);
......
src/share/classes/sun/security/ec/ECParameters.java
浏览文件 @ 6644acde
...@@ -26,7 +26,6 @@ ...@@ -26,7 +26,6 @@
package sun.security.ec; package sun.security.ec;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger;
import java.security.*; import java.security.*;
import java.security.spec.*; import java.security.spec.*;
...@@ -77,128 +76,75 @@ import sun.security.util.*; ...@@ -77,128 +76,75 @@ import sun.security.util.*;
*/ */
public final class ECParameters extends AlgorithmParametersSpi { public final class ECParameters extends AlgorithmParametersSpi {
// used by ECPublicKeyImpl and ECPrivateKeyImpl
static AlgorithmParameters getAlgorithmParameters(ECParameterSpec spec)
throws InvalidKeyException {
try {
AlgorithmParameters params =
AlgorithmParameters.getInstance("EC", "SunEC");
params.init(spec);
return params;
} catch (GeneralSecurityException e) {
throw new InvalidKeyException("EC parameters error", e);
}
}
/*
* The parameters these AlgorithmParameters object represents.
* Currently, it is always an instance of NamedCurve.
*/
private NamedCurve namedCurve;
// A public constructor is required by AlgorithmParameters class.
public ECParameters() { public ECParameters() {
// empty // empty
} }
// Used by SunPKCS11 and SunJSSE. // AlgorithmParameterSpi methods
public static ECPoint decodePoint(byte[] data, EllipticCurve curve)
throws IOException {
if ((data.length == 0) || (data[0] != 4)) {
throw new IOException("Only uncompressed point format supported");
}
// Per ANSI X9.62, an encoded point is a 1 byte type followed by
// ceiling(log base 2 field-size / 8) bytes of x and the same of y.
int n = (data.length - 1) / 2;
if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {
throw new IOException("Point does not match field size");
}
byte[] xb = new byte[n];
byte[] yb = new byte[n];
System.arraycopy(data, 1, xb, 0, n);
System.arraycopy(data, n + 1, yb, 0, n);
return new ECPoint(new BigInteger(1, xb), new BigInteger(1, yb));
}
// Used by SunPKCS11 and SunJSSE. protected void engineInit(AlgorithmParameterSpec paramSpec)
public static byte[] encodePoint(ECPoint point, EllipticCurve curve) { throws InvalidParameterSpecException {
// get field size in bytes (rounding up)
int n = (curve.getField().getFieldSize() + 7) >> 3;
byte[] xb = trimZeroes(point.getAffineX().toByteArray());
byte[] yb = trimZeroes(point.getAffineY().toByteArray());
if ((xb.length > n) || (yb.length > n)) {
throw new RuntimeException
("Point coordinates do not match field size");
}
byte[] b = new byte[1 + (n << 1)];
b[0] = 4; // uncompressed
System.arraycopy(xb, 0, b, n - xb.length + 1, xb.length);
System.arraycopy(yb, 0, b, b.length - yb.length, yb.length);
return b;
}
// Copied from the SunPKCS11 code - should be moved to a common location. if (paramSpec == null) {
// trim leading (most significant) zeroes from the result throw new InvalidParameterSpecException
static byte[] trimZeroes(byte[] b) { ("paramSpec must not be null");
int i = 0;
while ((i < b.length - 1) && (b[i] == 0)) {
i++;
}
if (i == 0) {
return b;
}
byte[] t = new byte[b.length - i];
System.arraycopy(b, i, t, 0, t.length);
return t;
} }
// Convert the given ECParameterSpec object to a NamedCurve object. if (paramSpec instanceof NamedCurve) {
// If params does not represent a known named curve, return null. namedCurve = (NamedCurve)paramSpec;
// Used by SunPKCS11. return;
public static NamedCurve getNamedCurve(ECParameterSpec params) {
if ((params instanceof NamedCurve) || (params == null)) {
return (NamedCurve)params;
}
// This is a hack to allow SunJSSE to work with 3rd party crypto
// providers for ECC and not just SunPKCS11.
// This can go away once we decide how to expose curve names in the
// public API.
// Note that it assumes that the 3rd party provider encodes named
// curves using the short form, not explicitly. If it did that, then
// the SunJSSE TLS ECC extensions are wrong, which could lead to
// interoperability problems.
int fieldSize = params.getCurve().getField().getFieldSize();
for (ECParameterSpec namedCurve : NamedCurve.knownECParameterSpecs()) {
// ECParameterSpec does not define equals, so check all the
// components ourselves.
// Quick field size check first
if (namedCurve.getCurve().getField().getFieldSize() != fieldSize) {
continue;
}
if (namedCurve.getCurve().equals(params.getCurve()) == false) {
continue;
}
if (namedCurve.getGenerator().equals(params.getGenerator()) == false) {
continue;
}
if (namedCurve.getOrder().equals(params.getOrder()) == false) {
continue;
}
if (namedCurve.getCofactor() != params.getCofactor()) {
continue;
}
// everything matches our named curve, return it
return (NamedCurve)namedCurve;
}
// no match found
return null;
} }
// Used by SunJSSE. if (paramSpec instanceof ECParameterSpec) {
public static String getCurveName(ECParameterSpec params) { namedCurve = CurveDB.lookup((ECParameterSpec)paramSpec);
NamedCurve curve = getNamedCurve(params); } else if (paramSpec instanceof ECGenParameterSpec) {
return (curve == null) ? null : curve.getObjectIdentifier().toString(); String name = ((ECGenParameterSpec)paramSpec).getName();
namedCurve = CurveDB.lookup(name);
} else if (paramSpec instanceof ECKeySizeParameterSpec) {
int keySize = ((ECKeySizeParameterSpec)paramSpec).getKeySize();
namedCurve = CurveDB.lookup(keySize);
} else {
throw new InvalidParameterSpecException
("Only ECParameterSpec and ECGenParameterSpec supported");
} }
// Used by SunPKCS11. if (namedCurve == null) {
public static byte[] encodeParameters(ECParameterSpec params) { throw new InvalidParameterSpecException(
NamedCurve curve = getNamedCurve(params); "Not a supported curve: " + paramSpec);
if (curve == null) {
throw new RuntimeException("Not a known named curve: " + params);
} }
return curve.getEncoded();
} }
// Used by SunPKCS11. protected void engineInit(byte[] params) throws IOException {
public static ECParameterSpec decodeParameters(byte[] params) throws IOException {
DerValue encodedParams = new DerValue(params); DerValue encodedParams = new DerValue(params);
if (encodedParams.tag == DerValue.tag_ObjectId) { if (encodedParams.tag == DerValue.tag_ObjectId) {
ObjectIdentifier oid = encodedParams.getOID(); ObjectIdentifier oid = encodedParams.getOID();
ECParameterSpec spec = NamedCurve.getECParameterSpec(oid); NamedCurve spec = CurveDB.lookup(oid.toString());
if (spec == null) { if (spec == null) {
throw new IOException("Unknown named curve: " + oid); throw new IOException("Unknown named curve: " + oid);
} }
return spec;
namedCurve = spec;
return;
} }
throw new IOException("Only named ECParameters supported"); throw new IOException("Only named ECParameters supported");
...@@ -208,7 +154,8 @@ public final class ECParameters extends AlgorithmParametersSpi { ...@@ -208,7 +154,8 @@ public final class ECParameters extends AlgorithmParametersSpi {
/* /*
if (encodedParams.tag != DerValue.tag_Sequence) { if (encodedParams.tag != DerValue.tag_Sequence) {
throw new IOException("Unsupported EC parameters, tag: " + encodedParams.tag); throw new IOException("Unsupported EC parameters, tag: " +
encodedParams.tag);
} }
encodedParams.data.reset(); encodedParams.data.reset();
...@@ -217,7 +164,8 @@ public final class ECParameters extends AlgorithmParametersSpi { ...@@ -217,7 +164,8 @@ public final class ECParameters extends AlgorithmParametersSpi {
int version = in.getInteger(); int version = in.getInteger();
if (version != 1) { if (version != 1) {
throw new IOException("Unsupported EC parameters version: " + version); throw new IOException("Unsupported EC parameters version: " +
version);
} }
ECField field = parseField(in); ECField field = parseField(in);
EllipticCurve curve = parseCurve(in, field); EllipticCurve curve = parseCurve(in, field);
...@@ -242,110 +190,49 @@ public final class ECParameters extends AlgorithmParametersSpi { ...@@ -242,110 +190,49 @@ public final class ECParameters extends AlgorithmParametersSpi {
*/ */
} }
/* protected void engineInit(byte[] params, String decodingMethod)
private static final ObjectIdentifier fieldTypePrime =
ObjectIdentifier.newInternal(new int[] {1, 2, 840, 10045, 1, 1});
private static final ObjectIdentifier fieldTypeChar2 =
ObjectIdentifier.newInternal(new int[] {1, 2, 840, 10045, 1, 2});
private static ECField parseField(DerInputStream in) throws IOException {
DerValue v = in.getDerValue();
ObjectIdentifier oid = v.data.getOID();
if (oid.equals(fieldTypePrime) == false) {
throw new IOException("Only prime fields supported: " + oid);
}
BigInteger fieldSize = v.data.getBigInteger();
return new ECFieldFp(fieldSize);
}
private static EllipticCurve parseCurve(DerInputStream in, ECField field)
throws IOException { throws IOException {
DerValue v = in.getDerValue(); engineInit(params);
byte[] ab = v.data.getOctetString();
byte[] bb = v.data.getOctetString();
return new EllipticCurve(field, new BigInteger(1, ab), new BigInteger(1, bb));
}
private static ECPoint parsePoint(DerInputStream in, EllipticCurve curve)
throws IOException {
byte[] data = in.getOctetString();
return decodePoint(data, curve);
}
*/
// used by ECPublicKeyImpl and ECPrivateKeyImpl
static AlgorithmParameters getAlgorithmParameters(ECParameterSpec spec)
throws InvalidKeyException {
try {
AlgorithmParameters params =
AlgorithmParameters.getInstance("EC", "SunEC");
params.init(spec);
return params;
} catch (GeneralSecurityException e) {
throw new InvalidKeyException("EC parameters error", e);
}
} }
// AlgorithmParameterSpi methods protected <T extends AlgorithmParameterSpec> T
engineGetParameterSpec(Class<T> spec)
// The parameters these AlgorithmParameters object represents.
// Currently, it is always an instance of NamedCurve.
private ECParameterSpec paramSpec;
protected void engineInit(AlgorithmParameterSpec paramSpec)
throws InvalidParameterSpecException { throws InvalidParameterSpecException {
if (paramSpec instanceof ECParameterSpec) {
this.paramSpec = getNamedCurve((ECParameterSpec)paramSpec);
if (this.paramSpec == null) {
throw new InvalidParameterSpecException
("Not a supported named curve: " + paramSpec);
}
} else if (paramSpec instanceof ECGenParameterSpec) {
String name = ((ECGenParameterSpec)paramSpec).getName();
ECParameterSpec spec = NamedCurve.getECParameterSpec(name);
if (spec == null) {
throw new InvalidParameterSpecException("Unknown curve: " + name);
}
this.paramSpec = spec;
} else if (paramSpec == null) {
throw new InvalidParameterSpecException
("paramSpec must not be null");
} else {
throw new InvalidParameterSpecException
("Only ECParameterSpec and ECGenParameterSpec supported");
}
}
protected void engineInit(byte[] params) throws IOException { if (spec.isAssignableFrom(ECParameterSpec.class)) {
paramSpec = decodeParameters(params); return spec.cast(namedCurve);
} }
protected void engineInit(byte[] params, String decodingMethod) throws IOException { if (spec.isAssignableFrom(ECGenParameterSpec.class)) {
engineInit(params); // Ensure the name is the Object ID
String name = namedCurve.getObjectId();
return spec.cast(new ECGenParameterSpec(name));
} }
protected <T extends AlgorithmParameterSpec> T engineGetParameterSpec(Class<T> spec) if (spec.isAssignableFrom(ECKeySizeParameterSpec.class)) {
throws InvalidParameterSpecException { int keySize = namedCurve.getCurve().getField().getFieldSize();
if (spec.isAssignableFrom(ECParameterSpec.class)) { return spec.cast(new ECKeySizeParameterSpec(keySize));
return spec.cast(paramSpec);
} else if (spec.isAssignableFrom(ECGenParameterSpec.class)) {
return spec.cast(new ECGenParameterSpec(getCurveName(paramSpec)));
} else {
throw new InvalidParameterSpecException
("Only ECParameterSpec and ECGenParameterSpec supported");
} }
throw new InvalidParameterSpecException(
"Only ECParameterSpec and ECGenParameterSpec supported");
} }
protected byte[] engineGetEncoded() throws IOException { protected byte[] engineGetEncoded() throws IOException {
return encodeParameters(paramSpec); return namedCurve.getEncoded();
} }
protected byte[] engineGetEncoded(String encodingMethod) throws IOException { protected byte[] engineGetEncoded(String encodingMethod)
throws IOException {
return engineGetEncoded(); return engineGetEncoded();
} }
protected String engineToString() { protected String engineToString() {
return paramSpec.toString(); if (namedCurve == null) {
return "Not initialized";
}
return namedCurve.toString();
} }
} }
src/share/classes/sun/security/ec/ECPrivateKeyImpl.java
浏览文件 @ 6644acde
/* /*
* Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -67,18 +67,17 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey { ...@@ -67,18 +67,17 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey {
private ECParameterSpec params; private ECParameterSpec params;
/** /**
* Construct a key from its encoding. Called by the ECKeyFactory and * Construct a key from its encoding. Called by the ECKeyFactory.
* the SunPKCS11 code.
*/ */
public ECPrivateKeyImpl(byte[] encoded) throws InvalidKeyException { ECPrivateKeyImpl(byte[] encoded) throws InvalidKeyException {
decode(encoded); decode(encoded);
} }
/** /**
* Construct a key from its components. Used by the * Construct a key from its components. Used by the
* KeyFactory and the SunPKCS11 code. * KeyFactory.
*/ */
public ECPrivateKeyImpl(BigInteger s, ECParameterSpec params) ECPrivateKeyImpl(BigInteger s, ECParameterSpec params)
throws InvalidKeyException { throws InvalidKeyException {
this.s = s; this.s = s;
this.params = params; this.params = params;
...@@ -88,7 +87,7 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey { ...@@ -88,7 +87,7 @@ public final class ECPrivateKeyImpl extends PKCS8Key implements ECPrivateKey {
try { try {
DerOutputStream out = new DerOutputStream(); DerOutputStream out = new DerOutputStream();
out.putInteger(1); // version 1 out.putInteger(1); // version 1
byte[] privBytes = ECParameters.trimZeroes(s.toByteArray()); byte[] privBytes = ECUtil.trimZeroes(s.toByteArray());
out.putOctetString(privBytes); out.putOctetString(privBytes);
DerValue val = DerValue val =
new DerValue(DerValue.tag_Sequence, out.toByteArray()); new DerValue(DerValue.tag_Sequence, out.toByteArray());
......
src/share/classes/sun/security/ec/ECPublicKeyImpl.java
浏览文件 @ 6644acde
...@@ -49,23 +49,23 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey { ...@@ -49,23 +49,23 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey {
/** /**
* Construct a key from its components. Used by the * Construct a key from its components. Used by the
* ECKeyFactory and SunPKCS11. * ECKeyFactory.
*/ */
@SuppressWarnings("deprecation") @SuppressWarnings("deprecation")
public ECPublicKeyImpl(ECPoint w, ECParameterSpec params) ECPublicKeyImpl(ECPoint w, ECParameterSpec params)
throws InvalidKeyException { throws InvalidKeyException {
this.w = w; this.w = w;
this.params = params; this.params = params;
// generate the encoding // generate the encoding
algid = new AlgorithmId algid = new AlgorithmId
(AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(params)); (AlgorithmId.EC_oid, ECParameters.getAlgorithmParameters(params));
key = ECParameters.encodePoint(w, params.getCurve()); key = ECUtil.encodePoint(w, params.getCurve());
} }
/** /**
* Construct a key from its encoding. Used by RSAKeyFactory. * Construct a key from its encoding.
*/ */
public ECPublicKeyImpl(byte[] encoded) throws InvalidKeyException { ECPublicKeyImpl(byte[] encoded) throws InvalidKeyException {
decode(encoded); decode(encoded);
} }
...@@ -104,7 +104,7 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey { ...@@ -104,7 +104,7 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey {
try { try {
params = algParams.getParameterSpec(ECParameterSpec.class); params = algParams.getParameterSpec(ECParameterSpec.class);
w = ECParameters.decodePoint(key, params.getCurve()); w = ECUtil.decodePoint(key, params.getCurve());
} catch (IOException e) { } catch (IOException e) {
throw new InvalidKeyException("Invalid EC key", e); throw new InvalidKeyException("Invalid EC key", e);
} catch (InvalidParameterSpecException e) { } catch (InvalidParameterSpecException e) {
......
src/share/classes/sun/security/ec/NamedCurve.java
浏览文件 @ 6644acde
/* /*
* Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -27,638 +27,60 @@ package sun.security.ec; ...@@ -27,638 +27,60 @@ package sun.security.ec;
import java.io.IOException; import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
import java.util.*;
import java.util.regex.Pattern;
import java.security.spec.*; import java.security.spec.*;
import sun.security.util.ObjectIdentifier;
import sun.security.util.DerOutputStream; import sun.security.util.DerOutputStream;
import sun.security.util.ObjectIdentifier;
/** /**
* Repository for well-known Elliptic Curve parameters. It is used by both * Contains Elliptic Curve parameters.
* the SunPKCS11 and SunJSSE code.
* *
* @since 1.6 * @since 1.6
* @author Andreas Sterbenz * @author Andreas Sterbenz
*/ */
public final class NamedCurve extends ECParameterSpec { class NamedCurve extends ECParameterSpec {
// friendly name for toString() output // friendly name for toString() output
private final String name; private final String name;
// well known OID // well known OID
private final ObjectIdentifier oid; private final String oid;
// encoded form (as NamedCurve identified via OID) // encoded form (as NamedCurve identified via OID)
private final byte[] encoded; private final byte[] encoded;
private NamedCurve(String name, ObjectIdentifier oid, EllipticCurve curve, NamedCurve(String name, String oid, EllipticCurve curve,
ECPoint g, BigInteger n, int h) throws IOException { ECPoint g, BigInteger n, int h) {
super(curve, g, n, h); super(curve, g, n, h);
this.name = name; this.name = name;
this.oid = oid; this.oid = oid;
DerOutputStream out = new DerOutputStream(); DerOutputStream out = new DerOutputStream();
out.putOID(oid);
encoded = out.toByteArray();
}
// Return a NamedCurve for the specified OID/name or null if unknown. try {
// Used by SunJSSE and SunPKCS11. out.putOID(new ObjectIdentifier(oid));
public static ECParameterSpec getECParameterSpec(String name) { } catch (IOException e) {
NamedCurve spec = oidMap.get(name); throw new RuntimeException("Internal error", e);
return (spec != null) ? spec : nameMap.get(name);
}
// Return a NamedCurve for the specified OID or null if unknown.
static ECParameterSpec getECParameterSpec(ObjectIdentifier oid) {
return getECParameterSpec(oid.toString());
} }
// Return EC parameters for the specified field size. If there are known encoded = out.toByteArray();
// NIST recommended parameters for the given length, they are returned.
// Otherwise, if there are multiple matches for the given size, an
// arbitrary one is returns.
// If no parameters are known, the method returns null.
// NOTE that this method returns both prime and binary curves.
// Used by SunPKCS11.
public static ECParameterSpec getECParameterSpec(int length) {
return lengthMap.get(length);
} }
// Used by unit tests. String getName() {
public static Collection<? extends ECParameterSpec> knownECParameterSpecs() { return name;
return Collections.unmodifiableCollection(oidMap.values());
} }
byte[] getEncoded() { byte[] getEncoded() {
return encoded.clone(); return encoded.clone();
} }
ObjectIdentifier getObjectIdentifier() { String getObjectId() {
return oid; return oid;
} }
public String toString() { public String toString() {
return name + " (" + oid + ")"; return name + " (" + oid + ")";
} }
private static final Map<String,NamedCurve> oidMap =
new LinkedHashMap<String,NamedCurve>();
private static final Map<String,NamedCurve> nameMap =
new HashMap<String,NamedCurve>();
private static final Map<Integer,NamedCurve> lengthMap =
new HashMap<Integer,NamedCurve>();
private static BigInteger bi(String s) {
return new BigInteger(s, 16);
}
private static Pattern SPLIT_PATTERN = Pattern.compile(",|\\[|\\]");
private static void add(String name, String soid, int type, String sfield,
String a, String b, String x, String y, String n, int h) {
BigInteger p = bi(sfield);
ECField field;
if ((type == P) || (type == PD)) {
field = new ECFieldFp(p);
} else if ((type == B) || (type == BD)) {
field = new ECFieldF2m(p.bitLength() - 1, p);
} else {
throw new RuntimeException("Invalid type: " + type);
}
EllipticCurve curve = new EllipticCurve(field, bi(a), bi(b));
ECPoint g = new ECPoint(bi(x), bi(y));
try {
ObjectIdentifier oid = new ObjectIdentifier(soid);
NamedCurve params = new NamedCurve(name, oid, curve, g, bi(n), h);
if (oidMap.put(soid, params) != null) {
throw new RuntimeException("Duplication oid: " + soid);
}
String[] commonNames = SPLIT_PATTERN.split(name);
for (String commonName : commonNames) {
if (nameMap.put(commonName.trim(), params) != null) {
throw new RuntimeException("Duplication name: " + commonName);
}
}
int len = field.getFieldSize();
if ((type == PD) || (type == BD) || (lengthMap.get(len) == null)) {
// add entry if none present for this field size or if
// the curve is marked as a default curve.
lengthMap.put(len, params);
}
} catch (IOException e) {
throw new RuntimeException("Internal error", e);
}
}
private final static int P = 1; // prime curve
private final static int B = 2; // binary curve
private final static int PD = 5; // prime curve, mark as default
private final static int BD = 6; // binary curve, mark as default
static {
/* SEC2 prime curves */
add("secp112r1", "1.3.132.0.6", P,
"DB7C2ABF62E35E668076BEAD208B",
"DB7C2ABF62E35E668076BEAD2088",
"659EF8BA043916EEDE8911702B22",
"09487239995A5EE76B55F9C2F098",
"A89CE5AF8724C0A23E0E0FF77500",
"DB7C2ABF62E35E7628DFAC6561C5",
1);
add("secp112r2", "1.3.132.0.7", P,
"DB7C2ABF62E35E668076BEAD208B",
"6127C24C05F38A0AAAF65C0EF02C",
"51DEF1815DB5ED74FCC34C85D709",
"4BA30AB5E892B4E1649DD0928643",
"adcd46f5882e3747def36e956e97",
"36DF0AAFD8B8D7597CA10520D04B",
4);
add("secp128r1", "1.3.132.0.28", P,
"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",
"E87579C11079F43DD824993C2CEE5ED3",
"161FF7528B899B2D0C28607CA52C5B86",
"CF5AC8395BAFEB13C02DA292DDED7A83",
"FFFFFFFE0000000075A30D1B9038A115",
1);
add("secp128r2", "1.3.132.0.29", P,
"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
"D6031998D1B3BBFEBF59CC9BBFF9AEE1",
"5EEEFCA380D02919DC2C6558BB6D8A5D",
"7B6AA5D85E572983E6FB32A7CDEBC140",
"27B6916A894D3AEE7106FE805FC34B44",
"3FFFFFFF7FFFFFFFBE0024720613B5A3",
4);
add("secp160k1", "1.3.132.0.9", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
"0000000000000000000000000000000000000000",
"0000000000000000000000000000000000000007",
"3B4C382CE37AA192A4019E763036F4F5DD4D7EBB",
"938CF935318FDCED6BC28286531733C3F03C4FEE",
"0100000000000000000001B8FA16DFAB9ACA16B6B3",
1);
add("secp160r1", "1.3.132.0.8", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",
"1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
"4A96B5688EF573284664698968C38BB913CBFC82",
"23A628553168947D59DCC912042351377AC5FB32",
"0100000000000000000001F4C8F927AED3CA752257",
1);
add("secp160r2", "1.3.132.0.30", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70",
"B4E134D3FB59EB8BAB57274904664D5AF50388BA",
"52DCB034293A117E1F4FF11B30F7199D3144CE6D",
"FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E",
"0100000000000000000000351EE786A818F3A1A16B",
1);
add("secp192k1", "1.3.132.0.31", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37",
"000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000003",
"DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D",
"9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D",
"FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D",
1);
add("secp192r1 [NIST P-192, X9.62 prime192v1]", "1.2.840.10045.3.1.1", PD,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
"64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
"188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
"07192B95FFC8DA78631011ED6B24CDD573F977A11E794811",
"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",
1);
add("secp224k1", "1.3.132.0.32", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D",
"00000000000000000000000000000000000000000000000000000000",
"00000000000000000000000000000000000000000000000000000005",
"A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C",
"7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5",
"010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7",
1);
add("secp224r1 [NIST P-224]", "1.3.132.0.33", PD,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
"B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
"B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
"BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
1);
add("secp256k1", "1.3.132.0.10", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",
"0000000000000000000000000000000000000000000000000000000000000000",
"0000000000000000000000000000000000000000000000000000000000000007",
"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",
"483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",
1);
add("secp256r1 [NIST P-256, X9.62 prime256v1]", "1.2.840.10045.3.1.7", PD,
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
"5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
"6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
"4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
1);
add("secp384r1 [NIST P-384]", "1.3.132.0.34", PD,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
"B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
"AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
"3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
1);
add("secp521r1 [NIST P-521]", "1.3.132.0.35", PD,
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
"0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
"00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
"011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
1);
/* ANSI X9.62 prime curves */
add("X9.62 prime192v2", "1.2.840.10045.3.1.2", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
"CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953",
"EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A",
"6574D11D69B6EC7A672BB82A083DF2F2B0847DE970B2DE15",
"FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31",
1);
add("X9.62 prime192v3", "1.2.840.10045.3.1.3", P,
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
"22123DC2395A05CAA7423DAECCC94760A7D462256BD56916",
"7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896",
"38A90F22637337334B49DCB66A6DC8F9978ACA7648A943B0",
"FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13",
1);
add("X9.62 prime239v1", "1.2.840.10045.3.1.4", P,
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
"6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A",
"0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF",
"7DEBE8E4E90A5DAE6E4054CA530BA04654B36818CE226B39FCCB7B02F1AE",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B",
1);
add("X9.62 prime239v2", "1.2.840.10045.3.1.5", P,
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
"617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C",
"38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7",
"5B0125E4DBEA0EC7206DA0FC01D9B081329FB555DE6EF460237DFF8BE4BA",
"7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063",
1);
add("X9.62 prime239v3", "1.2.840.10045.3.1.6", P,
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",
"255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E",
"6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A",
"1607E6898F390C06BC1D552BAD226F3B6FCFE48B6E818499AF18E3ED6CF3",
"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551",
1);
/* SEC2 binary curves */
add("sect113r1", "1.3.132.0.4", B,
"020000000000000000000000000201",
"003088250CA6E7C7FE649CE85820F7",
"00E8BEE4D3E2260744188BE0E9C723",
"009D73616F35F4AB1407D73562C10F",
"00A52830277958EE84D1315ED31886",
"0100000000000000D9CCEC8A39E56F",
2);
add("sect113r2", "1.3.132.0.5", B,
"020000000000000000000000000201",
"00689918DBEC7E5A0DD6DFC0AA55C7",
"0095E9A9EC9B297BD4BF36E059184F",
"01A57A6A7B26CA5EF52FCDB8164797",
"00B3ADC94ED1FE674C06E695BABA1D",
"010000000000000108789B2496AF93",
2);
add("sect131r1", "1.3.132.0.22", B,
"080000000000000000000000000000010D",
"07A11B09A76B562144418FF3FF8C2570B8",
"0217C05610884B63B9C6C7291678F9D341",
"0081BAF91FDF9833C40F9C181343638399",
"078C6E7EA38C001F73C8134B1B4EF9E150",
"0400000000000000023123953A9464B54D",
2);
add("sect131r2", "1.3.132.0.23", B,
"080000000000000000000000000000010D",
"03E5A88919D7CAFCBF415F07C2176573B2",
"04B8266A46C55657AC734CE38F018F2192",
"0356DCD8F2F95031AD652D23951BB366A8",
"0648F06D867940A5366D9E265DE9EB240F",
"0400000000000000016954A233049BA98F",
2);
add("sect163k1 [NIST K-163]", "1.3.132.0.1", BD,
"0800000000000000000000000000000000000000C9",
"000000000000000000000000000000000000000001",
"000000000000000000000000000000000000000001",
"02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
"0289070FB05D38FF58321F2E800536D538CCDAA3D9",
"04000000000000000000020108A2E0CC0D99F8A5EF",
2);
add("sect163r1", "1.3.132.0.2", B,
"0800000000000000000000000000000000000000C9",
"07B6882CAAEFA84F9554FF8428BD88E246D2782AE2",
"0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9",
"0369979697AB43897789566789567F787A7876A654",
"00435EDB42EFAFB2989D51FEFCE3C80988F41FF883",
"03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B",
2);
add("sect163r2 [NIST B-163]", "1.3.132.0.15", BD,
"0800000000000000000000000000000000000000C9",
"000000000000000000000000000000000000000001",
"020A601907B8C953CA1481EB10512F78744A3205FD",
"03F0EBA16286A2D57EA0991168D4994637E8343E36",
"00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
"040000000000000000000292FE77E70C12A4234C33",
2);
add("sect193r1", "1.3.132.0.24", B,
"02000000000000000000000000000000000000000000008001",
"0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01",
"00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814",
"01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1",
"0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05",
"01000000000000000000000000C7F34A778F443ACC920EBA49",
2);
add("sect193r2", "1.3.132.0.25", B,
"02000000000000000000000000000000000000000000008001",
"0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B",
"00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE",
"00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F",
"01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C",
"010000000000000000000000015AAB561B005413CCD4EE99D5",
2);
add("sect233k1 [NIST K-233]", "1.3.132.0.26", BD,
"020000000000000000000000000000000000000004000000000000000001",
"000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000001",
"017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
"01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
"008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF",
4);
add("sect233r1 [NIST B-233]", "1.3.132.0.27", B,
"020000000000000000000000000000000000000004000000000000000001",
"000000000000000000000000000000000000000000000000000000000001",
"0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
"00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
"01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
"01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7",
2);
add("sect239k1", "1.3.132.0.3", B,
"800000000000000000004000000000000000000000000000000000000001",
"000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000001",
"29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC",
"76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA",
"2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5",
4);
add("sect283k1 [NIST K-283]", "1.3.132.0.16", BD,
"0800000000000000000000000000000000000000000000000000000000000000000010A1",
"000000000000000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000000000000000001",
"0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836",
"01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",
"01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61",
4);
add("sect283r1 [NIST B-283]", "1.3.132.0.17", B,
"0800000000000000000000000000000000000000000000000000000000000000000010A1",
"000000000000000000000000000000000000000000000000000000000000000000000001",
"027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",
"05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053",
"03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",
"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307",
2);
add("sect409k1 [NIST K-409]", "1.3.132.0.36", BD,
"02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",
"01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
"007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
4);
add("sect409r1 [NIST B-409]", "1.3.132.0.37", B,
"02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",
"015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7",
"0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",
"010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173",
2);
add("sect571k1 [NIST K-571]", "1.3.132.0.38", BD,
"080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972",
"0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",
"020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001",
4);
add("sect571r1 [NIST B-571]", "1.3.132.0.39", B,
"080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
"02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",
"0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19",
"037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",
"03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47",
2);
/* ANSI X9.62 binary curves */
add("X9.62 c2tnb191v1", "1.2.840.10045.3.0.5", B,
"800000000000000000000000000000000000000000000201",
"2866537B676752636A68F56554E12640276B649EF7526267",
"2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC",
"36B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D",
"765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB",
"40000000000000000000000004A20E90C39067C893BBB9A5",
2);
add("X9.62 c2tnb191v2", "1.2.840.10045.3.0.6", B,
"800000000000000000000000000000000000000000000201",
"401028774D7777C7B7666D1366EA432071274F89FF01E718",
"0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01",
"3809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10",
"17434386626D14F3DBF01760D9213A3E1CF37AEC437D668A",
"20000000000000000000000050508CB89F652824E06B8173",
4);
add("X9.62 c2tnb191v3", "1.2.840.10045.3.0.7", B,
"800000000000000000000000000000000000000000000201",
"6C01074756099122221056911C77D77E77A777E7E7E77FCB",
"71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8",
"375D4CE24FDE434489DE8746E71786015009E66E38A926DD",
"545A39176196575D985999366E6AD34CE0A77CD7127B06BE",
"155555555555555555555555610C0B196812BFB6288A3EA3",
6);
add("X9.62 c2tnb239v1", "1.2.840.10045.3.0.11", B,
"800000000000000000000000000000000000000000000000001000000001",
"32010857077C5431123A46B808906756F543423E8D27877578125778AC76",
"790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16",
"57927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D",
"61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305",
"2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447",
4);
add("X9.62 c2tnb239v2", "1.2.840.10045.3.0.12", B,
"800000000000000000000000000000000000000000000000001000000001",
"4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F",
"5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B",
"28F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205",
"5667334C45AFF3B5A03BAD9DD75E2C71A99362567D5453F7FA6E227EC833",
"1555555555555555555555555555553C6F2885259C31E3FCDF154624522D",
6);
add("X9.62 c2tnb239v3", "1.2.840.10045.3.0.13", B,
"800000000000000000000000000000000000000000000000001000000001",
"01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F",
"6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40",
"70F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92",
"2E5A0EAF6E5E1305B9004DCE5C0ED7FE59A35608F33837C816D80B79F461",
"0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF",
0xA);
add("X9.62 c2tnb359v1", "1.2.840.10045.3.0.18", B,
"800000000000000000000000000000000000000000000000000000000000000000000000100000000000000001",
"5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05656FB549016A96656A557",
"2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC345626089687742B6329E70680231988",
"3C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE98E8E707C07A2239B1B097",
"53D7E08529547048121E9C95F3791DD804963948F34FAE7BF44EA82365DC7868FE57E4AE2DE211305A407104BD",
"01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB964FE7719E74F490758D3B",
0x4C);
add("X9.62 c2tnb431r1", "1.2.840.10045.3.0.20", B,
"800000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000001",
"1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0EB9906D0957F6C6FEACD615468DF104DE296CD8F",
"10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B626D4E50A8DD731B107A9962381FB5D807BF2618",
"120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C21E7C5EFE965361F6C2999C0C247B0DBD70CE6B7",
"20D0AF8903A96F8D5FA2C255745D3C451B302C9346D9B7E485E7BCE41F6B591F3E8F6ADDCBB0BC4C2F947A7DE1A89B625D6A598B3760",
"0340340340340340340340340340340340340340340340340340340323C313FAB50589703B5EC68D3587FEC60D161CC149C1AD4A91",
0x2760);
/* ANSI X9.62 binary curves from the 1998 standard but forbidden
* in the 2005 version of the standard.
* We don't register them but leave them here for the time being in
* case we need to support them after all.
*/
/*
add("X9.62 c2pnb163v1", "1.2.840.10045.3.0.1", B,
"080000000000000000000000000000000000000107",
"072546B5435234A422E0789675F432C89435DE5242",
"00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9",
"07AF69989546103D79329FCC3D74880F33BBE803CB",
"01EC23211B5966ADEA1D3F87F7EA5848AEF0B7CA9F",
"0400000000000000000001E60FC8821CC74DAEAFC1",
2);
add("X9.62 c2pnb163v2", "1.2.840.10045.3.0.2", B,
"080000000000000000000000000000000000000107",
"0108B39E77C4B108BED981ED0E890E117C511CF072",
"0667ACEB38AF4E488C407433FFAE4F1C811638DF20",
"0024266E4EB5106D0A964D92C4860E2671DB9B6CC5",
"079F684DDF6684C5CD258B3890021B2386DFD19FC5",
"03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7",
2);
add("X9.62 c2pnb163v3", "1.2.840.10045.3.0.3", B,
"080000000000000000000000000000000000000107",
"07A526C63D3E25A256A007699F5447E32AE456B50E",
"03F7061798EB99E238FD6F1BF95B48FEEB4854252B",
"02F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB",
"05B935590C155E17EA48EB3FF3718B893DF59A05D0",
"03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309",
2);
add("X9.62 c2pnb176w1", "1.2.840.10045.3.0.4", B,
"0100000000000000000000000000000000080000000007",
"E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B",
"5DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2",
"8D16C2866798B600F9F08BB4A8E860F3298CE04A5798",
"6FA4539C2DADDDD6BAB5167D61B436E1D92BB16A562C",
"00010092537397ECA4F6145799D62B0A19CE06FE26AD",
0xFF6E);
add("X9.62 c2pnb208w1", "1.2.840.10045.3.0.10", B,
"010000000000000000000000000000000800000000000000000007",
"0000000000000000000000000000000000000000000000000000",
"C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E",
"89FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A",
"0F55B51A06E78E9AC38A035FF520D8B01781BEB1A6BB08617DE3",
"000101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D",
0xFE48);
add("X9.62 c2pnb272w1", "1.2.840.10045.3.0.16", B,
"010000000000000000000000000000000000000000000000000000010000000000000B",
"91A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20",
"7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7",
"6108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D",
"10C7695716851EEF6BA7F6872E6142FBD241B830FF5EFCACECCAB05E02005DDE9D23",
"000100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521",
0xFF06);
add("X9.62 c2pnb304w1", "1.2.840.10045.3.0.17", B,
"010000000000000000000000000000000000000000000000000000000000000000000000000807",
"FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A0396C8E681",
"BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E55827340BE",
"197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F740A2614",
"E19FBEB76E0DA171517ECF401B50289BF014103288527A9B416A105E80260B549FDC1B92C03B",
"000101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164443051D",
0xFE2E);
add("X9.62 c2pnb368w1", "1.2.840.10045.3.0.19", B,
"0100000000000000000000000000000000000000000000000000000000000000000000002000000000000000000007",
"E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62F0AB7519CCD2A1A906AE30D",
"FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112D84D164F444F8F74786046A",
"1085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E789E927BE216F02E1FB136A5F",
"7B3EB1BDDCBA62D5D8B2059B525797FC73822C59059C623A45FF3843CEE8F87CD1855ADAA81E2A0750B80FDA2310",
"00010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E909AE40A6F131E9CFCE5BD967",
0xFF70);
*/
SPLIT_PATTERN = null;
}
} }
src/share/classes/sun/security/ec/SunECEntries.java
浏览文件 @ 6644acde
...@@ -25,8 +25,11 @@ ...@@ -25,8 +25,11 @@
package sun.security.ec; package sun.security.ec;
import java.util.Collection;
import java.util.Map; import java.util.Map;
import java.util.regex.Pattern;
/** /**
* Defines the entries of the SunEC provider. * Defines the entries of the SunEC provider.
* *
...@@ -60,64 +63,33 @@ final class SunECEntries { ...@@ -60,64 +63,33 @@ final class SunECEntries {
map.put("AlgorithmParameters.EC ImplementedIn", "Software"); map.put("AlgorithmParameters.EC ImplementedIn", "Software");
map.put("AlgorithmParameters.EC SupportedCurves", // "AlgorithmParameters.EC SupportedCurves" prop used by unit test
boolean firstCurve = true;
// A list comprising lists of curve names and object identifiers. StringBuilder names = new StringBuilder();
// '[' ( <curve-name> ',' )+ <curve-object-identifier> ']' '|' Pattern nameSplitPattern = Pattern.compile(CurveDB.SPLIT_PATTERN);
// SEC 2 prime curves Collection<? extends NamedCurve> supportedCurves =
"[secp112r1,1.3.132.0.6]|" + CurveDB.getSupportedCurves();
"[secp112r2,1.3.132.0.7]|" + for (NamedCurve namedCurve : supportedCurves) {
"[secp128r1,1.3.132.0.28]|" + if (!firstCurve) {
"[secp128r2,1.3.132.0.29]|" + names.append("|");
"[secp160k1,1.3.132.0.9]|" + } else {
"[secp160r1,1.3.132.0.8]|" + firstCurve = false;
"[secp160r2,1.3.132.0.30]|" + }
"[secp192k1,1.3.132.0.31]|" +
"[secp192r1,NIST P-192,X9.62 prime192v1,1.2.840.10045.3.1.1]|" + names.append("[");
"[secp224k1,1.3.132.0.32]|" +
"[secp224r1,NIST P-224,1.3.132.0.33]|" + String[] commonNames = nameSplitPattern.split(namedCurve.getName());
"[secp256k1,1.3.132.0.10]|" + for (String commonName : commonNames) {
"[secp256r1,NIST P-256,X9.62 prime256v1,1.2.840.10045.3.1.7]|" + names.append(commonName.trim());
"[secp384r1,NIST P-384,1.3.132.0.34]|" + names.append(",");
"[secp521r1,NIST P-521,1.3.132.0.35]|" + }
// ANSI X9.62 prime curves names.append(namedCurve.getObjectId());
"[X9.62 prime192v2,1.2.840.10045.3.1.2]|" + names.append("]");
"[X9.62 prime192v3,1.2.840.10045.3.1.3]|" + }
"[X9.62 prime239v1,1.2.840.10045.3.1.4]|" +
"[X9.62 prime239v2,1.2.840.10045.3.1.5]|" + map.put("AlgorithmParameters.EC SupportedCurves", names.toString());
"[X9.62 prime239v3,1.2.840.10045.3.1.6]|" +
// SEC 2 binary curves
"[sect113r1,1.3.132.0.4]|" +
"[sect113r2,1.3.132.0.5]|" +
"[sect131r1,1.3.132.0.22]|" +
"[sect131r2,1.3.132.0.23]|" +
"[sect163k1,NIST K-163,1.3.132.0.1]|" +
"[sect163r1,1.3.132.0.2]|" +
"[sect163r2,NIST B-163,1.3.132.0.15]|" +
"[sect193r1,1.3.132.0.24]|" +
"[sect193r2,1.3.132.0.25]|" +
"[sect233k1,NIST K-233,1.3.132.0.26]|" +
"[sect233r1,NIST B-233,1.3.132.0.27]|" +
"[sect239k1,1.3.132.0.3]|" +
"[sect283k1,NIST K-283,1.3.132.0.16]|" +
"[sect283r1,NIST B-283,1.3.132.0.17]|" +
"[sect409k1,NIST K-409,1.3.132.0.36]|" +
"[sect409r1,NIST B-409,1.3.132.0.37]|" +
"[sect571k1,NIST K-571,1.3.132.0.38]|" +
"[sect571r1,NIST B-571,1.3.132.0.39]|" +
// ANSI X9.62 binary curves
"[X9.62 c2tnb191v1,1.2.840.10045.3.0.5]|" +
"[X9.62 c2tnb191v2,1.2.840.10045.3.0.6]|" +
"[X9.62 c2tnb191v3,1.2.840.10045.3.0.7]|" +
"[X9.62 c2tnb239v1,1.2.840.10045.3.0.11]|" +
"[X9.62 c2tnb239v2,1.2.840.10045.3.0.12]|" +
"[X9.62 c2tnb239v3,1.2.840.10045.3.0.13]|" +
"[X9.62 c2tnb359v1,1.2.840.10045.3.0.18]|" +
"[X9.62 c2tnb431r1,1.2.840.10045.3.0.20]");
/* /*
* Register the algorithms below only when the full ECC implementation * Register the algorithms below only when the full ECC implementation
......
src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java
浏览文件 @ 6644acde
...@@ -32,15 +32,12 @@ import java.security.*; ...@@ -32,15 +32,12 @@ import java.security.*;
import java.security.interfaces.*; import java.security.interfaces.*;
import java.security.spec.*; import java.security.spec.*;
import sun.security.ec.ECPublicKeyImpl;
import sun.security.ec.ECParameters;
import sun.security.ec.NamedCurve;
import static sun.security.pkcs11.TemplateManager.*; import static sun.security.pkcs11.TemplateManager.*;
import sun.security.pkcs11.wrapper.*; import sun.security.pkcs11.wrapper.*;
import static sun.security.pkcs11.wrapper.PKCS11Constants.*; import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
import sun.security.util.DerValue; import sun.security.util.DerValue;
import sun.security.util.ECUtil;
/** /**
* EC KeyFactory implemenation. * EC KeyFactory implemenation.
...@@ -49,46 +46,56 @@ import sun.security.util.DerValue; ...@@ -49,46 +46,56 @@ import sun.security.util.DerValue;
* @since 1.6 * @since 1.6
*/ */
final class P11ECKeyFactory extends P11KeyFactory { final class P11ECKeyFactory extends P11KeyFactory {
private static Provider sunECprovider;
private static Provider getSunECProvider() {
if (sunECprovider == null) {
sunECprovider = Security.getProvider("SunEC");
if (sunECprovider == null) {
throw new RuntimeException("Cannot load SunEC provider");
}
}
return sunECprovider;
}
P11ECKeyFactory(Token token, String algorithm) { P11ECKeyFactory(Token token, String algorithm) {
super(token, algorithm); super(token, algorithm);
} }
static ECParameterSpec getECParameterSpec(String name) { static ECParameterSpec getECParameterSpec(String name) {
return NamedCurve.getECParameterSpec(name); return ECUtil.getECParameterSpec(getSunECProvider(), name);
} }
static ECParameterSpec getECParameterSpec(int keySize) { static ECParameterSpec getECParameterSpec(int keySize) {
return NamedCurve.getECParameterSpec(keySize); return ECUtil.getECParameterSpec(getSunECProvider(), keySize);
} }
// Check that spec is a known supported curve and convert it to our // Check that spec is a known supported curve and convert it to our
// ECParameterSpec subclass. If not possible, return null. // ECParameterSpec subclass. If not possible, return null.
static ECParameterSpec getECParameterSpec(ECParameterSpec spec) { static ECParameterSpec getECParameterSpec(ECParameterSpec spec) {
return ECParameters.getNamedCurve(spec); return ECUtil.getECParameterSpec(getSunECProvider(), spec);
} }
static ECParameterSpec decodeParameters(byte[] params) throws IOException { static ECParameterSpec decodeParameters(byte[] params) throws IOException {
return ECParameters.decodeParameters(params); return ECUtil.getECParameterSpec(getSunECProvider(), params);
} }
static byte[] encodeParameters(ECParameterSpec params) { static byte[] encodeParameters(ECParameterSpec params) {
return ECParameters.encodeParameters(params); return ECUtil.encodeECParameterSpec(getSunECProvider(), params);
} }
static ECPoint decodePoint(byte[] encoded, EllipticCurve curve) throws IOException { static ECPoint decodePoint(byte[] encoded, EllipticCurve curve) throws IOException {
return ECParameters.decodePoint(encoded, curve); return ECUtil.decodePoint(encoded, curve);
} }
// Used by ECDH KeyAgreement // Used by ECDH KeyAgreement
static byte[] getEncodedPublicValue(PublicKey key) throws InvalidKeyException { static byte[] getEncodedPublicValue(PublicKey key) throws InvalidKeyException {
if (key instanceof ECPublicKeyImpl) { if (key instanceof ECPublicKey) {
return ((ECPublicKeyImpl)key).getEncodedPublicValue();
} else if (key instanceof ECPublicKey) {
ECPublicKey ecKey = (ECPublicKey)key; ECPublicKey ecKey = (ECPublicKey)key;
ECPoint w = ecKey.getW(); ECPoint w = ecKey.getW();
ECParameterSpec params = ecKey.getParams(); ECParameterSpec params = ecKey.getParams();
return ECParameters.encodePoint(w, params.getCurve()); return ECUtil.encodePoint(w, params.getCurve());
} else { } else {
// should never occur // should never occur
throw new InvalidKeyException throw new InvalidKeyException
...@@ -107,7 +114,13 @@ final class P11ECKeyFactory extends P11KeyFactory { ...@@ -107,7 +114,13 @@ final class P11ECKeyFactory extends P11KeyFactory {
} else if ("X.509".equals(key.getFormat())) { } else if ("X.509".equals(key.getFormat())) {
// let Sun provider parse for us, then recurse // let Sun provider parse for us, then recurse
byte[] encoded = key.getEncoded(); byte[] encoded = key.getEncoded();
key = new sun.security.ec.ECPublicKeyImpl(encoded);
try {
key = ECUtil.decodeX509ECPublicKey(encoded);
} catch (InvalidKeySpecException ikse) {
throw new InvalidKeyException(ikse);
}
return implTranslatePublicKey(key); return implTranslatePublicKey(key);
} else { } else {
throw new InvalidKeyException("PublicKey must be instance " throw new InvalidKeyException("PublicKey must be instance "
...@@ -130,7 +143,13 @@ final class P11ECKeyFactory extends P11KeyFactory { ...@@ -130,7 +143,13 @@ final class P11ECKeyFactory extends P11KeyFactory {
} else if ("PKCS#8".equals(key.getFormat())) { } else if ("PKCS#8".equals(key.getFormat())) {
// let Sun provider parse for us, then recurse // let Sun provider parse for us, then recurse
byte[] encoded = key.getEncoded(); byte[] encoded = key.getEncoded();
key = new sun.security.ec.ECPrivateKeyImpl(encoded);
try {
key = ECUtil.decodePKCS8ECPrivateKey(encoded);
} catch (InvalidKeySpecException ikse) {
throw new InvalidKeyException(ikse);
}
return implTranslatePrivateKey(key); return implTranslatePrivateKey(key);
} else { } else {
throw new InvalidKeyException("PrivateKey must be instance " throw new InvalidKeyException("PrivateKey must be instance "
...@@ -148,7 +167,7 @@ final class P11ECKeyFactory extends P11KeyFactory { ...@@ -148,7 +167,7 @@ final class P11ECKeyFactory extends P11KeyFactory {
if (keySpec instanceof X509EncodedKeySpec) { if (keySpec instanceof X509EncodedKeySpec) {
try { try {
byte[] encoded = ((X509EncodedKeySpec)keySpec).getEncoded(); byte[] encoded = ((X509EncodedKeySpec)keySpec).getEncoded();
PublicKey key = new sun.security.ec.ECPublicKeyImpl(encoded); PublicKey key = ECUtil.decodeX509ECPublicKey(encoded);
return implTranslatePublicKey(key); return implTranslatePublicKey(key);
} catch (InvalidKeyException e) { } catch (InvalidKeyException e) {
throw new InvalidKeySpecException throw new InvalidKeySpecException
...@@ -178,7 +197,7 @@ final class P11ECKeyFactory extends P11KeyFactory { ...@@ -178,7 +197,7 @@ final class P11ECKeyFactory extends P11KeyFactory {
if (keySpec instanceof PKCS8EncodedKeySpec) { if (keySpec instanceof PKCS8EncodedKeySpec) {
try { try {
byte[] encoded = ((PKCS8EncodedKeySpec)keySpec).getEncoded(); byte[] encoded = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
PrivateKey key = new sun.security.ec.ECPrivateKeyImpl(encoded); PrivateKey key = ECUtil.decodePKCS8ECPrivateKey(encoded);
return implTranslatePrivateKey(key); return implTranslatePrivateKey(key);
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new InvalidKeySpecException throw new InvalidKeySpecException
...@@ -201,10 +220,12 @@ final class P11ECKeyFactory extends P11KeyFactory { ...@@ -201,10 +220,12 @@ final class P11ECKeyFactory extends P11KeyFactory {
} }
} }
private PublicKey generatePublic(ECPoint point, ECParameterSpec params) throws PKCS11Exception { private PublicKey generatePublic(ECPoint point, ECParameterSpec params)
byte[] encodedParams = ECParameters.encodeParameters(params); throws PKCS11Exception {
byte[] encodedParams =
ECUtil.encodeECParameterSpec(getSunECProvider(), params);
byte[] encodedPoint = byte[] encodedPoint =
ECParameters.encodePoint(point, params.getCurve()); ECUtil.encodePoint(point, params.getCurve());
// Check whether the X9.63 encoding of an EC point shall be wrapped // Check whether the X9.63 encoding of an EC point shall be wrapped
// in an ASN.1 OCTET STRING // in an ASN.1 OCTET STRING
...@@ -238,8 +259,10 @@ final class P11ECKeyFactory extends P11KeyFactory { ...@@ -238,8 +259,10 @@ final class P11ECKeyFactory extends P11KeyFactory {
} }
} }
private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params) throws PKCS11Exception { private PrivateKey generatePrivate(BigInteger s, ECParameterSpec params)
byte[] encodedParams = ECParameters.encodeParameters(params); throws PKCS11Exception {
byte[] encodedParams =
ECUtil.encodeECParameterSpec(getSunECProvider(), params);
CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] { CK_ATTRIBUTE[] attributes = new CK_ATTRIBUTE[] {
new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY), new CK_ATTRIBUTE(CKA_CLASS, CKO_PRIVATE_KEY),
new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC), new CK_ATTRIBUTE(CKA_KEY_TYPE, CKK_EC),
...@@ -304,7 +327,7 @@ final class P11ECKeyFactory extends P11KeyFactory { ...@@ -304,7 +327,7 @@ final class P11ECKeyFactory extends P11KeyFactory {
} }
KeyFactory implGetSoftwareFactory() throws GeneralSecurityException { KeyFactory implGetSoftwareFactory() throws GeneralSecurityException {
return KeyFactory.getInstance("EC", "SunEC"); return KeyFactory.getInstance("EC", getSunECProvider());
} }
} }
src/share/classes/sun/security/pkcs11/P11Key.java
浏览文件 @ 6644acde
...@@ -47,6 +47,7 @@ import static sun.security.pkcs11.wrapper.PKCS11Constants.*; ...@@ -47,6 +47,7 @@ import static sun.security.pkcs11.wrapper.PKCS11Constants.*;
import sun.security.util.DerValue; import sun.security.util.DerValue;
import sun.security.util.Length; import sun.security.util.Length;
import sun.security.util.ECUtil;
/** /**
* Key implementation classes. * Key implementation classes.
...@@ -984,9 +985,9 @@ abstract class P11Key implements Key, Length { ...@@ -984,9 +985,9 @@ abstract class P11Key implements Key, Length {
if (encoded == null) { if (encoded == null) {
fetchValues(); fetchValues();
try { try {
Key key = new sun.security.ec.ECPrivateKeyImpl(s, params); Key key = ECUtil.generateECPrivateKey(s, params);
encoded = key.getEncoded(); encoded = key.getEncoded();
} catch (InvalidKeyException e) { } catch (InvalidKeySpecException e) {
throw new ProviderException(e); throw new ProviderException(e);
} }
} }
...@@ -1064,9 +1065,8 @@ abstract class P11Key implements Key, Length { ...@@ -1064,9 +1065,8 @@ abstract class P11Key implements Key, Length {
if (encoded == null) { if (encoded == null) {
fetchValues(); fetchValues();
try { try {
Key key = new sun.security.ec.ECPublicKeyImpl(w, params); return ECUtil.x509EncodeECPublicKey(w, params);
encoded = key.getEncoded(); } catch (InvalidKeySpecException e) {
} catch (InvalidKeyException e) {
throw new ProviderException(e); throw new ProviderException(e);
} }
} }
......
src/share/classes/sun/security/pkcs11/P11KeyStore.java
浏览文件 @ 6644acde
...@@ -65,6 +65,7 @@ import javax.security.auth.callback.UnsupportedCallbackException; ...@@ -65,6 +65,7 @@ import javax.security.auth.callback.UnsupportedCallbackException;
import sun.security.util.Debug; import sun.security.util.Debug;
import sun.security.util.DerValue; import sun.security.util.DerValue;
import sun.security.util.ECUtil;
import sun.security.ec.ECParameters; import sun.security.ec.ECParameters;
...@@ -1351,7 +1352,8 @@ final class P11KeyStore extends KeyStoreSpi { ...@@ -1351,7 +1352,8 @@ final class P11KeyStore extends KeyStoreSpi {
token.p11.C_GetAttributeValue(session.id(), oHandle, attrs); token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);
byte[] encodedParams = attrs[0].getByteArray(); byte[] encodedParams = attrs[0].getByteArray();
try { try {
ECParameterSpec params = ECParameters.decodeParameters(encodedParams); ECParameterSpec params =
ECUtil.getECParameterSpec(null, encodedParams);
keyLength = params.getCurve().getField().getFieldSize(); keyLength = params.getCurve().getField().getFieldSize();
} catch (IOException e) { } catch (IOException e) {
// we do not want to accept key with unsupported parameters // we do not want to accept key with unsupported parameters
...@@ -1726,7 +1728,8 @@ final class P11KeyStore extends KeyStoreSpi { ...@@ -1726,7 +1728,8 @@ final class P11KeyStore extends KeyStoreSpi {
idAttrs[0] = new CK_ATTRIBUTE(CKA_ID, alias); idAttrs[0] = new CK_ATTRIBUTE(CKA_ID, alias);
} }
byte[] encodedParams = ECParameters.encodeParameters(ecKey.getParams()); byte[] encodedParams =
ECUtil.encodeECParameterSpec(null, ecKey.getParams());
attrs = new CK_ATTRIBUTE[] { attrs = new CK_ATTRIBUTE[] {
ATTR_TOKEN_TRUE, ATTR_TOKEN_TRUE,
ATTR_CLASS_PKEY, ATTR_CLASS_PKEY,
...@@ -1901,7 +1904,7 @@ final class P11KeyStore extends KeyStoreSpi { ...@@ -1901,7 +1904,7 @@ final class P11KeyStore extends KeyStoreSpi {
ECPublicKey ecPub = (ECPublicKey)publicKey; ECPublicKey ecPub = (ECPublicKey)publicKey;
ECPoint point = ecPub.getW(); ECPoint point = ecPub.getW();
ECParameterSpec params = ecPub.getParams(); ECParameterSpec params = ecPub.getParams();
byte[] encodedPoint = ECParameters.encodePoint(point, params.getCurve()); byte[] encodedPoint = ECUtil.encodePoint(point, params.getCurve());
if (id) { if (id) {
attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(encodedPoint)); attrs[0] = new CK_ATTRIBUTE(CKA_ID, sha1(encodedPoint));
} }
......
src/share/classes/sun/security/ssl/JsseJce.java
浏览文件 @ 6644acde
...@@ -41,8 +41,7 @@ import java.security.Provider; ...@@ -41,8 +41,7 @@ import java.security.Provider;
import sun.security.jca.Providers; import sun.security.jca.Providers;
import sun.security.jca.ProviderList; import sun.security.jca.ProviderList;
import sun.security.ec.ECParameters; import sun.security.util.ECUtil;
import sun.security.ec.NamedCurve;
import static sun.security.ssl.SunJSSE.cryptoProvider; import static sun.security.ssl.SunJSSE.cryptoProvider;
...@@ -383,20 +382,20 @@ final class JsseJce { ...@@ -383,20 +382,20 @@ final class JsseJce {
} }
static ECParameterSpec getECParameterSpec(String namedCurveOid) { static ECParameterSpec getECParameterSpec(String namedCurveOid) {
return NamedCurve.getECParameterSpec(namedCurveOid); return ECUtil.getECParameterSpec(cryptoProvider, namedCurveOid);
} }
static String getNamedCurveOid(ECParameterSpec params) { static String getNamedCurveOid(ECParameterSpec params) {
return ECParameters.getCurveName(params); return ECUtil.getCurveName(cryptoProvider, params);
} }
static ECPoint decodePoint(byte[] encoded, EllipticCurve curve) static ECPoint decodePoint(byte[] encoded, EllipticCurve curve)
throws java.io.IOException { throws java.io.IOException {
return ECParameters.decodePoint(encoded, curve); return ECUtil.decodePoint(encoded, curve);
} }
static byte[] encodePoint(ECPoint point, EllipticCurve curve) { static byte[] encodePoint(ECPoint point, EllipticCurve curve) {
return ECParameters.encodePoint(point, curve); return ECUtil.encodePoint(point, curve);
} }
// In FIPS mode, set thread local providers; otherwise a no-op. // In FIPS mode, set thread local providers; otherwise a no-op.
......
src/share/classes/sun/security/util/ECKeySizeParameterSpec.java 0 → 100644
浏览文件 @ 6644acde
/*
* Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.security.spec.AlgorithmParameterSpec;
import sun.security.util.ObjectIdentifier;
/**
* This immutable class is used when randomly generating a key pair and the
* consumer only specifies the length of the key and therefore a curve for that
* key size must be picked from a the list of supported curves using this spec.
*
* @see AlgorithmParameterSpec
* @see ECGenParameterSpec
*/
public class ECKeySizeParameterSpec implements AlgorithmParameterSpec {
private int keySize;
/**
* Creates a parameter specification for EC curve
* generation using a standard (or predefined) key size
* <code>keySize</code> in order to generate the corresponding
* (precomputed) elliptic curve.
* <p>
* Note, if the curve of the specified length is not supported,
* <code>AlgorithmParameters.init</code> will throw an exception.
*
* @param keySize the key size of the curve to lookup
*/
public ECKeySizeParameterSpec(int keySize) {
this.keySize = keySize;
}
/**
* Returns the key size of this spec.
*
* @return the standard or predefined key size.
*/
public int getKeySize() {
return keySize;
}
}
src/share/classes/sun/security/util/ECUtil.java 0 → 100644
浏览文件 @ 6644acde
/*
* Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package sun.security.util;
import java.io.IOException;
import java.math.BigInteger;
import java.security.*;
import java.security.interfaces.*;
import java.security.spec.*;
import java.util.Arrays;
import sun.security.x509.X509Key;
public class ECUtil {
// Used by SunPKCS11 and SunJSSE.
public static ECPoint decodePoint(byte[] data, EllipticCurve curve)
throws IOException {
if ((data.length == 0) || (data[0] != 4)) {
throw new IOException("Only uncompressed point format supported");
}
// Per ANSI X9.62, an encoded point is a 1 byte type followed by
// ceiling(log base 2 field-size / 8) bytes of x and the same of y.
int n = (data.length - 1) / 2;
if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {
throw new IOException("Point does not match field size");
}
byte[] xb = Arrays.copyOfRange(data, 1, 1 + n);
byte[] yb = Arrays.copyOfRange(data, n + 1, n + 1 + n);
return new ECPoint(new BigInteger(1, xb), new BigInteger(1, yb));
}
// Used by SunPKCS11 and SunJSSE.
public static byte[] encodePoint(ECPoint point, EllipticCurve curve) {
// get field size in bytes (rounding up)
int n = (curve.getField().getFieldSize() + 7) >> 3;
byte[] xb = trimZeroes(point.getAffineX().toByteArray());
byte[] yb = trimZeroes(point.getAffineY().toByteArray());
if ((xb.length > n) || (yb.length > n)) {
throw new RuntimeException
("Point coordinates do not match field size");
}
byte[] b = new byte[1 + (n << 1)];
b[0] = 4; // uncompressed
System.arraycopy(xb, 0, b, n - xb.length + 1, xb.length);
System.arraycopy(yb, 0, b, b.length - yb.length, yb.length);
return b;
}
public static byte[] trimZeroes(byte[] b) {
int i = 0;
while ((i < b.length - 1) && (b[i] == 0)) {
i++;
}
if (i == 0) {
return b;
}
return Arrays.copyOfRange(b, i, b.length);
}
private static KeyFactory getKeyFactory() {
try {
return KeyFactory.getInstance("EC", "SunEC");
} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
throw new RuntimeException(e);
}
}
public static ECPublicKey decodeX509ECPublicKey(byte[] encoded)
throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(encoded);
return (ECPublicKey)keyFactory.generatePublic(keySpec);
}
public static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)keyFactory.generatePublic(keySpec);
return key.getEncoded();
}
public static ECPrivateKey decodePKCS8ECPrivateKey(byte[] encoded)
throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded);
return (ECPrivateKey)keyFactory.generatePrivate(keySpec);
}
public static ECPrivateKey generateECPrivateKey(BigInteger s,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPrivateKeySpec keySpec = new ECPrivateKeySpec(s, params);
return (ECPrivateKey)keyFactory.generatePrivate(keySpec);
}
private static AlgorithmParameters getECParameters(Provider p) {
try {
if (p != null) {
return AlgorithmParameters.getInstance("EC", p);
}
return AlgorithmParameters.getInstance("EC");
} catch (NoSuchAlgorithmException nsae) {
throw new RuntimeException(nsae);
}
}
public static byte[] encodeECParameterSpec(Provider p,
ECParameterSpec spec) {
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(spec);
} catch (InvalidParameterSpecException ipse) {
throw new RuntimeException("Not a known named curve: " + spec);
}
try {
return parameters.getEncoded();
} catch (IOException ioe) {
// it is a bug if this should happen
throw new RuntimeException(ioe);
}
}
public static ECParameterSpec getECParameterSpec(Provider p,
ECParameterSpec spec) {
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(spec);
return parameters.getParameterSpec(ECParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
}
public static ECParameterSpec getECParameterSpec(Provider p,
byte[] params)
throws IOException {
AlgorithmParameters parameters = getECParameters(p);
parameters.init(params);
try {
return parameters.getParameterSpec(ECParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
}
public static ECParameterSpec getECParameterSpec(Provider p, String name) {
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(new ECGenParameterSpec(name));
return parameters.getParameterSpec(ECParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
}
public static ECParameterSpec getECParameterSpec(Provider p, int keySize) {
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(new ECKeySizeParameterSpec(keySize));
return parameters.getParameterSpec(ECParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
}
public static String getCurveName(Provider p, ECParameterSpec spec) {
ECGenParameterSpec nameSpec;
AlgorithmParameters parameters = getECParameters(p);
try {
parameters.init(spec);
nameSpec = parameters.getParameterSpec(ECGenParameterSpec.class);
} catch (InvalidParameterSpecException ipse) {
return null;
}
if (nameSpec == null) {
return null;
}
return nameSpec.getName();
}
private ECUtil() {}
}
test/sun/security/pkcs11/ec/TestCurves.java
浏览文件 @ 6644acde
...@@ -38,9 +38,6 @@ import java.security.spec.*; ...@@ -38,9 +38,6 @@ import java.security.spec.*;
import javax.crypto.*; import javax.crypto.*;
// XXX no public API to enumerate supported named curves
import sun.security.ec.NamedCurve;
public class TestCurves extends PKCS11Test { public class TestCurves extends PKCS11Test {
public static void main(String[] args) throws Exception { public static void main(String[] args) throws Exception {
...@@ -57,8 +54,8 @@ public class TestCurves extends PKCS11Test { ...@@ -57,8 +54,8 @@ public class TestCurves extends PKCS11Test {
byte[] data = new byte[2048]; byte[] data = new byte[2048];
random.nextBytes(data); random.nextBytes(data);
Collection<? extends ECParameterSpec> curves = Vector<ECParameterSpec> curves = getKnownCurves(p);
NamedCurve.knownECParameterSpecs();
for (ECParameterSpec params : curves) { for (ECParameterSpec params : curves) {
System.out.println("Testing " + params + "..."); System.out.println("Testing " + params + "...");
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", p); KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", p);
...@@ -92,6 +89,66 @@ public class TestCurves extends PKCS11Test { ...@@ -92,6 +89,66 @@ public class TestCurves extends PKCS11Test {
System.out.println("OK"); System.out.println("OK");
} }
private static Vector<ECParameterSpec>
getKnownCurves(Provider p) throws Exception {
int index;
int begin;
int end;
String curve;
Vector<ECParameterSpec> results = new Vector<ECParameterSpec>();
String kcProp =
p.getProperty("AlgorithmParameters.EC SupportedCurves");
if (kcProp == null) {
throw new RuntimeException(
"\"AlgorithmParameters.EC SupportedCurves property\" not found");
}
index = 0;
for (;;) {
// Each set of curve names is enclosed with brackets.
begin = kcProp.indexOf('[', index);
end = kcProp.indexOf(']', index);
if (begin == -1 || end == -1) {
break;
}
/*
* Each name is separated by a comma.
* Just get the first name in the set.
*/
index = end + 1;
begin++;
end = kcProp.indexOf(',', begin);
if (end == -1) {
// Only one name in the set.
end = index -1;
}
curve = kcProp.substring(begin, end);
results.add(getECParameterSpec(p, curve));
}
if (results.size() == 0) {
throw new RuntimeException("No supported EC curves found");
}
return results;
}
private static ECParameterSpec getECParameterSpec(Provider p, String name)
throws Exception {
AlgorithmParameters parameters =
AlgorithmParameters.getInstance("EC", p);
parameters.init(new ECGenParameterSpec(name));
return parameters.getParameterSpec(ECParameterSpec.class);
}
private static void testSigning(Provider p, String algorithm, private static void testSigning(Provider p, String algorithm,
byte[] data, KeyPair kp1, KeyPair kp2) throws Exception { byte[] data, KeyPair kp1, KeyPair kp2) throws Exception {
// System.out.print(" " + algorithm); // System.out.print(" " + algorithm);
...@@ -115,6 +172,4 @@ public class TestCurves extends PKCS11Test { ...@@ -115,6 +172,4 @@ public class TestCurves extends PKCS11Test {
throw new Exception("Signature should not verify"); throw new Exception("Signature should not verify");
} }
} }
} }
test/sun/security/pkcs11/ec/TestECDH2.java
浏览文件 @ 6644acde
...@@ -41,7 +41,7 @@ import java.security.spec.*; ...@@ -41,7 +41,7 @@ import java.security.spec.*;
import java.security.interfaces.*; import java.security.interfaces.*;
import javax.crypto.*; import javax.crypto.*;
import sun.security.ec.NamedCurve; import sun.security.util.ECUtil;
public class TestECDH2 extends PKCS11Test { public class TestECDH2 extends PKCS11Test {
...@@ -79,8 +79,8 @@ public class TestECDH2 extends PKCS11Test { ...@@ -79,8 +79,8 @@ public class TestECDH2 extends PKCS11Test {
} }
private KeyPair genECKeyPair(String curvName, String privD, String pubX, private KeyPair genECKeyPair(String curvName, String privD, String pubX,
String pubY) throws Exception { String pubY, Provider p) throws Exception {
ECParameterSpec ecParams = NamedCurve.getECParameterSpec(curvName); ECParameterSpec ecParams = ECUtil.getECParameterSpec(p, curvName);
ECPrivateKeySpec privKeySpec = ECPrivateKeySpec privKeySpec =
new ECPrivateKeySpec(new BigInteger(privD, 16), ecParams); new ECPrivateKeySpec(new BigInteger(privD, 16), ecParams);
ECPublicKeySpec pubKeySpec = ECPublicKeySpec pubKeySpec =
...@@ -112,12 +112,14 @@ public class TestECDH2 extends PKCS11Test { ...@@ -112,12 +112,14 @@ public class TestECDH2 extends PKCS11Test {
System.out.println("Testing against NIST P-256"); System.out.println("Testing against NIST P-256");
long start = System.currentTimeMillis(); long start = System.currentTimeMillis();
KeyPair kp256A = genECKeyPair("secp256r1", privD256, pubX256, pubY256); KeyPair kp256A =
genECKeyPair("secp256r1", privD256, pubX256, pubY256, provider);
KeyPair kp256B = genECKeyPair("secp256r1"); KeyPair kp256B = genECKeyPair("secp256r1");
testKeyAgreement(kp256A, kp256B, provider); testKeyAgreement(kp256A, kp256B, provider);
System.out.println("Testing against NIST P-384"); System.out.println("Testing against NIST P-384");
KeyPair kp384A = genECKeyPair("secp384r1", privD384, pubX384, pubY384); KeyPair kp384A =
genECKeyPair("secp384r1", privD384, pubX384, pubY384, provider);
KeyPair kp384B = genECKeyPair("secp384r1"); KeyPair kp384B = genECKeyPair("secp384r1");
testKeyAgreement(kp384A, kp384B, provider); testKeyAgreement(kp384A, kp384B, provider);
......
test/sun/security/pkcs11/ec/TestECDSA2.java
浏览文件 @ 6644acde
...@@ -40,7 +40,7 @@ import java.security.*; ...@@ -40,7 +40,7 @@ import java.security.*;
import java.security.spec.*; import java.security.spec.*;
import java.security.interfaces.*; import java.security.interfaces.*;
import sun.security.ec.NamedCurve; import sun.security.util.ECUtil;
public class TestECDSA2 extends PKCS11Test { public class TestECDSA2 extends PKCS11Test {
...@@ -75,8 +75,9 @@ public class TestECDSA2 extends PKCS11Test { ...@@ -75,8 +75,9 @@ public class TestECDSA2 extends PKCS11Test {
System.out.println(p.getName() + ": " + alg + " Passed"); System.out.println(p.getName() + ": " + alg + " Passed");
} }
private KeyPair genECKeyPair(String curvName, String privD, String pubX, String pubY) throws Exception { private KeyPair genECKeyPair(String curvName, String privD, String pubX,
ECParameterSpec ecParams = NamedCurve.getECParameterSpec(curvName); String pubY, Provider p) throws Exception {
ECParameterSpec ecParams = ECUtil.getECParameterSpec(p, curvName);
ECPrivateKeySpec privKeySpec = ECPrivateKeySpec privKeySpec =
new ECPrivateKeySpec(new BigInteger(privD, 16), ecParams); new ECPrivateKeySpec(new BigInteger(privD, 16), ecParams);
ECPublicKeySpec pubKeySpec = ECPublicKeySpec pubKeySpec =
...@@ -108,12 +109,14 @@ public class TestECDSA2 extends PKCS11Test { ...@@ -108,12 +109,14 @@ public class TestECDSA2 extends PKCS11Test {
long start = System.currentTimeMillis(); long start = System.currentTimeMillis();
if (testP256) { if (testP256) {
// can use secp256r1, NIST P-256, X9.62 prime256v1, or 1.2.840.10045.3.1.7 // can use secp256r1, NIST P-256, X9.62 prime256v1, or 1.2.840.10045.3.1.7
KeyPair kp = genECKeyPair("secp256r1", privD256, pubX256, pubY256); KeyPair kp =
genECKeyPair("secp256r1", privD256, pubX256, pubY256, provider);
testSignAndVerify("SHA256withECDSA", kp, provider); testSignAndVerify("SHA256withECDSA", kp, provider);
} }
if (testP384) { if (testP384) {
// can use secp384r1, NIST P-384, 1.3.132.0.34 // can use secp384r1, NIST P-384, 1.3.132.0.34
KeyPair kp = genECKeyPair("secp384r1", privD384, pubX384, pubY384); KeyPair kp =
genECKeyPair("secp384r1", privD384, pubX384, pubY384, provider);
testSignAndVerify("SHA384withECDSA", kp, provider); testSignAndVerify("SHA384withECDSA", kp, provider);
} }
long stop = System.currentTimeMillis(); long stop = System.currentTimeMillis();
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册