diff --git a/make/sun/security/ec/Makefile b/make/sun/security/ec/Makefile index 0e92dd59cfff5934f4d81bbe625f8fc86634f292..660d8bbd0f8e9272923454276e6f6fcc8dc18821 100644 --- a/make/sun/security/ec/Makefile +++ b/make/sun/security/ec/Makefile @@ -128,7 +128,6 @@ AUTO_FILES_JAVA_DIRS = $(PKGDIR) # Exclude the sources that get built by ../other/Makefile # AUTO_JAVA_PRUNE = \ - ECKeyFactory.java \ ECParameters.java \ ECPrivateKeyImpl.java \ ECPublicKeyImpl.java \ diff --git a/make/sun/security/other/Makefile b/make/sun/security/other/Makefile index cc869aec2e3947daf6ae2b6d63c3647288ed382c..c0ee97711dd63f2514d27901e66f7f54f48dbcac 100644 --- a/make/sun/security/other/Makefile +++ b/make/sun/security/other/Makefile @@ -53,7 +53,6 @@ AUTO_FILES_JAVA_DIRS = \ # EC classes used by the packages above # FILES_java += \ - sun/security/ec/ECKeyFactory.java \ sun/security/ec/ECParameters.java \ sun/security/ec/ECPrivateKeyImpl.java \ sun/security/ec/ECPublicKeyImpl.java \ diff --git a/src/share/classes/sun/security/ec/ECKeyFactory.java b/src/share/classes/sun/security/ec/ECKeyFactory.java index cd35c91d14b6fe73a9e2162aab97ce0304916ad4..16ee677816995f5bb69f25dfdd8877f06e37fd05 100644 --- a/src/share/classes/sun/security/ec/ECKeyFactory.java +++ b/src/share/classes/sun/security/ec/ECKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -51,33 +51,21 @@ import java.security.spec.*; */ public final class ECKeyFactory extends KeyFactorySpi { - // Used by translateKey() and the SunPKCS11 provider - public final static KeyFactory INSTANCE; + // Used by translateKey() + private static KeyFactory instance; - // Internal provider object we can obtain the KeyFactory and - // AlgorithmParameters from. Used by ECParameters and AlgorithmId. - // This can go away once we have EC always available in the SUN provider. - // Used by ECParameters and AlgorithmId. - public final static Provider ecInternalProvider; - - static { - final Provider p = new Provider("SunEC-Internal", 1.0d, null) { - private static final long serialVersionUID = 970685700309471261L; - }; - AccessController.doPrivileged(new PrivilegedAction() { - public Void run() { - p.put("KeyFactory.EC", "sun.security.ec.ECKeyFactory"); - p.put("AlgorithmParameters.EC", "sun.security.ec.ECParameters"); - p.put("Alg.Alias.AlgorithmParameters.1.2.840.10045.2.1", "EC"); - return null; + private static KeyFactory getInstance() { + if (instance == null) { + try { + instance = KeyFactory.getInstance("EC", "SunEC"); + } catch (NoSuchProviderException e) { + throw new RuntimeException(e); + } catch (NoSuchAlgorithmException e) { + throw new RuntimeException(e); } - }); - try { - INSTANCE = KeyFactory.getInstance("EC", p); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException(e); } - ecInternalProvider = p; + + return instance; } public ECKeyFactory() { @@ -102,7 +90,12 @@ public final class ECKeyFactory extends KeyFactorySpi { checkKey(ecKey); return ecKey; } else { - return (ECKey)INSTANCE.translateKey(key); + /* + * We don't call the engineTranslateKey method directly + * because KeyFactory.translateKey adds code to loop through + * all key factories. + */ + return (ECKey)getInstance().translateKey(key); } } diff --git a/src/share/classes/sun/security/ec/ECParameters.java b/src/share/classes/sun/security/ec/ECParameters.java index 614ba3f4675f9a15733d14f29c95f7afd485bd97..56037ada9390439704a22799ea1545a736a75405 100644 --- a/src/share/classes/sun/security/ec/ECParameters.java +++ b/src/share/classes/sun/security/ec/ECParameters.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -276,8 +276,8 @@ public final class ECParameters extends AlgorithmParametersSpi { static AlgorithmParameters getAlgorithmParameters(ECParameterSpec spec) throws InvalidKeyException { try { - AlgorithmParameters params = AlgorithmParameters.getInstance - ("EC", ECKeyFactory.ecInternalProvider); + AlgorithmParameters params = + AlgorithmParameters.getInstance("EC", "SunEC"); params.init(spec); return params; } catch (GeneralSecurityException e) { diff --git a/src/share/classes/sun/security/ec/ECPublicKeyImpl.java b/src/share/classes/sun/security/ec/ECPublicKeyImpl.java index aae485c12415d1b317d103b43d5c4a10ec83137f..0dcf4b030a977c49fc5a18f8a6209f71dee08d64 100644 --- a/src/share/classes/sun/security/ec/ECPublicKeyImpl.java +++ b/src/share/classes/sun/security/ec/ECPublicKeyImpl.java @@ -96,8 +96,13 @@ public final class ECPublicKeyImpl extends X509Key implements ECPublicKey { */ @SuppressWarnings("deprecation") protected void parseKeyBits() throws InvalidKeyException { + AlgorithmParameters algParams = this.algid.getParameters(); + if (algParams == null) { + throw new InvalidKeyException("EC domain parameters must be " + + "encoded in the algorithm identifier"); + } + try { - AlgorithmParameters algParams = this.algid.getParameters(); params = algParams.getParameterSpec(ECParameterSpec.class); w = ECParameters.decodePoint(key, params.getCurve()); } catch (IOException e) { diff --git a/src/share/classes/sun/security/ec/SunECEntries.java b/src/share/classes/sun/security/ec/SunECEntries.java index 6d2cb65a77afc26d3e704c0cba70573150ac4fc2..e359ccc79f1d09c627b7e313ec5803e68b03c6cc 100644 --- a/src/share/classes/sun/security/ec/SunECEntries.java +++ b/src/share/classes/sun/security/ec/SunECEntries.java @@ -54,6 +54,7 @@ final class SunECEntries { */ map.put("AlgorithmParameters.EC", "sun.security.ec.ECParameters"); map.put("Alg.Alias.AlgorithmParameters.EllipticCurve", "EC"); + map.put("Alg.Alias.AlgorithmParameters.1.2.840.10045.2.1", "EC"); map.put("AlgorithmParameters.EC KeySize", "256"); diff --git a/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java b/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java index ef6cf3a1ef573f88857e8191fa7901504c00ea20..a4c48e76d4445b6fb2b27be31122b30ce10b525e 100644 --- a/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java +++ b/src/share/classes/sun/security/pkcs11/P11ECKeyFactory.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2006, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -304,7 +304,7 @@ final class P11ECKeyFactory extends P11KeyFactory { } KeyFactory implGetSoftwareFactory() throws GeneralSecurityException { - return sun.security.ec.ECKeyFactory.INSTANCE; + return KeyFactory.getInstance("EC", "SunEC"); } } diff --git a/src/share/classes/sun/security/x509/AlgorithmId.java b/src/share/classes/sun/security/x509/AlgorithmId.java index d4ca79599706dc8b7985d934a1f32a377a25eb19..7124920956ddf7744b5ee44edb3cec6fe7673677 100644 --- a/src/share/classes/sun/security/x509/AlgorithmId.java +++ b/src/share/classes/sun/security/x509/AlgorithmId.java @@ -120,21 +120,14 @@ public class AlgorithmId implements Serializable, DerEncoder { try { algParams = AlgorithmParameters.getInstance(algidString); } catch (NoSuchAlgorithmException e) { - try { - // Try the internal EC code so that we can fully parse EC - // keys even if the provider is not registered. - // This code can go away once we have EC in the SUN provider. - algParams = AlgorithmParameters.getInstance(algidString, - sun.security.ec.ECKeyFactory.ecInternalProvider); - } catch (NoSuchAlgorithmException ee) { - /* - * This algorithm parameter type is not supported, so we cannot - * parse the parameters. - */ - algParams = null; - return; - } + /* + * This algorithm parameter type is not supported, so we cannot + * parse the parameters. + */ + algParams = null; + return; } + // Decode (parse) the parameters algParams.init(params.toByteArray()); } diff --git a/test/sun/security/ec/TestEC.java b/test/sun/security/ec/TestEC.java index c23980d14ffa4e7ee95d38be4b59fa5f011512dc..41d0f0361dad0adda5f4290b6126e8c0c6208bf3 100644 --- a/test/sun/security/ec/TestEC.java +++ b/test/sun/security/ec/TestEC.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -33,6 +33,7 @@ * @run main TestEC */ +import java.security.NoSuchProviderException; import java.security.Provider; import java.security.Security; @@ -62,7 +63,12 @@ public class TestEC { } public static void main0(String[] args) throws Exception { - Provider p = new sun.security.ec.SunEC(); + Provider p = Security.getProvider("SunEC"); + + if (p == null) { + throw new NoSuchProviderException("Can't get SunEC provider"); + } + System.out.println("Running tests with " + p.getName() + " provider...\n"); long start = System.currentTimeMillis(); diff --git a/test/sun/security/pkcs11/ec/ReadCertificates.java b/test/sun/security/pkcs11/ec/ReadCertificates.java index 2aa38a9f505799e6caa8f5cd3b6f4cfd837d2058..eba81c6d3eab71a7a3cd0407a6c9fb7d0d7f4494 100644 --- a/test/sun/security/pkcs11/ec/ReadCertificates.java +++ b/test/sun/security/pkcs11/ec/ReadCertificates.java @@ -63,6 +63,10 @@ public class ReadCertificates extends PKCS11Test { System.out.println("Provider does not support ECDSA, skipping..."); return; } + + /* + * PKCS11Test.main will remove this provider if needed + */ Providers.setAt(p, 1); random = new SecureRandom(); @@ -132,7 +136,6 @@ public class ReadCertificates extends PKCS11Test { } } - Security.removeProvider(p.getName()); System.out.println("OK"); } diff --git a/test/sun/security/pkcs11/ec/ReadPKCS12.java b/test/sun/security/pkcs11/ec/ReadPKCS12.java index 979783eace74eb3aa5d40757d5e4a34f7235a695..6acc667aaf34ee20a563abacdd01cb6d2d9098e8 100644 --- a/test/sun/security/pkcs11/ec/ReadPKCS12.java +++ b/test/sun/security/pkcs11/ec/ReadPKCS12.java @@ -53,6 +53,10 @@ public class ReadPKCS12 extends PKCS11Test { System.out.println("Provider does not support ECDSA, skipping..."); return; } + + /* + * PKCS11Test.main will remove this provider if needed + */ Providers.setAt(p, 1); CertificateFactory factory = CertificateFactory.getInstance("X.509"); @@ -147,7 +151,6 @@ public class ReadPKCS12 extends PKCS11Test { out.close(); } - Security.removeProvider(p.getName()); System.out.println("OK"); } diff --git a/test/sun/security/pkcs11/ec/TestECDH.java b/test/sun/security/pkcs11/ec/TestECDH.java index 3182cff27d9dab57e0b32d3d26349d3791b2c7ba..aa26d5c6d43a934b504e2821f95dec533c3313d0 100644 --- a/test/sun/security/pkcs11/ec/TestECDH.java +++ b/test/sun/security/pkcs11/ec/TestECDH.java @@ -60,6 +60,10 @@ public class TestECDH extends PKCS11Test { System.out.println("Provider does not support ECDH, skipping"); return; } + + /* + * PKCS11Test.main will remove this provider if needed + */ Providers.setAt(p, 1); if (false) { @@ -77,7 +81,6 @@ public class TestECDH extends PKCS11Test { test(p, pub192a, priv192a, pub192b, priv192b, secret192); test(p, pub163a, priv163a, pub163b, priv163b, secret163); - Security.removeProvider(p.getName()); System.out.println("OK"); } diff --git a/test/sun/security/pkcs11/ec/TestECDSA.java b/test/sun/security/pkcs11/ec/TestECDSA.java index 0514d1d575e4007d87a99ec905969b03582bc73e..6f5325aae9e50ae47e818cb912a4d35e467c5099 100644 --- a/test/sun/security/pkcs11/ec/TestECDSA.java +++ b/test/sun/security/pkcs11/ec/TestECDSA.java @@ -116,6 +116,10 @@ public class TestECDSA extends PKCS11Test { System.out.println("ECDSA not supported, skipping"); return; } + + /* + * PKCS11Test.main will remove this provider if needed + */ Providers.setAt(provider, 1); if (false) { @@ -137,7 +141,6 @@ public class TestECDSA extends PKCS11Test { test(provider, pub521, priv521, sig521); test(provider, pub571, priv571, sig571); - Security.removeProvider(provider.getName()); long stop = System.currentTimeMillis(); System.out.println("All tests passed (" + (stop - start) + " ms)."); }