archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 14:54:52 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8325164: Named groups and signature schemes unavailable with SunPKCS11 in FIPS mode

Browse source 
Reviewed-by: valeriep
This commit is contained in:
Daniel Jeliński 2024-03-13 19:09:52 +00:00
parent eb45d5bd64
commit 8f9899b23e
10 changed files with 66 additions and 67 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/java.base/share/classes/sun/security/ec/ECKeyPairGenerator.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2009, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,7 +29,6 @@ import java.security.*;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.InvalidParameterSpecException;
import java.util.Arrays;
import java.util.Optional;
@ -37,7 +36,7 @@ import java.util.Optional;
import sun.security.jca.JCAUtil;
import sun.security.util.ECUtil;
import sun.security.util.math.*;
import sun.security.ec.point.*;
import static sun.security.util.SecurityProviderConstants.DEF_EC_KEY_SIZE;
import static sun.security.ec.ECOperations.IntermediateValueException;
@ -74,7 +73,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
public void initialize(int keySize, SecureRandom random) {
checkKeySize(keySize);
this.params = ECUtil.getECParameterSpec(null, keySize);
this.params = ECUtil.getECParameterSpec(keySize);
if (params == null) {
throw new InvalidParameterException(
"No EC parameters available for key size " + keySize + " bits");
@ -91,14 +90,14 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
if (params instanceof ECParameterSpec) {
ECParameterSpec ecParams = (ECParameterSpec) params;
ecSpec = ECUtil.getECParameterSpec(null, ecParams);
ecSpec = ECUtil.getECParameterSpec(ecParams);
if (ecSpec == null) {
throw new InvalidAlgorithmParameterException(
"Curve not supported: " + params);
}
} else if (params instanceof ECGenParameterSpec) {
String name = ((ECGenParameterSpec) params).getName();
ecSpec = ECUtil.getECParameterSpec(null, name);
ecSpec = ECUtil.getECParameterSpec(name);
if (ecSpec == null) {
throw new InvalidAlgorithmParameterException(
"Unknown curve name: " + name);
@ -120,7 +119,7 @@ public final class ECKeyPairGenerator extends KeyPairGeneratorSpi {
throws InvalidAlgorithmParameterException {
// Check if ecSpec is a valid curve
AlgorithmParameters ecParams = ECUtil.getECParameters(null);
AlgorithmParameters ecParams = ECUtil.getECParameters();
try {
ecParams.init(ecSpec);
} catch (InvalidParameterSpecException ex) {

33
src/java.base/share/classes/sun/security/util/ECUtil.java
View file

@ -140,21 +140,16 @@ public final class ECUtil {
return (ECPrivateKey)keyFactory.generatePrivate(keySpec);
}
public static AlgorithmParameters getECParameters(Provider p) {
public static AlgorithmParameters getECParameters() {
try {
if (p != null) {
return AlgorithmParameters.getInstance("EC", p);
}
return AlgorithmParameters.getInstance("EC");
} catch (NoSuchAlgorithmException nsae) {
throw new RuntimeException(nsae);
}
}
public static byte[] encodeECParameterSpec(Provider p,
ECParameterSpec spec) {
AlgorithmParameters parameters = getECParameters(p);
public static byte[] encodeECParameterSpec(ECParameterSpec spec) {
AlgorithmParameters parameters = getECParameters();
try {
parameters.init(spec);
@ -170,9 +165,8 @@ public final class ECUtil {
}
}
public static ECParameterSpec getECParameterSpec(Provider p,
ECParameterSpec spec) {
AlgorithmParameters parameters = getECParameters(p);
public static ECParameterSpec getECParameterSpec(ECParameterSpec spec) {
AlgorithmParameters parameters = getECParameters();
try {
parameters.init(spec);
@ -182,10 +176,9 @@ public final class ECUtil {
}
}
public static ECParameterSpec getECParameterSpec(Provider p,
byte[] params)
public static ECParameterSpec getECParameterSpec(byte[] params)
throws IOException {
AlgorithmParameters parameters = getECParameters(p);
AlgorithmParameters parameters = getECParameters();
parameters.init(params);
@ -196,8 +189,8 @@ public final class ECUtil {
}
}
public static ECParameterSpec getECParameterSpec(Provider p, String name) {
AlgorithmParameters parameters = getECParameters(p);
public static ECParameterSpec getECParameterSpec(String name) {
AlgorithmParameters parameters = getECParameters();
try {
parameters.init(new ECGenParameterSpec(name));
@ -207,8 +200,8 @@ public final class ECUtil {
}
}
public static ECParameterSpec getECParameterSpec(Provider p, int keySize) {
AlgorithmParameters parameters = getECParameters(p);
public static ECParameterSpec getECParameterSpec(int keySize) {
AlgorithmParameters parameters = getECParameters();
try {
parameters.init(new ECKeySizeParameterSpec(keySize));
@ -219,9 +212,9 @@ public final class ECUtil {
}
public static String getCurveName(Provider p, ECParameterSpec spec) {
public static String getCurveName(ECParameterSpec spec) {
ECGenParameterSpec nameSpec;
AlgorithmParameters parameters = getECParameters(p);
AlgorithmParameters parameters = getECParameters();
try {
parameters.init(spec);

2
src/java.base/share/classes/sun/security/util/KeyUtil.java
View file

@ -153,7 +153,7 @@ public final class KeyUtil {
// Note: the ECGenParameterSpec case should be covered by the
// ECParameterSpec case above.
// See ECUtil.getECParameterSpec(Provider, String).
// See ECUtil.getECParameterSpec(String).
break;
case "DiffieHellman":