jdk-sandbox: comparison jdk/src/share/classes/sun/security/ec/ECParameters.java

equal deleted inserted replaced

-:374c1cceefff
+:7a33824ec8c5
 */
 package sun.security.ec;
 import java.io.IOException;
-import java.math.BigInteger;
 import java.security.*;
 import java.security.spec.*;
 import sun.security.util.*;
 * @since   1.6
 * @author  Andreas Sterbenz
 */
 public final class ECParameters extends AlgorithmParametersSpi {
-public ECParameters() {
-// empty
-}
-// Used by SunPKCS11 and SunJSSE.
-public static ECPoint decodePoint(byte[] data, EllipticCurve curve)
-throws IOException {
-if ((data.length == 0) || (data[0] != 4)) {
-throw new IOException("Only uncompressed point format supported");
-}
-// Per ANSI X9.62, an encoded point is a 1 byte type followed by
-// ceiling(log base 2 field-size / 8) bytes of x and the same of y.
-int n = (data.length - 1) / 2;
-if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {
-throw new IOException("Point does not match field size");
-}
-byte[] xb = new byte[n];
-byte[] yb = new byte[n];
-System.arraycopy(data, 1, xb, 0, n);
-System.arraycopy(data, n + 1, yb, 0, n);
-return new ECPoint(new BigInteger(1, xb), new BigInteger(1, yb));
-}
-// Used by SunPKCS11 and SunJSSE.
-public static byte[] encodePoint(ECPoint point, EllipticCurve curve) {
-// get field size in bytes (rounding up)
-int n = (curve.getField().getFieldSize() + 7) >> 3;
-byte[] xb = trimZeroes(point.getAffineX().toByteArray());
-byte[] yb = trimZeroes(point.getAffineY().toByteArray());
-if ((xb.length > n) || (yb.length > n)) {
-throw new RuntimeException
-("Point coordinates do not match field size");
-}
-byte[] b = new byte[1 + (n << 1)];
-b[0] = 4; // uncompressed
-System.arraycopy(xb, 0, b, n - xb.length + 1, xb.length);
-System.arraycopy(yb, 0, b, b.length - yb.length, yb.length);
-return b;
-}
-// Copied from the SunPKCS11 code - should be moved to a common location.
-// trim leading (most significant) zeroes from the result
-static byte[] trimZeroes(byte[] b) {
-int i = 0;
-while ((i < b.length - 1) && (b[i] == 0)) {
-i++;
-}
-if (i == 0) {
-return b;
-}
-byte[] t = new byte[b.length - i];
-System.arraycopy(b, i, t, 0, t.length);
-return t;
-}
-// Convert the given ECParameterSpec object to a NamedCurve object.
-// If params does not represent a known named curve, return null.
-// Used by SunPKCS11.
-public static NamedCurve getNamedCurve(ECParameterSpec params) {
-if ((params instanceof NamedCurve) || (params == null)) {
-return (NamedCurve)params;
-}
-// This is a hack to allow SunJSSE to work with 3rd party crypto
-// providers for ECC and not just SunPKCS11.
-// This can go away once we decide how to expose curve names in the
-// public API.
-// Note that it assumes that the 3rd party provider encodes named
-// curves using the short form, not explicitly. If it did that, then
-// the SunJSSE TLS ECC extensions are wrong, which could lead to
-// interoperability problems.
-int fieldSize = params.getCurve().getField().getFieldSize();
-for (ECParameterSpec namedCurve : NamedCurve.knownECParameterSpecs()) {
-// ECParameterSpec does not define equals, so check all the
-// components ourselves.
-// Quick field size check first
-if (namedCurve.getCurve().getField().getFieldSize() != fieldSize) {
-continue;
-}
-if (namedCurve.getCurve().equals(params.getCurve()) == false) {
-continue;
-}
-if (namedCurve.getGenerator().equals(params.getGenerator()) == false) {
-continue;
-}
-if (namedCurve.getOrder().equals(params.getOrder()) == false) {
-continue;
-}
-if (namedCurve.getCofactor() != params.getCofactor()) {
-continue;
-}
-// everything matches our named curve, return it
-return (NamedCurve)namedCurve;
-}
-// no match found
-return null;
-}
-// Used by SunJSSE.
-public static String getCurveName(ECParameterSpec params) {
-NamedCurve curve = getNamedCurve(params);
-return (curve == null) ? null : curve.getObjectIdentifier().toString();
-}
-// Used by SunPKCS11.
-public static byte[] encodeParameters(ECParameterSpec params) {
-NamedCurve curve = getNamedCurve(params);
-if (curve == null) {
-throw new RuntimeException("Not a known named curve: " + params);
-}
-return curve.getEncoded();
-}
-// Used by SunPKCS11.
-public static ECParameterSpec decodeParameters(byte[] params) throws IOException {
-DerValue encodedParams = new DerValue(params);
-if (encodedParams.tag == DerValue.tag_ObjectId) {
-ObjectIdentifier oid = encodedParams.getOID();
-ECParameterSpec spec = NamedCurve.getECParameterSpec(oid);
-if (spec == null) {
-throw new IOException("Unknown named curve: " + oid);
-}
-return spec;
-}
-throw new IOException("Only named ECParameters supported");
-// The code below is incomplete.
-// It is left as a starting point for a complete parsing implementation.
-/*
-if (encodedParams.tag != DerValue.tag_Sequence) {
-throw new IOException("Unsupported EC parameters, tag: " + encodedParams.tag);
-}
-encodedParams.data.reset();
-DerInputStream in = encodedParams.data;
-int version = in.getInteger();
-if (version != 1) {
-throw new IOException("Unsupported EC parameters version: " + version);
-}
-ECField field = parseField(in);
-EllipticCurve curve = parseCurve(in, field);
-ECPoint point = parsePoint(in, curve);
-BigInteger order = in.getBigInteger();
-int cofactor = 0;
-if (in.available() != 0) {
-cofactor = in.getInteger();
-}
-// XXX HashAlgorithm optional
-if (encodedParams.data.available() != 0) {
-throw new IOException("encoded params have " +
-encodedParams.data.available() +
-" extra bytes");
-}
-return new ECParameterSpec(curve, point, order, cofactor);
-*/
-}
-/*
-private static final ObjectIdentifier fieldTypePrime =
-ObjectIdentifier.newInternal(new int[] {1, 2, 840, 10045, 1, 1});
-private static final ObjectIdentifier fieldTypeChar2 =
-ObjectIdentifier.newInternal(new int[] {1, 2, 840, 10045, 1, 2});
-private static ECField parseField(DerInputStream in) throws IOException {
-DerValue v = in.getDerValue();
-ObjectIdentifier oid = v.data.getOID();
-if (oid.equals(fieldTypePrime) == false) {
-throw new IOException("Only prime fields supported: " + oid);
-}
-BigInteger fieldSize = v.data.getBigInteger();
-return new ECFieldFp(fieldSize);
-}
-private static EllipticCurve parseCurve(DerInputStream in, ECField field)
-throws IOException {
-DerValue v = in.getDerValue();
-byte[] ab = v.data.getOctetString();
-byte[] bb = v.data.getOctetString();
-return new EllipticCurve(field, new BigInteger(1, ab), new BigInteger(1, bb));
-}
-private static ECPoint parsePoint(DerInputStream in, EllipticCurve curve)
-throws IOException {
-byte[] data = in.getOctetString();
-return decodePoint(data, curve);
-}
-*/
 // used by ECPublicKeyImpl and ECPrivateKeyImpl
 static AlgorithmParameters getAlgorithmParameters(ECParameterSpec spec)
 throws InvalidKeyException {
 try {
 AlgorithmParameters params =
 } catch (GeneralSecurityException e) {
 throw new InvalidKeyException("EC parameters error", e);
 }
 }
+/*
+* The parameters these AlgorithmParameters object represents.
+* Currently, it is always an instance of NamedCurve.
+*/
+private NamedCurve namedCurve;
+// A public constructor is required by AlgorithmParameters class.
+public ECParameters() {
+// empty
+}
 // AlgorithmParameterSpi methods
-// The parameters these AlgorithmParameters object represents.
-// Currently, it is always an instance of NamedCurve.
-private ECParameterSpec paramSpec;
 protected void engineInit(AlgorithmParameterSpec paramSpec)
 throws InvalidParameterSpecException {
+if (paramSpec == null) {
+throw new InvalidParameterSpecException
+("paramSpec must not be null");
+}
+if (paramSpec instanceof NamedCurve) {
+namedCurve = (NamedCurve)paramSpec;
+return;
+}
 if (paramSpec instanceof ECParameterSpec) {
-this.paramSpec = getNamedCurve((ECParameterSpec)paramSpec);
+namedCurve = CurveDB.lookup((ECParameterSpec)paramSpec);
-if (this.paramSpec == null) {
-throw new InvalidParameterSpecException
-("Not a supported named curve: " + paramSpec);
-}
 } else if (paramSpec instanceof ECGenParameterSpec) {
 String name = ((ECGenParameterSpec)paramSpec).getName();
-ECParameterSpec spec = NamedCurve.getECParameterSpec(name);
+namedCurve = CurveDB.lookup(name);
-if (spec == null) {
+} else if (paramSpec instanceof ECKeySizeParameterSpec) {
-throw new InvalidParameterSpecException("Unknown curve: " + name);
+int keySize = ((ECKeySizeParameterSpec)paramSpec).getKeySize();
-}
+namedCurve = CurveDB.lookup(keySize);
-this.paramSpec = spec;
-} else if (paramSpec == null) {
-throw new InvalidParameterSpecException
-("paramSpec must not be null");
 } else {
 throw new InvalidParameterSpecException
 ("Only ECParameterSpec and ECGenParameterSpec supported");
 }
+if (namedCurve == null) {
+throw new InvalidParameterSpecException(
+"Not a supported curve: " + paramSpec);
+}
 }
 protected void engineInit(byte[] params) throws IOException {
-paramSpec = decodeParameters(params);
+DerValue encodedParams = new DerValue(params);
-}
+if (encodedParams.tag == DerValue.tag_ObjectId) {
+ObjectIdentifier oid = encodedParams.getOID();
-protected void engineInit(byte[] params, String decodingMethod) throws IOException {
+NamedCurve spec = CurveDB.lookup(oid.toString());
+if (spec == null) {
+throw new IOException("Unknown named curve: " + oid);
+}
+namedCurve = spec;
+return;
+}
+throw new IOException("Only named ECParameters supported");
+// The code below is incomplete.
+// It is left as a starting point for a complete parsing implementation.
+/*
+if (encodedParams.tag != DerValue.tag_Sequence) {
+throw new IOException("Unsupported EC parameters, tag: " +
+encodedParams.tag);
+}
+encodedParams.data.reset();
+DerInputStream in = encodedParams.data;
+int version = in.getInteger();
+if (version != 1) {
+throw new IOException("Unsupported EC parameters version: " +
+version);
+}
+ECField field = parseField(in);
+EllipticCurve curve = parseCurve(in, field);
+ECPoint point = parsePoint(in, curve);
+BigInteger order = in.getBigInteger();
+int cofactor = 0;
+if (in.available() != 0) {
+cofactor = in.getInteger();
+}
+// XXX HashAlgorithm optional
+if (encodedParams.data.available() != 0) {
+throw new IOException("encoded params have " +
+encodedParams.data.available() +
+" extra bytes");
+}
+return new ECParameterSpec(curve, point, order, cofactor);
+*/
+}
+protected void engineInit(byte[] params, String decodingMethod)
+throws IOException {
 engineInit(params);
 }
-protected <T extends AlgorithmParameterSpec> T engineGetParameterSpec(Class<T> spec)
+protected <T extends AlgorithmParameterSpec> T
+engineGetParameterSpec(Class<T> spec)
 throws InvalidParameterSpecException {
 if (spec.isAssignableFrom(ECParameterSpec.class)) {
-return spec.cast(paramSpec);
+return spec.cast(namedCurve);
-} else if (spec.isAssignableFrom(ECGenParameterSpec.class)) {
+}
-return spec.cast(new ECGenParameterSpec(getCurveName(paramSpec)));
-} else {
+if (spec.isAssignableFrom(ECGenParameterSpec.class)) {
-throw new InvalidParameterSpecException
+// Ensure the name is the Object ID
-("Only ECParameterSpec and ECGenParameterSpec supported");
+String name = namedCurve.getObjectId();
-}
+return spec.cast(new ECGenParameterSpec(name));
+}
+if (spec.isAssignableFrom(ECKeySizeParameterSpec.class)) {
+int keySize = namedCurve.getCurve().getField().getFieldSize();
+return spec.cast(new ECKeySizeParameterSpec(keySize));
+}
+throw new InvalidParameterSpecException(
+"Only ECParameterSpec and ECGenParameterSpec supported");
 }
 protected byte[] engineGetEncoded() throws IOException {
-return encodeParameters(paramSpec);
+return namedCurve.getEncoded();
 }
-protected byte[] engineGetEncoded(String encodingMethod) throws IOException {
+protected byte[] engineGetEncoded(String encodingMethod)
+throws IOException {
 return engineGetEncoded();
 }
 protected String engineToString() {
-return paramSpec.toString();
+if (namedCurve == null) {
+return "Not initialized";
+}
+return namedCurve.toString();
 }
 }

changeset 17491	7a33824ec8c5
parent 13813	ca3a2b5731d0
child 23010	6dadb192ad81