equal
deleted
inserted
replaced
809 String algorithm = publicKey.getAlgorithm(); |
809 String algorithm = publicKey.getAlgorithm(); |
810 if (protocolVersion.v >= ProtocolVersion.TLS12.v) { |
810 if (protocolVersion.v >= ProtocolVersion.TLS12.v) { |
811 sig = JsseJce.getSignature( |
811 sig = JsseJce.getSignature( |
812 preferableSignatureAlgorithm.getAlgorithmName()); |
812 preferableSignatureAlgorithm.getAlgorithmName()); |
813 } else { |
813 } else { |
814 if (algorithm.equals("DSA")) { |
814 switch (algorithm) { |
815 sig = JsseJce.getSignature(JsseJce.SIGNATURE_DSA); |
815 case "DSA": |
816 } else if (algorithm.equals("RSA")) { |
816 sig = JsseJce.getSignature(JsseJce.SIGNATURE_DSA); |
817 sig = RSASignature.getInstance(); |
817 break; |
818 } else { |
818 case "RSA": |
819 throw new SSLKeyException("neither an RSA or a DSA key"); |
819 sig = RSASignature.getInstance(); |
820 } |
820 break; |
|
821 default: |
|
822 throw new SSLKeyException("neither an RSA or a DSA key"); |
|
823 } |
821 } |
824 } |
822 |
825 |
823 sig.initVerify(publicKey); |
826 sig.initVerify(publicKey); |
824 updateSignature(sig, clntNonce, svrNonce); |
827 updateSignature(sig, clntNonce, svrNonce); |
825 |
828 |
1095 return publicKey; |
1098 return publicKey; |
1096 } |
1099 } |
1097 |
1100 |
1098 private static Signature getSignature(String keyAlgorithm) |
1101 private static Signature getSignature(String keyAlgorithm) |
1099 throws NoSuchAlgorithmException { |
1102 throws NoSuchAlgorithmException { |
1100 if (keyAlgorithm.equals("EC")) { |
1103 switch (keyAlgorithm) { |
1101 return JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA); |
1104 case "EC": |
1102 } else if (keyAlgorithm.equals("RSA")) { |
1105 return JsseJce.getSignature(JsseJce.SIGNATURE_ECDSA); |
1103 return RSASignature.getInstance(); |
1106 case "RSA": |
1104 } else { |
1107 return RSASignature.getInstance(); |
1105 throw new NoSuchAlgorithmException("neither an RSA or a EC key"); |
1108 default: |
1106 } |
1109 throw new NoSuchAlgorithmException("neither an RSA or a EC key"); |
|
1110 } |
1107 } |
1111 } |
1108 |
1112 |
1109 private void updateSignature(Signature sig, byte clntNonce[], |
1113 private void updateSignature(Signature sig, byte clntNonce[], |
1110 byte svrNonce[]) throws SignatureException { |
1114 byte svrNonce[]) throws SignatureException { |
1111 sig.update(clntNonce); |
1115 sig.update(clntNonce); |
1609 * Get the Signature object appropriate for verification using the |
1613 * Get the Signature object appropriate for verification using the |
1610 * given signature algorithm and protocol version. |
1614 * given signature algorithm and protocol version. |
1611 */ |
1615 */ |
1612 private static Signature getSignature(ProtocolVersion protocolVersion, |
1616 private static Signature getSignature(ProtocolVersion protocolVersion, |
1613 String algorithm) throws GeneralSecurityException { |
1617 String algorithm) throws GeneralSecurityException { |
1614 if (algorithm.equals("RSA")) { |
1618 switch (algorithm) { |
1615 return RSASignature.getInternalInstance(); |
1619 case "RSA": |
1616 } else if (algorithm.equals("DSA")) { |
1620 return RSASignature.getInternalInstance(); |
1617 return JsseJce.getSignature(JsseJce.SIGNATURE_RAWDSA); |
1621 case "DSA": |
1618 } else if (algorithm.equals("EC")) { |
1622 return JsseJce.getSignature(JsseJce.SIGNATURE_RAWDSA); |
1619 return JsseJce.getSignature(JsseJce.SIGNATURE_RAWECDSA); |
1623 case "EC": |
1620 } else { |
1624 return JsseJce.getSignature(JsseJce.SIGNATURE_RAWECDSA); |
1621 throw new SignatureException("Unrecognized algorithm: " |
1625 default: |
1622 + algorithm); |
1626 throw new SignatureException("Unrecognized algorithm: " |
1623 } |
1627 + algorithm); |
|
1628 } |
1624 } |
1629 } |
1625 |
1630 |
1626 /* |
1631 /* |
1627 * Update the Signature with the data appropriate for the given |
1632 * Update the Signature with the data appropriate for the given |
1628 * signature algorithm and protocol version so that the object is |
1633 * signature algorithm and protocol version so that the object is |
1694 } |
1699 } |
1695 md.update(pad2); |
1700 md.update(pad2); |
1696 md.update(temp); |
1701 md.update(temp); |
1697 } |
1702 } |
1698 |
1703 |
1699 private final static Class delegate; |
1704 private final static Class<?> delegate; |
1700 private final static Field spiField; |
1705 private final static Field spiField; |
1701 |
1706 |
1702 static { |
1707 static { |
1703 try { |
1708 try { |
1704 delegate = Class.forName("java.security.MessageDigest$Delegate"); |
1709 delegate = Class.forName("java.security.MessageDigest$Delegate"); |
1722 private final static Object NULL_OBJECT = new Object(); |
1727 private final static Object NULL_OBJECT = new Object(); |
1723 |
1728 |
1724 // cache Method objects per Spi class |
1729 // cache Method objects per Spi class |
1725 // Note that this will prevent the Spi classes from being GC'd. We assume |
1730 // Note that this will prevent the Spi classes from being GC'd. We assume |
1726 // that is not a problem. |
1731 // that is not a problem. |
1727 private final static Map<Class,Object> methodCache = |
1732 private final static Map<Class<?>,Object> methodCache = |
1728 new ConcurrentHashMap<>(); |
1733 new ConcurrentHashMap<>(); |
1729 |
1734 |
1730 private static void digestKey(MessageDigest md, SecretKey key) { |
1735 private static void digestKey(MessageDigest md, SecretKey key) { |
1731 try { |
1736 try { |
1732 // Verify that md is implemented via MessageDigestSpi, not |
1737 // Verify that md is implemented via MessageDigestSpi, not |