jdk-sandbox: comparison src/java.base/share/classes/sun/security/rsa/RSASignature.java

equal deleted inserted replaced

-:39d88709b138
+:3195a713e24d
 /*
-* Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
+* Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 import java.io.IOException;
 import java.nio.ByteBuffer;
 import java.security.*;
 import java.security.interfaces.*;
+import java.security.spec.AlgorithmParameterSpec;
+import sun.security.rsa.RSAUtil.KeyType;
 import sun.security.util.*;
 import sun.security.x509.AlgorithmId;
 /**
-* PKCS#1 RSA signatures with the various message digest algorithms.
+* PKCS#1 v1.5 RSA signatures with the various message digest algorithms.
 * This file contains an abstract base class with all the logic plus
 * a nested static class for each of the message digest algorithms
 * (see end of the file). We support MD2, MD5, SHA-1, SHA-224, SHA-256,
-* SHA-384, and SHA-512.
+* SHA-384, SHA-512, SHA-512/224, and SHA-512/256.
 *
 * @since   1.5
 * @author  Andreas Sterbenz
 */
 public abstract class RSASignature extends SignatureSpi {
 digestReset = true;
 encodedLength = baseLength + oidLength + md.getDigestLength();
 }
 // initialize for verification. See JCA doc
+@Override
 protected void engineInitVerify(PublicKey publicKey)
 throws InvalidKeyException {
 RSAPublicKey rsaKey = (RSAPublicKey)RSAKeyFactory.toRSAKey(publicKey);
 this.privateKey = null;
 this.publicKey = rsaKey;
 initCommon(rsaKey, null);
 }
 // initialize for signing. See JCA doc
+@Override
 protected void engineInitSign(PrivateKey privateKey)
 throws InvalidKeyException {
 engineInitSign(privateKey, null);
 }
 // initialize for signing. See JCA doc
+@Override
 protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
 throws InvalidKeyException {
 RSAPrivateKey rsaKey =
 (RSAPrivateKey)RSAKeyFactory.toRSAKey(privateKey);
 this.privateKey = rsaKey;
 /**
 * Init code common to sign and verify.
 */
 private void initCommon(RSAKey rsaKey, SecureRandom random)
 throws InvalidKeyException {
+try {
+RSAUtil.checkParamsAgainstType(KeyType.RSA, rsaKey.getParams());
+} catch (ProviderException e) {
+throw new InvalidKeyException("Invalid key for RSA signatures", e);
+}
 resetDigest();
 int keySize = RSACore.getByteLength(rsaKey);
 try {
 padding = RSAPadding.getInstance
 (RSAPadding.PAD_BLOCKTYPE_1, keySize, random);
 digestReset = true;
 return md.digest();
 }
 // update the signature with the plaintext data. See JCA doc
+@Override
 protected void engineUpdate(byte b) throws SignatureException {
 md.update(b);
 digestReset = false;
 }
 // update the signature with the plaintext data. See JCA doc
+@Override
 protected void engineUpdate(byte[] b, int off, int len)
 throws SignatureException {
 md.update(b, off, len);
 digestReset = false;
 }
 // update the signature with the plaintext data. See JCA doc
+@Override
 protected void engineUpdate(ByteBuffer b) {
 md.update(b);
 digestReset = false;
 }
 // sign the data and return the signature. See JCA doc
+@Override
 protected byte[] engineSign() throws SignatureException {
+if (privateKey == null) {
+throw new SignatureException("Missing private key");
+}
 byte[] digest = getDigestValue();
 try {
 byte[] encoded = encodeSignature(digestOID, digest);
 byte[] padded = padding.pad(encoded);
 byte[] encrypted = RSACore.rsa(padded, privateKey, true);
 }
 }
 // verify the data and return the result. See JCA doc
 // should be reset to the state after engineInitVerify call.
+@Override
 protected boolean engineVerify(byte[] sigBytes) throws SignatureException {
+if (publicKey == null) {
+throw new SignatureException("Missing public key");
+}
 try {
 if (sigBytes.length != RSACore.getByteLength(publicKey)) {
 throw new SignatureException("Signature length not correct: got " +
 sigBytes.length + " but was expecting " +
 RSACore.getByteLength(publicKey));
 return digest;
 }
 // set parameter, not supported. See JCA doc
 @Deprecated
+@Override
 protected void engineSetParameter(String param, Object value)
 throws InvalidParameterException {
 throw new UnsupportedOperationException("setParameter() not supported");
 }
+// See JCA doc
+@Override
+protected void engineSetParameter(AlgorithmParameterSpec params)
+throws InvalidAlgorithmParameterException {
+if (params != null) {
+throw new InvalidAlgorithmParameterException("No parameters accepted");
+}
+}
 // get parameter, not supported. See JCA doc
 @Deprecated
+@Override
 protected Object engineGetParameter(String param)
 throws InvalidParameterException {
 throw new UnsupportedOperationException("getParameter() not supported");
+}
+// See JCA doc
+@Override
+protected AlgorithmParameters engineGetParameters() {
+return null;
 }
 // Nested class for MD2withRSA signatures
 public static final class MD2withRSA extends RSASignature {
 public MD2withRSA() {
 public SHA512withRSA() {
 super("SHA-512", AlgorithmId.SHA512_oid, 11);
 }
 }
+// Nested class for SHA512/224withRSA signatures
+public static final class SHA512_224withRSA extends RSASignature {
+public SHA512_224withRSA() {
+super("SHA-512/224", AlgorithmId.SHA512_224_oid, 11);
+}
+}
+// Nested class for SHA512/256withRSA signatures
+public static final class SHA512_256withRSA extends RSASignature {
+public SHA512_256withRSA() {
+super("SHA-512/256", AlgorithmId.SHA512_256_oid, 11);
+}
+}
 }

changeset 50204	3195a713e24d
parent 47216	71c04702a3d5
child 56592	b1902b22005e