--- a/src/java.base/share/classes/sun/security/rsa/RSASignature.java Fri May 11 14:55:56 2018 -0700
+++ b/src/java.base/share/classes/sun/security/rsa/RSASignature.java Fri May 11 15:53:12 2018 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -30,16 +30,18 @@
import java.security.*;
import java.security.interfaces.*;
+import java.security.spec.AlgorithmParameterSpec;
+import sun.security.rsa.RSAUtil.KeyType;
import sun.security.util.*;
import sun.security.x509.AlgorithmId;
/**
- * PKCS#1 RSA signatures with the various message digest algorithms.
+ * PKCS#1 v1.5 RSA signatures with the various message digest algorithms.
* This file contains an abstract base class with all the logic plus
* a nested static class for each of the message digest algorithms
* (see end of the file). We support MD2, MD5, SHA-1, SHA-224, SHA-256,
- * SHA-384, and SHA-512.
+ * SHA-384, SHA-512, SHA-512/224, and SHA-512/256.
*
* @since 1.5
* @author Andreas Sterbenz
@@ -85,6 +87,7 @@
}
// initialize for verification. See JCA doc
+ @Override
protected void engineInitVerify(PublicKey publicKey)
throws InvalidKeyException {
RSAPublicKey rsaKey = (RSAPublicKey)RSAKeyFactory.toRSAKey(publicKey);
@@ -94,12 +97,14 @@
}
// initialize for signing. See JCA doc
+ @Override
protected void engineInitSign(PrivateKey privateKey)
throws InvalidKeyException {
engineInitSign(privateKey, null);
}
// initialize for signing. See JCA doc
+ @Override
protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
throws InvalidKeyException {
RSAPrivateKey rsaKey =
@@ -114,6 +119,11 @@
*/
private void initCommon(RSAKey rsaKey, SecureRandom random)
throws InvalidKeyException {
+ try {
+ RSAUtil.checkParamsAgainstType(KeyType.RSA, rsaKey.getParams());
+ } catch (ProviderException e) {
+ throw new InvalidKeyException("Invalid key for RSA signatures", e);
+ }
resetDigest();
int keySize = RSACore.getByteLength(rsaKey);
try {
@@ -148,12 +158,14 @@
}
// update the signature with the plaintext data. See JCA doc
+ @Override
protected void engineUpdate(byte b) throws SignatureException {
md.update(b);
digestReset = false;
}
// update the signature with the plaintext data. See JCA doc
+ @Override
protected void engineUpdate(byte[] b, int off, int len)
throws SignatureException {
md.update(b, off, len);
@@ -161,13 +173,18 @@
}
// update the signature with the plaintext data. See JCA doc
+ @Override
protected void engineUpdate(ByteBuffer b) {
md.update(b);
digestReset = false;
}
// sign the data and return the signature. See JCA doc
+ @Override
protected byte[] engineSign() throws SignatureException {
+ if (privateKey == null) {
+ throw new SignatureException("Missing private key");
+ }
byte[] digest = getDigestValue();
try {
byte[] encoded = encodeSignature(digestOID, digest);
@@ -183,7 +200,11 @@
// verify the data and return the result. See JCA doc
// should be reset to the state after engineInitVerify call.
+ @Override
protected boolean engineVerify(byte[] sigBytes) throws SignatureException {
+ if (publicKey == null) {
+ throw new SignatureException("Missing public key");
+ }
try {
if (sigBytes.length != RSACore.getByteLength(publicKey)) {
throw new SignatureException("Signature length not correct: got " +
@@ -248,18 +269,35 @@
// set parameter, not supported. See JCA doc
@Deprecated
+ @Override
protected void engineSetParameter(String param, Object value)
throws InvalidParameterException {
throw new UnsupportedOperationException("setParameter() not supported");
}
+ // See JCA doc
+ @Override
+ protected void engineSetParameter(AlgorithmParameterSpec params)
+ throws InvalidAlgorithmParameterException {
+ if (params != null) {
+ throw new InvalidAlgorithmParameterException("No parameters accepted");
+ }
+ }
+
// get parameter, not supported. See JCA doc
@Deprecated
+ @Override
protected Object engineGetParameter(String param)
throws InvalidParameterException {
throw new UnsupportedOperationException("getParameter() not supported");
}
+ // See JCA doc
+ @Override
+ protected AlgorithmParameters engineGetParameters() {
+ return null;
+ }
+
// Nested class for MD2withRSA signatures
public static final class MD2withRSA extends RSASignature {
public MD2withRSA() {
@@ -309,4 +347,17 @@
}
}
+ // Nested class for SHA512/224withRSA signatures
+ public static final class SHA512_224withRSA extends RSASignature {
+ public SHA512_224withRSA() {
+ super("SHA-512/224", AlgorithmId.SHA512_224_oid, 11);
+ }
+ }
+
+ // Nested class for SHA512/256withRSA signatures
+ public static final class SHA512_256withRSA extends RSASignature {
+ public SHA512_256withRSA() {
+ super("SHA-512/256", AlgorithmId.SHA512_256_oid, 11);
+ }
+ }
}