4963723: Implement SHA-224
Summary: Add support for SHA-224, SHA224withRSA, SHA224withECDSA, HmacSHA224 and OAEPwithSHA-224AndMGF1Padding.
Reviewed-by: vinnie
--- a/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/com/sun/crypto/provider/HmacCore.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -38,16 +38,16 @@
* This class constitutes the core of HMAC-<MD> algorithms, where
* <MD> can be SHA1 or MD5, etc. See RFC 2104 for spec.
*
- * It also contains the implementation classes for the SHA-256,
+ * It also contains the implementation classes for SHA-224, SHA-256,
* SHA-384, and SHA-512 HMACs.
*
* @author Jan Luehe
*/
-final class HmacCore implements Cloneable {
+abstract class HmacCore extends MacSpi implements Cloneable {
- private final MessageDigest md;
- private final byte[] k_ipad; // inner padding - key XORd with ipad
- private final byte[] k_opad; // outer padding - key XORd with opad
+ private MessageDigest md;
+ private byte[] k_ipad; // inner padding - key XORd with ipad
+ private byte[] k_opad; // outer padding - key XORd with opad
private boolean first; // Is this the first data to be processed?
private final int blockLen;
@@ -73,22 +73,11 @@
}
/**
- * Constructor used for cloning.
- */
- private HmacCore(HmacCore other) throws CloneNotSupportedException {
- this.md = (MessageDigest)other.md.clone();
- this.blockLen = other.blockLen;
- this.k_ipad = other.k_ipad.clone();
- this.k_opad = other.k_opad.clone();
- this.first = other.first;
- }
-
- /**
* Returns the length of the HMAC in bytes.
*
* @return the HMAC length in bytes.
*/
- int getDigestLength() {
+ protected int engineGetMacLength() {
return this.md.getDigestLength();
}
@@ -103,9 +92,8 @@
* @exception InvalidAlgorithmParameterException if the given algorithm
* parameters are inappropriate for this MAC.
*/
- void init(Key key, AlgorithmParameterSpec params)
+ protected void engineInit(Key key, AlgorithmParameterSpec params)
throws InvalidKeyException, InvalidAlgorithmParameterException {
-
if (params != null) {
throw new InvalidAlgorithmParameterException
("HMAC does not use parameters");
@@ -140,7 +128,7 @@
Arrays.fill(secret, (byte)0);
secret = null;
- reset();
+ engineReset();
}
/**
@@ -148,7 +136,7 @@
*
* @param input the input byte to be processed.
*/
- void update(byte input) {
+ protected void engineUpdate(byte input) {
if (first == true) {
// compute digest for 1st pass; start with inner pad
md.update(k_ipad);
@@ -167,7 +155,7 @@
* @param offset the offset in <code>input</code> where the input starts.
* @param len the number of bytes to process.
*/
- void update(byte input[], int offset, int len) {
+ protected void engineUpdate(byte input[], int offset, int len) {
if (first == true) {
// compute digest for 1st pass; start with inner pad
md.update(k_ipad);
@@ -178,7 +166,13 @@
md.update(input, offset, len);
}
- void update(ByteBuffer input) {
+ /**
+ * Processes the <code>input.remaining()</code> bytes in the ByteBuffer
+ * <code>input</code>.
+ *
+ * @param input the input byte buffer.
+ */
+ protected void engineUpdate(ByteBuffer input) {
if (first == true) {
// compute digest for 1st pass; start with inner pad
md.update(k_ipad);
@@ -194,7 +188,7 @@
*
* @return the HMAC result.
*/
- byte[] doFinal() {
+ protected byte[] engineDoFinal() {
if (first == true) {
// compute digest for 1st pass; start with inner pad
md.update(k_ipad);
@@ -223,7 +217,7 @@
* Resets the HMAC for further use, maintaining the secret key that the
* HMAC was initialized with.
*/
- void reset() {
+ protected void engineReset() {
if (first == false) {
md.reset();
first = true;
@@ -234,115 +228,38 @@
* Clones this object.
*/
public Object clone() throws CloneNotSupportedException {
- return new HmacCore(this);
+ HmacCore copy = (HmacCore) super.clone();
+ copy.md = (MessageDigest) md.clone();
+ copy.k_ipad = k_ipad.clone();
+ copy.k_opad = k_opad.clone();
+ return copy;
+ }
+
+ // nested static class for the HmacSHA224 implementation
+ public static final class HmacSHA224 extends HmacCore {
+ public HmacSHA224() throws NoSuchAlgorithmException {
+ super("SHA-224", 64);
+ }
}
// nested static class for the HmacSHA256 implementation
- public static final class HmacSHA256 extends MacSpi implements Cloneable {
- private final HmacCore core;
+ public static final class HmacSHA256 extends HmacCore {
public HmacSHA256() throws NoSuchAlgorithmException {
- core = new HmacCore("SHA-256", 64);
- }
- private HmacSHA256(HmacSHA256 base) throws CloneNotSupportedException {
- core = (HmacCore)base.core.clone();
- }
- protected int engineGetMacLength() {
- return core.getDigestLength();
- }
- protected void engineInit(Key key, AlgorithmParameterSpec params)
- throws InvalidKeyException, InvalidAlgorithmParameterException {
- core.init(key, params);
- }
- protected void engineUpdate(byte input) {
- core.update(input);
- }
- protected void engineUpdate(byte input[], int offset, int len) {
- core.update(input, offset, len);
- }
- protected void engineUpdate(ByteBuffer input) {
- core.update(input);
- }
- protected byte[] engineDoFinal() {
- return core.doFinal();
- }
- protected void engineReset() {
- core.reset();
- }
- public Object clone() throws CloneNotSupportedException {
- return new HmacSHA256(this);
+ super("SHA-256", 64);
}
}
// nested static class for the HmacSHA384 implementation
- public static final class HmacSHA384 extends MacSpi implements Cloneable {
- private final HmacCore core;
+ public static final class HmacSHA384 extends HmacCore {
public HmacSHA384() throws NoSuchAlgorithmException {
- core = new HmacCore("SHA-384", 128);
- }
- private HmacSHA384(HmacSHA384 base) throws CloneNotSupportedException {
- core = (HmacCore)base.core.clone();
- }
- protected int engineGetMacLength() {
- return core.getDigestLength();
- }
- protected void engineInit(Key key, AlgorithmParameterSpec params)
- throws InvalidKeyException, InvalidAlgorithmParameterException {
- core.init(key, params);
- }
- protected void engineUpdate(byte input) {
- core.update(input);
- }
- protected void engineUpdate(byte input[], int offset, int len) {
- core.update(input, offset, len);
- }
- protected void engineUpdate(ByteBuffer input) {
- core.update(input);
- }
- protected byte[] engineDoFinal() {
- return core.doFinal();
- }
- protected void engineReset() {
- core.reset();
- }
- public Object clone() throws CloneNotSupportedException {
- return new HmacSHA384(this);
+ super("SHA-384", 128);
}
}
// nested static class for the HmacSHA512 implementation
- public static final class HmacSHA512 extends MacSpi implements Cloneable {
- private final HmacCore core;
+ public static final class HmacSHA512 extends HmacCore {
public HmacSHA512() throws NoSuchAlgorithmException {
- core = new HmacCore("SHA-512", 128);
- }
- private HmacSHA512(HmacSHA512 base) throws CloneNotSupportedException {
- core = (HmacCore)base.core.clone();
- }
- protected int engineGetMacLength() {
- return core.getDigestLength();
- }
- protected void engineInit(Key key, AlgorithmParameterSpec params)
- throws InvalidKeyException, InvalidAlgorithmParameterException {
- core.init(key, params);
- }
- protected void engineUpdate(byte input) {
- core.update(input);
- }
- protected void engineUpdate(byte input[], int offset, int len) {
- core.update(input, offset, len);
- }
- protected void engineUpdate(ByteBuffer input) {
- core.update(input);
- }
- protected byte[] engineDoFinal() {
- return core.doFinal();
- }
- protected void engineReset() {
- core.reset();
- }
- public Object clone() throws CloneNotSupportedException {
- return new HmacSHA512(this);
+ super("SHA-512", 128);
}
}
-
}
--- a/jdk/src/share/classes/com/sun/crypto/provider/HmacMD5.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/com/sun/crypto/provider/HmacMD5.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -37,97 +37,11 @@
*
* @author Jan Luehe
*/
-public final class HmacMD5 extends MacSpi implements Cloneable {
-
- private HmacCore hmac;
- private static final int MD5_BLOCK_LENGTH = 64;
-
+public final class HmacMD5 extends HmacCore {
/**
* Standard constructor, creates a new HmacMD5 instance.
*/
public HmacMD5() throws NoSuchAlgorithmException {
- hmac = new HmacCore(MessageDigest.getInstance("MD5"),
- MD5_BLOCK_LENGTH);
- }
-
- /**
- * Returns the length of the HMAC in bytes.
- *
- * @return the HMAC length in bytes.
- */
- protected int engineGetMacLength() {
- return hmac.getDigestLength();
- }
-
- /**
- * Initializes the HMAC with the given secret key and algorithm parameters.
- *
- * @param key the secret key.
- * @param params the algorithm parameters.
- *
- * @exception InvalidKeyException if the given key is inappropriate for
- * initializing this MAC.
- * @exception InvalidAlgorithmParameterException if the given algorithm
- * parameters are inappropriate for this MAC.
- */
- protected void engineInit(Key key, AlgorithmParameterSpec params)
- throws InvalidKeyException, InvalidAlgorithmParameterException {
- hmac.init(key, params);
- }
-
- /**
- * Processes the given byte.
- *
- * @param input the input byte to be processed.
- */
- protected void engineUpdate(byte input) {
- hmac.update(input);
- }
-
- /**
- * Processes the first <code>len</code> bytes in <code>input</code>,
- * starting at <code>offset</code>.
- *
- * @param input the input buffer.
- * @param offset the offset in <code>input</code> where the input starts.
- * @param len the number of bytes to process.
- */
- protected void engineUpdate(byte input[], int offset, int len) {
- hmac.update(input, offset, len);
- }
-
- protected void engineUpdate(ByteBuffer input) {
- hmac.update(input);
- }
-
- /**
- * Completes the HMAC computation and resets the HMAC for further use,
- * maintaining the secret key that the HMAC was initialized with.
- *
- * @return the HMAC result.
- */
- protected byte[] engineDoFinal() {
- return hmac.doFinal();
- }
-
- /**
- * Resets the HMAC for further use, maintaining the secret key that the
- * HMAC was initialized with.
- */
- protected void engineReset() {
- hmac.reset();
- }
-
- /*
- * Clones this object.
- */
- public Object clone() {
- HmacMD5 that = null;
- try {
- that = (HmacMD5) super.clone();
- that.hmac = (HmacCore) this.hmac.clone();
- } catch (CloneNotSupportedException e) {
- }
- return that;
+ super("MD5", 64);
}
}
--- a/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/com/sun/crypto/provider/HmacPKCS12PBESHA1.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -41,26 +41,13 @@
*
* @author Valerie Peng
*/
-public final class HmacPKCS12PBESHA1 extends MacSpi implements Cloneable {
-
- private HmacCore hmac = null;
- private static final int SHA1_BLOCK_LENGTH = 64;
+public final class HmacPKCS12PBESHA1 extends HmacCore {
/**
* Standard constructor, creates a new HmacSHA1 instance.
*/
public HmacPKCS12PBESHA1() throws NoSuchAlgorithmException {
- this.hmac = new HmacCore(MessageDigest.getInstance("SHA1"),
- SHA1_BLOCK_LENGTH);
- }
-
- /**
- * Returns the length of the HMAC in bytes.
- *
- * @return the HMAC length in bytes.
- */
- protected int engineGetMacLength() {
- return hmac.getDigestLength();
+ super("SHA1", 64);
}
/**
@@ -71,7 +58,7 @@
*
* @exception InvalidKeyException if the given key is inappropriate for
* initializing this MAC.
- u* @exception InvalidAlgorithmParameterException if the given algorithm
+ * @exception InvalidAlgorithmParameterException if the given algorithm
* parameters are inappropriate for this MAC.
*/
protected void engineInit(Key key, AlgorithmParameterSpec params)
@@ -140,64 +127,8 @@
("IterationCount must be a positive number");
}
byte[] derivedKey = PKCS12PBECipherCore.derive(passwdChars, salt,
- iCount, hmac.getDigestLength(), PKCS12PBECipherCore.MAC_KEY);
+ iCount, engineGetMacLength(), PKCS12PBECipherCore.MAC_KEY);
SecretKey cipherKey = new SecretKeySpec(derivedKey, "HmacSHA1");
- hmac.init(cipherKey, null);
- }
-
- /**
- * Processes the given byte.
- *
- * @param input the input byte to be processed.
- */
- protected void engineUpdate(byte input) {
- hmac.update(input);
- }
-
- /**
- * Processes the first <code>len</code> bytes in <code>input</code>,
- * starting at <code>offset</code>.
- *
- * @param input the input buffer.
- * @param offset the offset in <code>input</code> where the input starts.
- * @param len the number of bytes to process.
- */
- protected void engineUpdate(byte input[], int offset, int len) {
- hmac.update(input, offset, len);
- }
-
- protected void engineUpdate(ByteBuffer input) {
- hmac.update(input);
- }
-
- /**
- * Completes the HMAC computation and resets the HMAC for further use,
- * maintaining the secret key that the HMAC was initialized with.
- *
- * @return the HMAC result.
- */
- protected byte[] engineDoFinal() {
- return hmac.doFinal();
- }
-
- /**
- * Resets the HMAC for further use, maintaining the secret key that the
- * HMAC was initialized with.
- */
- protected void engineReset() {
- hmac.reset();
- }
-
- /*
- * Clones this object.
- */
- public Object clone() {
- HmacPKCS12PBESHA1 that = null;
- try {
- that = (HmacPKCS12PBESHA1)super.clone();
- that.hmac = (HmacCore)this.hmac.clone();
- } catch (CloneNotSupportedException e) {
- }
- return that;
+ super.engineInit(cipherKey, null);
}
}
--- a/jdk/src/share/classes/com/sun/crypto/provider/HmacSHA1.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/com/sun/crypto/provider/HmacSHA1.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -37,97 +37,11 @@
*
* @author Jan Luehe
*/
-public final class HmacSHA1 extends MacSpi implements Cloneable {
-
- private HmacCore hmac = null;
- private static final int SHA1_BLOCK_LENGTH = 64;
-
+public final class HmacSHA1 extends HmacCore {
/**
* Standard constructor, creates a new HmacSHA1 instance.
*/
public HmacSHA1() throws NoSuchAlgorithmException {
- this.hmac = new HmacCore(MessageDigest.getInstance("SHA1"),
- SHA1_BLOCK_LENGTH);
- }
-
- /**
- * Returns the length of the HMAC in bytes.
- *
- * @return the HMAC length in bytes.
- */
- protected int engineGetMacLength() {
- return hmac.getDigestLength();
- }
-
- /**
- * Initializes the HMAC with the given secret key and algorithm parameters.
- *
- * @param key the secret key.
- * @param params the algorithm parameters.
- *
- * @exception InvalidKeyException if the given key is inappropriate for
- * initializing this MAC.
- * @exception InvalidAlgorithmParameterException if the given algorithm
- * parameters are inappropriate for this MAC.
- */
- protected void engineInit(Key key, AlgorithmParameterSpec params)
- throws InvalidKeyException, InvalidAlgorithmParameterException {
- hmac.init(key, params);
- }
-
- /**
- * Processes the given byte.
- *
- * @param input the input byte to be processed.
- */
- protected void engineUpdate(byte input) {
- hmac.update(input);
- }
-
- /**
- * Processes the first <code>len</code> bytes in <code>input</code>,
- * starting at <code>offset</code>.
- *
- * @param input the input buffer.
- * @param offset the offset in <code>input</code> where the input starts.
- * @param len the number of bytes to process.
- */
- protected void engineUpdate(byte input[], int offset, int len) {
- hmac.update(input, offset, len);
- }
-
- protected void engineUpdate(ByteBuffer input) {
- hmac.update(input);
- }
-
- /**
- * Completes the HMAC computation and resets the HMAC for further use,
- * maintaining the secret key that the HMAC was initialized with.
- *
- * @return the HMAC result.
- */
- protected byte[] engineDoFinal() {
- return hmac.doFinal();
- }
-
- /**
- * Resets the HMAC for further use, maintaining the secret key that the
- * HMAC was initialized with.
- */
- protected void engineReset() {
- hmac.reset();
- }
-
- /*
- * Clones this object.
- */
- public Object clone() {
- HmacSHA1 that = null;
- try {
- that = (HmacSHA1)super.clone();
- that.hmac = (HmacCore)this.hmac.clone();
- } catch (CloneNotSupportedException e) {
- }
- return that;
+ super("SHA1", 64);
}
}
--- a/jdk/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/com/sun/crypto/provider/KeyGeneratorCore.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -105,11 +105,11 @@
return new SecretKeySpec(b, name);
}
- // nested static class for the HmacSHA256 key generator
- public static final class HmacSHA256KG extends KeyGeneratorSpi {
+ // nested static classes for the HmacSHA-2 family of key generator
+ abstract static class HmacSHA2KG extends KeyGeneratorSpi {
private final KeyGeneratorCore core;
- public HmacSHA256KG() {
- core = new KeyGeneratorCore("HmacSHA256", 256);
+ protected HmacSHA2KG(String algoName, int len) {
+ core = new KeyGeneratorCore(algoName, len);
}
protected void engineInit(SecureRandom random) {
core.implInit(random);
@@ -124,47 +124,26 @@
protected SecretKey engineGenerateKey() {
return core.implGenerateKey();
}
- }
- // nested static class for the HmacSHA384 key generator
- public static final class HmacSHA384KG extends KeyGeneratorSpi {
- private final KeyGeneratorCore core;
- public HmacSHA384KG() {
- core = new KeyGeneratorCore("HmacSHA384", 384);
- }
- protected void engineInit(SecureRandom random) {
- core.implInit(random);
- }
- protected void engineInit(AlgorithmParameterSpec params,
- SecureRandom random) throws InvalidAlgorithmParameterException {
- core.implInit(params, random);
- }
- protected void engineInit(int keySize, SecureRandom random) {
- core.implInit(keySize, random);
- }
- protected SecretKey engineGenerateKey() {
- return core.implGenerateKey();
+ public static final class SHA224 extends HmacSHA2KG {
+ public SHA224() {
+ super("HmacSHA224", 224);
+ }
}
- }
-
- // nested static class for the HmacSHA384 key generator
- public static final class HmacSHA512KG extends KeyGeneratorSpi {
- private final KeyGeneratorCore core;
- public HmacSHA512KG() {
- core = new KeyGeneratorCore("HmacSHA512", 512);
+ public static final class SHA256 extends HmacSHA2KG {
+ public SHA256() {
+ super("HmacSHA256", 256);
+ }
}
- protected void engineInit(SecureRandom random) {
- core.implInit(random);
+ public static final class SHA384 extends HmacSHA2KG {
+ public SHA384() {
+ super("HmacSHA384", 384);
+ }
}
- protected void engineInit(AlgorithmParameterSpec params,
- SecureRandom random) throws InvalidAlgorithmParameterException {
- core.implInit(params, random);
- }
- protected void engineInit(int keySize, SecureRandom random) {
- core.implInit(keySize, random);
- }
- protected SecretKey engineGenerateKey() {
- return core.implGenerateKey();
+ public static final class SHA512 extends HmacSHA2KG {
+ public SHA512() {
+ super("HmacSHA512", 512);
+ }
}
}
--- a/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/com/sun/crypto/provider/OAEPParameters.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -108,6 +108,8 @@
private static String convertToStandardName(String internalName) {
if (internalName.equals("SHA")) {
return "SHA-1";
+ } else if (internalName.equals("SHA224")) {
+ return "SHA-224";
} else if (internalName.equals("SHA256")) {
return "SHA-256";
} else if (internalName.equals("SHA384")) {
@@ -143,6 +145,8 @@
String mgfDigestName = convertToStandardName(params.getName());
if (mgfDigestName.equals("SHA-1")) {
mgfSpec = MGF1ParameterSpec.SHA1;
+ } else if (mgfDigestName.equals("SHA-224")) {
+ mgfSpec = MGF1ParameterSpec.SHA224;
} else if (mgfDigestName.equals("SHA-256")) {
mgfSpec = MGF1ParameterSpec.SHA256;
} else if (mgfDigestName.equals("SHA-384")) {
--- a/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/com/sun/crypto/provider/SunJCE.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -65,7 +65,7 @@
*
* - Diffie-Hellman Key Agreement
*
- * - HMAC-MD5, HMAC-SHA1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512
+ * - HMAC-MD5, HMAC-SHA1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512
*
*/
@@ -113,6 +113,7 @@
"NOPADDING|PKCS1PADDING|OAEPWITHMD5ANDMGF1PADDING"
+ "|OAEPWITHSHA1ANDMGF1PADDING"
+ "|OAEPWITHSHA-1ANDMGF1PADDING"
+ + "|OAEPWITHSHA-224ANDMGF1PADDING"
+ "|OAEPWITHSHA-256ANDMGF1PADDING"
+ "|OAEPWITHSHA-384ANDMGF1PADDING"
+ "|OAEPWITHSHA-512ANDMGF1PADDING");
@@ -221,12 +222,25 @@
put("KeyGenerator.HmacSHA1",
"com.sun.crypto.provider.HmacSHA1KeyGenerator");
+ put("KeyGenerator.HmacSHA224",
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA224");
+ put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.8", "HmacSHA224");
+ put("Alg.Alias.KeyGenerator.1.2.840.113549.2.8", "HmacSHA224");
+
put("KeyGenerator.HmacSHA256",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA256KG");
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA256");
+ put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.9", "HmacSHA256");
+ put("Alg.Alias.KeyGenerator.1.2.840.113549.2.9", "HmacSHA256");
+
put("KeyGenerator.HmacSHA384",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA384KG");
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA384");
+ put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.10", "HmacSHA384");
+ put("Alg.Alias.KeyGenerator.1.2.840.113549.2.10", "HmacSHA384");
+
put("KeyGenerator.HmacSHA512",
- "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA512KG");
+ "com.sun.crypto.provider.KeyGeneratorCore$HmacSHA2KG$SHA512");
+ put("Alg.Alias.KeyGenerator.OID.1.2.840.113549.2.11", "HmacSHA512");
+ put("Alg.Alias.KeyGenerator.1.2.840.113549.2.11", "HmacSHA512");
put("KeyPairGenerator.DiffieHellman",
"com.sun.crypto.provider.DHKeyPairGenerator");
@@ -389,12 +403,23 @@
*/
put("Mac.HmacMD5", "com.sun.crypto.provider.HmacMD5");
put("Mac.HmacSHA1", "com.sun.crypto.provider.HmacSHA1");
+ put("Mac.HmacSHA224",
+ "com.sun.crypto.provider.HmacCore$HmacSHA224");
+ put("Alg.Alias.Mac.OID.1.2.840.113549.2.8", "HmacSHA224");
+ put("Alg.Alias.Mac.1.2.840.113549.2.8", "HmacSHA224");
put("Mac.HmacSHA256",
"com.sun.crypto.provider.HmacCore$HmacSHA256");
+ put("Alg.Alias.Mac.OID.1.2.840.113549.2.9", "HmacSHA256");
+ put("Alg.Alias.Mac.1.2.840.113549.2.9", "HmacSHA256");
put("Mac.HmacSHA384",
"com.sun.crypto.provider.HmacCore$HmacSHA384");
+ put("Alg.Alias.Mac.OID.1.2.840.113549.2.10", "HmacSHA384");
+ put("Alg.Alias.Mac.1.2.840.113549.2.10", "HmacSHA384");
put("Mac.HmacSHA512",
"com.sun.crypto.provider.HmacCore$HmacSHA512");
+ put("Alg.Alias.Mac.OID.1.2.840.113549.2.11", "HmacSHA512");
+ put("Alg.Alias.Mac.1.2.840.113549.2.11", "HmacSHA512");
+
put("Mac.HmacPBESHA1",
"com.sun.crypto.provider.HmacPKCS12PBESHA1");
@@ -405,6 +430,7 @@
put("Mac.HmacMD5 SupportedKeyFormats", "RAW");
put("Mac.HmacSHA1 SupportedKeyFormats", "RAW");
+ put("Mac.HmacSHA224 SupportedKeyFormats", "RAW");
put("Mac.HmacSHA256 SupportedKeyFormats", "RAW");
put("Mac.HmacSHA384 SupportedKeyFormats", "RAW");
put("Mac.HmacSHA512 SupportedKeyFormats", "RAW");
--- a/jdk/src/share/classes/java/security/spec/MGF1ParameterSpec.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/java/security/spec/MGF1ParameterSpec.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -42,6 +42,7 @@
* <pre>
* OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
* { OID id-sha1 PARAMETERS NULL }|
+ * { OID id-sha224 PARAMETERS NULL }|
* { OID id-sha256 PARAMETERS NULL }|
* { OID id-sha384 PARAMETERS NULL }|
* { OID id-sha512 PARAMETERS NULL },
@@ -63,6 +64,11 @@
public static final MGF1ParameterSpec SHA1 =
new MGF1ParameterSpec("SHA-1");
/**
+ * The MGF1ParameterSpec which uses "SHA-224" message digest.
+ */
+ public static final MGF1ParameterSpec SHA224 =
+ new MGF1ParameterSpec("SHA-224");
+ /**
* The MGF1ParameterSpec which uses "SHA-256" message digest.
*/
public static final MGF1ParameterSpec SHA256 =
--- a/jdk/src/share/classes/java/security/spec/PSSParameterSpec.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/java/security/spec/PSSParameterSpec.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -47,6 +47,7 @@
* <pre>
* OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
* { OID id-sha1 PARAMETERS NULL }|
+ * { OID id-sha224 PARAMETERS NULL }|
* { OID id-sha256 PARAMETERS NULL }|
* { OID id-sha384 PARAMETERS NULL }|
* { OID id-sha512 PARAMETERS NULL },
--- a/jdk/src/share/classes/sun/security/ec/ECDSASignature.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/ec/ECDSASignature.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2009, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -41,6 +41,7 @@
*
* . "NONEwithECDSA"
* . "SHA1withECDSA"
+ * . "SHA224withECDSA"
* . "SHA256withECDSA"
* . "SHA384withECDSA"
* . "SHA512withECDSA"
@@ -162,6 +163,13 @@
}
}
+ // Nested class for SHA224withECDSA signatures
+ public static final class SHA224 extends ECDSASignature {
+ public SHA224() {
+ super("SHA-224");
+ }
+ }
+
// Nested class for SHA256withECDSA signatures
public static final class SHA256 extends ECDSASignature {
public SHA256() {
--- a/jdk/src/share/classes/sun/security/ec/SunECEntries.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/ec/SunECEntries.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -133,17 +133,31 @@
"sun.security.ec.ECDSASignature$Raw");
map.put("Signature.SHA1withECDSA",
"sun.security.ec.ECDSASignature$SHA1");
+ map.put("Signature.SHA224withECDSA",
+ "sun.security.ec.ECDSASignature$SHA224");
+ map.put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.1", "SHA224withECDSA");
+ map.put("Alg.Alias.Signature.1.2.840.10045.4.3.1", "SHA224withECDSA");
+
map.put("Signature.SHA256withECDSA",
"sun.security.ec.ECDSASignature$SHA256");
+ map.put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.2", "SHA256withECDSA");
+ map.put("Alg.Alias.Signature.1.2.840.10045.4.3.2", "SHA256withECDSA");
+
map.put("Signature.SHA384withECDSA",
"sun.security.ec.ECDSASignature$SHA384");
+ map.put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.3", "SHA384withECDSA");
+ map.put("Alg.Alias.Signature.1.2.840.10045.4.3.3", "SHA384withECDSA");
+
map.put("Signature.SHA512withECDSA",
"sun.security.ec.ECDSASignature$SHA512");
+ map.put("Alg.Alias.Signature.OID.1.2.840.10045.4.3.4", "SHA512withECDSA");
+ map.put("Alg.Alias.Signature.1.2.840.10045.4.3.4", "SHA512withECDSA");
String ecKeyClasses = "java.security.interfaces.ECPublicKey" +
"|java.security.interfaces.ECPrivateKey";
map.put("Signature.NONEwithECDSA SupportedKeyClasses", ecKeyClasses);
map.put("Signature.SHA1withECDSA SupportedKeyClasses", ecKeyClasses);
+ map.put("Signature.SHA224withECDSA SupportedKeyClasses", ecKeyClasses);
map.put("Signature.SHA256withECDSA SupportedKeyClasses", ecKeyClasses);
map.put("Signature.SHA384withECDSA SupportedKeyClasses", ecKeyClasses);
map.put("Signature.SHA512withECDSA SupportedKeyClasses", ecKeyClasses);
@@ -152,6 +166,7 @@
map.put("Signature.NONEwithECDSA ImplementedIn", "Software");
map.put("Signature.SHA1withECDSA ImplementedIn", "Software");
+ map.put("Signature.SHA224withECDSA ImplementedIn", "Software");
map.put("Signature.SHA256withECDSA ImplementedIn", "Software");
map.put("Signature.SHA384withECDSA ImplementedIn", "Software");
map.put("Signature.SHA512withECDSA ImplementedIn", "Software");
--- a/jdk/src/share/classes/sun/security/pkcs11/P11Digest.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/pkcs11/P11Digest.java Tue May 08 17:57:48 2012 -0700
@@ -39,7 +39,7 @@
/**
* MessageDigest implementation class. This class currently supports
- * MD2, MD5, SHA-1, SHA-256, SHA-384, and SHA-512.
+ * MD2, MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
*
* Note that many digest operations are on fairly small amounts of data
* (less than 100 bytes total). For example, the 2nd hashing in HMAC or
@@ -99,6 +99,9 @@
case (int)CKM_SHA_1:
digestLength = 20;
break;
+ case (int)CKM_SHA224:
+ digestLength = 28;
+ break;
case (int)CKM_SHA256:
digestLength = 32;
break;
--- a/jdk/src/share/classes/sun/security/pkcs11/P11Mac.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/pkcs11/P11Mac.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -40,8 +40,8 @@
/**
* MAC implementation class. This class currently supports HMAC using
- * MD5, SHA-1, SHA-256, SHA-384, and SHA-512 and the SSL3 MAC using MD5
- * and SHA-1.
+ * MD5, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512 and the SSL3 MAC
+ * using MD5 and SHA-1.
*
* Note that unlike other classes (e.g. Signature), this does not
* composite various operations if the token only supports part of the
@@ -107,6 +107,9 @@
case (int)CKM_SHA_1_HMAC:
macLength = 20;
break;
+ case (int)CKM_SHA224_HMAC:
+ macLength = 28;
+ break;
case (int)CKM_SHA256_HMAC:
macLength = 32;
break;
--- a/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/pkcs11/P11Signature.java Tue May 08 17:57:48 2012 -0700
@@ -53,12 +53,14 @@
* . MD2withRSA
* . MD5withRSA
* . SHA1withRSA
+ * . SHA224withRSA
* . SHA256withRSA
* . SHA384withRSA
* . SHA512withRSA
* . ECDSA
* . NONEwithECDSA
* . SHA1withECDSA
+ * . SHA224withECDSA
* . SHA256withECDSA
* . SHA384withECDSA
* . SHA512withECDSA
@@ -143,6 +145,7 @@
case (int)CKM_MD2_RSA_PKCS:
case (int)CKM_MD5_RSA_PKCS:
case (int)CKM_SHA1_RSA_PKCS:
+ case (int)CKM_SHA224_RSA_PKCS:
case (int)CKM_SHA256_RSA_PKCS:
case (int)CKM_SHA384_RSA_PKCS:
case (int)CKM_SHA512_RSA_PKCS:
@@ -181,6 +184,8 @@
String digestAlg;
if (algorithm.equals("SHA1withECDSA")) {
digestAlg = "SHA-1";
+ } else if (algorithm.equals("SHA224withECDSA")) {
+ digestAlg = "SHA-224";
} else if (algorithm.equals("SHA256withECDSA")) {
digestAlg = "SHA-256";
} else if (algorithm.equals("SHA384withECDSA")) {
@@ -207,6 +212,9 @@
} else if (algorithm.equals("MD2withRSA")) {
md = MessageDigest.getInstance("MD2");
digestOID = AlgorithmId.MD2_oid;
+ } else if (algorithm.equals("SHA224withRSA")) {
+ md = MessageDigest.getInstance("SHA-224");
+ digestOID = AlgorithmId.SHA224_oid;
} else if (algorithm.equals("SHA256withRSA")) {
md = MessageDigest.getInstance("SHA-256");
digestOID = AlgorithmId.SHA256_oid;
@@ -332,6 +340,8 @@
encodedLength = 34;
} else if (algorithm.equals("SHA1withRSA")) {
encodedLength = 35;
+ } else if (algorithm.equals("SHA224withRSA")) {
+ encodedLength = 47;
} else if (algorithm.equals("SHA256withRSA")) {
encodedLength = 51;
} else if (algorithm.equals("SHA384withRSA")) {
--- a/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/pkcs11/SunPKCS11.java Tue May 08 17:57:48 2012 -0700
@@ -342,6 +342,7 @@
System.out.println("Library info:");
System.out.println(p11Info);
}
+
if ((slotID < 0) || showInfo) {
long[] slots = p11.C_GetSlotList(false);
if (showInfo) {
@@ -520,24 +521,37 @@
m(CKM_MD2));
d(MD, "MD5", P11Digest,
m(CKM_MD5));
- d(MD, "SHA1", P11Digest, s("SHA", "SHA-1"),
+ d(MD, "SHA1", P11Digest, s("SHA", "SHA-1"),
m(CKM_SHA_1));
+
+ d(MD, "SHA-224", P11Digest,
+ s("2.16.840.1.101.3.4.2.4", "OID.2.16.840.1.101.3.4.2.4"),
+ m(CKM_SHA224));
d(MD, "SHA-256", P11Digest,
+ s("2.16.840.1.101.3.4.2.1", "OID.2.16.840.1.101.3.4.2.1"),
m(CKM_SHA256));
d(MD, "SHA-384", P11Digest,
+ s("2.16.840.1.101.3.4.2.2", "OID.2.16.840.1.101.3.4.2.2"),
m(CKM_SHA384));
d(MD, "SHA-512", P11Digest,
+ s("2.16.840.1.101.3.4.2.3", "OID.2.16.840.1.101.3.4.2.3"),
m(CKM_SHA512));
d(MAC, "HmacMD5", P11MAC,
m(CKM_MD5_HMAC));
d(MAC, "HmacSHA1", P11MAC,
m(CKM_SHA_1_HMAC));
+ d(MAC, "HmacSHA224", P11MAC,
+ s("1.2.840.113549.2.8", "OID.1.2.840.113549.2.8"),
+ m(CKM_SHA224_HMAC));
d(MAC, "HmacSHA256", P11MAC,
+ s("1.2.840.113549.2.9", "OID.1.2.840.113549.2.9"),
m(CKM_SHA256_HMAC));
d(MAC, "HmacSHA384", P11MAC,
+ s("1.2.840.113549.2.10", "OID.1.2.840.113549.2.10"),
m(CKM_SHA384_HMAC));
d(MAC, "HmacSHA512", P11MAC,
+ s("1.2.840.113549.2.11", "OID.1.2.840.113549.2.11"),
m(CKM_SHA512_HMAC));
d(MAC, "SslMacMD5", P11MAC,
m(CKM_SSL3_MD5_MAC));
@@ -648,11 +662,17 @@
m(CKM_ECDSA));
d(SIG, "SHA1withECDSA", P11Signature, s("ECDSA"),
m(CKM_ECDSA_SHA1, CKM_ECDSA));
+ d(SIG, "SHA224withECDSA", P11Signature,
+ s("1.2.840.10045.4.3.1", "OID.1.2.840.10045.4.3.1"),
+ m(CKM_ECDSA));
d(SIG, "SHA256withECDSA", P11Signature,
+ s("1.2.840.10045.4.3.2", "OID.1.2.840.10045.4.3.2"),
m(CKM_ECDSA));
d(SIG, "SHA384withECDSA", P11Signature,
+ s("1.2.840.10045.4.3.3", "OID.1.2.840.10045.4.3.3"),
m(CKM_ECDSA));
d(SIG, "SHA512withECDSA", P11Signature,
+ s("1.2.840.10045.4.3.4", "OID.1.2.840.10045.4.3.4"),
m(CKM_ECDSA));
d(SIG, "MD2withRSA", P11Signature,
m(CKM_MD2_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
@@ -660,11 +680,17 @@
m(CKM_MD5_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
d(SIG, "SHA1withRSA", P11Signature,
m(CKM_SHA1_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
+ d(SIG, "SHA224withRSA", P11Signature,
+ s("1.2.840.113549.1.1.14", "OID.1.2.840.113549.1.1.14"),
+ m(CKM_SHA224_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
d(SIG, "SHA256withRSA", P11Signature,
+ s("1.2.840.113549.1.1.11", "OID.1.2.840.113549.1.1.11"),
m(CKM_SHA256_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
d(SIG, "SHA384withRSA", P11Signature,
+ s("1.2.840.113549.1.1.12", "OID.1.2.840.113549.1.1.12"),
m(CKM_SHA384_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
d(SIG, "SHA512withRSA", P11Signature,
+ s("1.2.840.113549.1.1.13", "OID.1.2.840.113549.1.1.13"),
m(CKM_SHA512_RSA_PKCS, CKM_RSA_PKCS, CKM_RSA_X_509));
/*
--- a/jdk/src/share/classes/sun/security/pkcs11/wrapper/Functions.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/pkcs11/wrapper/Functions.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
*/
/* Copyright (c) 2002 Graz University of Technology. All rights reserved.
@@ -630,6 +630,7 @@
addMech(CKM_X9_42_DH_DERIVE, "CKM_X9_42_DH_DERIVE");
addMech(CKM_X9_42_DH_HYBRID_DERIVE, "CKM_X9_42_DH_HYBRID_DERIVE");
addMech(CKM_X9_42_MQV_DERIVE, "CKM_X9_42_MQV_DERIVE");
+ addMech(CKM_SHA224_RSA_PKCS, "CKM_SHA224_RSA_PKCS");
addMech(CKM_SHA256_RSA_PKCS, "CKM_SHA256_RSA_PKCS");
addMech(CKM_SHA384_RSA_PKCS, "CKM_SHA384_RSA_PKCS");
addMech(CKM_SHA512_RSA_PKCS, "CKM_SHA512_RSA_PKCS");
@@ -675,6 +676,9 @@
addMech(CKM_RIPEMD160, "CKM_RIPEMD160");
addMech(CKM_RIPEMD160_HMAC, "CKM_RIPEMD160_HMAC");
addMech(CKM_RIPEMD160_HMAC_GENERAL, "CKM_RIPEMD160_HMAC_GENERAL");
+ addMech(CKM_SHA224, "CKM_SHA224");
+ addMech(CKM_SHA224_HMAC, "CKM_SHA224_HMAC");
+ addMech(CKM_SHA224_HMAC_GENERAL, "CKM_SHA224_HMAC_GENERAL");
addMech(CKM_SHA256, "CKM_SHA256");
addMech(CKM_SHA256_HMAC, "CKM_SHA256_HMAC");
addMech(CKM_SHA256_HMAC_GENERAL, "CKM_SHA256_HMAC_GENERAL");
@@ -734,6 +738,7 @@
addMech(CKM_MD5_KEY_DERIVATION, "CKM_MD5_KEY_DERIVATION");
addMech(CKM_MD2_KEY_DERIVATION, "CKM_MD2_KEY_DERIVATION");
addMech(CKM_SHA1_KEY_DERIVATION, "CKM_SHA1_KEY_DERIVATION");
+ addMech(CKM_SHA224_KEY_DERIVATION, "CKM_SHA224_KEY_DERIVATION");
addMech(CKM_SHA256_KEY_DERIVATION, "CKM_SHA256_KEY_DERIVATION");
addMech(CKM_SHA384_KEY_DERIVATION, "CKM_SHA384_KEY_DERIVATION");
addMech(CKM_SHA512_KEY_DERIVATION, "CKM_SHA512_KEY_DERIVATION");
--- a/jdk/src/share/classes/sun/security/provider/DigestBase.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/DigestBase.java Tue May 08 17:57:48 2012 -0700
@@ -39,7 +39,6 @@
* . abstract void implCompress(byte[] b, int ofs);
* . abstract void implDigest(byte[] out, int ofs);
* . abstract void implReset();
- * . public abstract Object clone();
*
* See the inline documentation for details.
*
@@ -61,7 +60,7 @@
// buffer to store partial blocks, blockSize bytes large
// Subclasses should not access this array directly except possibly in their
// implDigest() method. See MD5.java as an example.
- final byte[] buffer;
+ byte[] buffer;
// offset into buffer
private int bufOfs;
@@ -83,18 +82,6 @@
buffer = new byte[blockSize];
}
- /**
- * Constructor for cloning. Replicates common data.
- */
- DigestBase(DigestBase base) {
- this.algorithm = base.algorithm;
- this.digestLength = base.digestLength;
- this.blockSize = base.blockSize;
- this.buffer = base.buffer.clone();
- this.bufOfs = base.bufOfs;
- this.bytesProcessed = base.bytesProcessed;
- }
-
// return digest length. See JCA doc.
protected final int engineGetDigestLength() {
return digestLength;
@@ -206,12 +193,11 @@
*/
abstract void implReset();
- /**
- * Clone this digest. Should be implemented as "return new MyDigest(this)".
- * That constructor should first call "super(baseDigest)" and then copy
- * subclass specific data.
- */
- public abstract Object clone();
+ public Object clone() throws CloneNotSupportedException {
+ DigestBase copy = (DigestBase) super.clone();
+ copy.buffer = copy.buffer.clone();
+ return copy;
+ }
// padding used for the MD5, and SHA-* message digests
static final byte[] padding;
@@ -223,5 +209,4 @@
padding = new byte[136];
padding[0] = (byte)0x80;
}
-
}
--- a/jdk/src/share/classes/sun/security/provider/MD2.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/MD2.java Tue May 08 17:57:48 2012 -0700
@@ -39,14 +39,14 @@
public final class MD2 extends DigestBase {
// state, 48 ints
- private final int[] X;
+ private int[] X;
// checksum, 16 ints. they are really bytes, but byte arithmetic in
// the JVM is much slower that int arithmetic.
- private final int[] C;
+ private int[] C;
// temporary store for checksum C during final digest
- private final byte[] cBytes;
+ private byte[] cBytes;
/**
* Create a new MD2 digest. Called by the JCA framework
@@ -58,15 +58,12 @@
cBytes = new byte[16];
}
- private MD2(MD2 base) {
- super(base);
- this.X = base.X.clone();
- this.C = base.C.clone();
- cBytes = new byte[16];
- }
-
- public Object clone() {
- return new MD2(this);
+ public Object clone() throws CloneNotSupportedException {
+ MD2 copy = (MD2) super.clone();
+ copy.X = copy.X.clone();
+ copy.C = copy.C.clone();
+ copy.cBytes = new byte[16];
+ return copy;
}
// reset state and checksum
--- a/jdk/src/share/classes/sun/security/provider/MD4.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/MD4.java Tue May 08 17:57:48 2012 -0700
@@ -44,9 +44,9 @@
public final class MD4 extends DigestBase {
// state of this object
- private final int[] state;
+ private int[] state;
// temporary buffer, used by implCompress()
- private final int[] x;
+ private int[] x;
// rotation constants
private static final int S11 = 3;
@@ -93,16 +93,12 @@
implReset();
}
- // Cloning constructor
- private MD4(MD4 base) {
- super(base);
- this.state = base.state.clone();
- this.x = new int[16];
- }
-
// clone this object
- public Object clone() {
- return new MD4(this);
+ public Object clone() throws CloneNotSupportedException {
+ MD4 copy = (MD4) super.clone();
+ copy.state = copy.state.clone();
+ copy.x = new int[16];
+ return copy;
}
/**
--- a/jdk/src/share/classes/sun/security/provider/MD5.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/MD5.java Tue May 08 17:57:48 2012 -0700
@@ -39,9 +39,9 @@
public final class MD5 extends DigestBase {
// state of this object
- private final int[] state;
+ private int[] state;
// temporary buffer, used by implCompress()
- private final int[] x;
+ private int[] x;
// rotation constants
private static final int S11 = 7;
@@ -69,16 +69,12 @@
implReset();
}
- // Cloning constructor
- private MD5(MD5 base) {
- super(base);
- this.state = base.state.clone();
- this.x = new int[16];
- }
-
// clone this object
- public Object clone() {
- return new MD5(this);
+ public Object clone() throws CloneNotSupportedException {
+ MD5 copy = (MD5) super.clone();
+ copy.state = copy.state.clone();
+ copy.x = new int[16];
+ return copy;
}
/**
--- a/jdk/src/share/classes/sun/security/provider/SHA.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/SHA.java Tue May 08 17:57:48 2012 -0700
@@ -47,10 +47,10 @@
// 64 bytes are included in each hash block so the low order
// bits of count are used to know how to pack the bytes into ints
// and to know when to compute the block and start the next one.
- private final int[] W;
+ private int[] W;
// state of this
- private final int[] state;
+ private int[] state;
/**
* Creates a new SHA object.
@@ -62,19 +62,14 @@
implReset();
}
- /**
- * Creates a SHA object.with state (for cloning) */
- private SHA(SHA base) {
- super(base);
- this.state = base.state.clone();
- this.W = new int[80];
- }
-
/*
* Clones this object.
*/
- public Object clone() {
- return new SHA(this);
+ public Object clone() throws CloneNotSupportedException {
+ SHA copy = (SHA) super.clone();
+ copy.state = copy.state.clone();
+ copy.W = new int[80];
+ return copy;
}
/**
--- a/jdk/src/share/classes/sun/security/provider/SHA2.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/SHA2.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -40,7 +40,7 @@
* @author Valerie Peng
* @author Andreas Sterbenz
*/
-public final class SHA2 extends DigestBase {
+abstract class SHA2 extends DigestBase {
private static final int ITERATION = 64;
// Constants for each round
@@ -64,46 +64,30 @@
};
// buffer used by implCompress()
- private final int[] W;
+ private int[] W;
// state of this object
- private final int[] state;
+ private int[] state;
+
+ // initial state value. different between SHA-224 and SHA-256
+ private final int[] initialHashes;
/**
* Creates a new SHA object.
*/
- public SHA2() {
- super("SHA-256", 32, 64);
+ SHA2(String name, int digestLength, int[] initialHashes) {
+ super(name, digestLength, 64);
+ this.initialHashes = initialHashes;
state = new int[8];
W = new int[64];
implReset();
}
/**
- * Creates a SHA2 object.with state (for cloning)
- */
- private SHA2(SHA2 base) {
- super(base);
- this.state = base.state.clone();
- this.W = new int[64];
- }
-
- public Object clone() {
- return new SHA2(this);
- }
-
- /**
* Resets the buffers and hash value to start a new hash.
*/
void implReset() {
- state[0] = 0x6a09e667;
- state[1] = 0xbb67ae85;
- state[2] = 0x3c6ef372;
- state[3] = 0xa54ff53a;
- state[4] = 0x510e527f;
- state[5] = 0x9b05688c;
- state[6] = 0x1f83d9ab;
- state[7] = 0x5be0cd19;
+ System.arraycopy(initialHashes, 0, state, 0, state.length);
}
void implDigest(byte[] out, int ofs) {
@@ -242,4 +226,38 @@
state[7] += h;
}
+ public Object clone() throws CloneNotSupportedException {
+ SHA2 copy = (SHA2) super.clone();
+ copy.state = copy.state.clone();
+ copy.W = new int[64];
+ return copy;
+ }
+
+ /**
+ * SHA-224 implementation class.
+ */
+ public static final class SHA224 extends SHA2 {
+ private static final int[] INITIAL_HASHES = {
+ 0xc1059ed8, 0x367cd507, 0x3070dd17, 0xf70e5939,
+ 0xffc00b31, 0x68581511, 0x64f98fa7, 0xbefa4fa4
+ };
+
+ public SHA224() {
+ super("SHA-224", 28, INITIAL_HASHES);
+ }
+ }
+
+ /**
+ * SHA-256 implementation class.
+ */
+ public static final class SHA256 extends SHA2 {
+ private static final int[] INITIAL_HASHES = {
+ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
+ 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
+ };
+
+ public SHA256() {
+ super("SHA-256", 32, INITIAL_HASHES);
+ }
+ }
}
--- a/jdk/src/share/classes/sun/security/provider/SHA5.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/SHA5.java Tue May 08 17:57:48 2012 -0700
@@ -82,10 +82,10 @@
};
// buffer used by implCompress()
- private final long[] W;
+ private long[] W;
// state of this object
- private final long[] state;
+ private long[] state;
// initial state value. different between SHA-384 and SHA-512
private final long[] initialHashes;
@@ -101,16 +101,6 @@
implReset();
}
- /**
- * Creates a SHA object with state (for cloning)
- */
- SHA5(SHA5 base) {
- super(base);
- this.initialHashes = base.initialHashes;
- this.state = base.state.clone();
- this.W = new long[80];
- }
-
final void implReset() {
System.arraycopy(initialHashes, 0, state, 0, state.length);
}
@@ -255,6 +245,13 @@
state[7] += h;
}
+ public Object clone() throws CloneNotSupportedException {
+ SHA5 copy = (SHA5) super.clone();
+ copy.state = copy.state.clone();
+ copy.W = new long[80];
+ return copy;
+ }
+
/**
* SHA-512 implementation class.
*/
@@ -270,14 +267,6 @@
public SHA512() {
super("SHA-512", 64, INITIAL_HASHES);
}
-
- private SHA512(SHA512 base) {
- super(base);
- }
-
- public Object clone() {
- return new SHA512(this);
- }
}
/**
@@ -295,14 +284,5 @@
public SHA384() {
super("SHA-384", 48, INITIAL_HASHES);
}
-
- private SHA384(SHA384 base) {
- super(base);
- }
-
- public Object clone() {
- return new SHA384(this);
- }
}
-
}
--- a/jdk/src/share/classes/sun/security/provider/SunEntries.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/provider/SunEntries.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -43,6 +43,10 @@
* identifier strings "OID.1.3.14.3.2.13", "OID.1.3.14.3.2.27" and
* "OID.1.2.840.10040.4.3".
*
+ * - SHA-2 is a set of message digest schemes described in FIPS 180-2.
+ * SHA-2 family of hash functions includes SHA-224, SHA-256, SHA-384,
+ * and SHA-512.
+ *
* - DSA is the key generation scheme as described in FIPS 186.
* Aliases for DSA include the OID strings "OID.1.3.14.3.2.12"
* and "OID.1.2.840.10040.4.1".
@@ -140,9 +144,19 @@
map.put("Alg.Alias.MessageDigest.SHA-1", "SHA");
map.put("Alg.Alias.MessageDigest.SHA1", "SHA");
- map.put("MessageDigest.SHA-256", "sun.security.provider.SHA2");
+ map.put("MessageDigest.SHA-224", "sun.security.provider.SHA2$SHA224");
+ map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.4", "SHA-224");
+ map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.4", "SHA-224");
+
+ map.put("MessageDigest.SHA-256", "sun.security.provider.SHA2$SHA256");
+ map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.1", "SHA-256");
+ map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.1", "SHA-256");
map.put("MessageDigest.SHA-384", "sun.security.provider.SHA5$SHA384");
+ map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.2", "SHA-384");
+ map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.2", "SHA-384");
map.put("MessageDigest.SHA-512", "sun.security.provider.SHA5$SHA512");
+ map.put("Alg.Alias.MessageDigest.2.16.840.1.101.3.4.2.3", "SHA-512");
+ map.put("Alg.Alias.MessageDigest.OID.2.16.840.1.101.3.4.2.3", "SHA-512");
/*
* Algorithm Parameter Generator engines
--- a/jdk/src/share/classes/sun/security/rsa/RSASignature.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/rsa/RSASignature.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -39,8 +39,8 @@
* PKCS#1 RSA signatures with the various message digest algorithms.
* This file contains an abstract base class with all the logic plus
* a nested static class for each of the message digest algorithms
- * (see end of the file). We support MD2, MD5, SHA-1, SHA-256, SHA-384,
- * and SHA-512.
+ * (see end of the file). We support MD2, MD5, SHA-1, SHA-224, SHA-256,
+ * SHA-384, and SHA-512.
*
* @since 1.5
* @author Andreas Sterbenz
@@ -276,6 +276,13 @@
}
}
+ // Nested class for SHA224withRSA signatures
+ public static final class SHA224withRSA extends RSASignature {
+ public SHA224withRSA() {
+ super("SHA-224", AlgorithmId.SHA224_oid, 11);
+ }
+ }
+
// Nested class for SHA256withRSA signatures
public static final class SHA256withRSA extends RSASignature {
public SHA256withRSA() {
--- a/jdk/src/share/classes/sun/security/rsa/SunRsaSignEntries.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/rsa/SunRsaSignEntries.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -52,6 +52,8 @@
"sun.security.rsa.RSASignature$MD5withRSA");
map.put("Signature.SHA1withRSA",
"sun.security.rsa.RSASignature$SHA1withRSA");
+ map.put("Signature.SHA224withRSA",
+ "sun.security.rsa.RSASignature$SHA224withRSA");
map.put("Signature.SHA256withRSA",
"sun.security.rsa.RSASignature$SHA256withRSA");
map.put("Signature.SHA384withRSA",
@@ -66,6 +68,7 @@
map.put("Signature.MD2withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.MD5withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA1withRSA SupportedKeyClasses", rsaKeyClasses);
+ map.put("Signature.SHA224withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA256withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA384withRSA SupportedKeyClasses", rsaKeyClasses);
map.put("Signature.SHA512withRSA SupportedKeyClasses", rsaKeyClasses);
@@ -88,6 +91,9 @@
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1withRSA");
map.put("Alg.Alias.Signature.1.3.14.3.2.29", "SHA1withRSA");
+ map.put("Alg.Alias.Signature.1.2.840.113549.1.1.14", "SHA224withRSA");
+ map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.14", "SHA224withRSA");
+
map.put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA");
map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA");
--- a/jdk/src/share/classes/sun/security/x509/AlgorithmId.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/share/classes/sun/security/x509/AlgorithmId.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -175,9 +175,9 @@
// it's NULL. They are ---
// rfc3370 2.1: Implementations SHOULD generate SHA-1
// AlgorithmIdentifiers with absent parameters.
- // rfc3447 C1: When id-sha1, id-sha256, id-sha384 and id-sha512
- // are used in an AlgorithmIdentifier the parameters (which are
- // optional) SHOULD be omitted.
+ // rfc3447 C1: When id-sha1, id-sha224, id-sha256, id-sha384 and
+ // id-sha512 are used in an AlgorithmIdentifier the parameters
+ // (which are optional) SHOULD be omitted.
// rfc3279 2.3.2: The id-dsa algorithm syntax includes optional
// domain parameters... When omitted, the parameters component
// MUST be omitted entirely
@@ -185,6 +185,7 @@
// is used, the AlgorithmIdentifier parameters field MUST be absent.
/*if (
algid.equals((Object)SHA_oid) ||
+ algid.equals((Object)SHA224_oid) ||
algid.equals((Object)SHA256_oid) ||
algid.equals((Object)SHA384_oid) ||
algid.equals((Object)SHA512_oid) ||
@@ -488,7 +489,10 @@
name.equalsIgnoreCase("SHA512")) {
return AlgorithmId.SHA512_oid;
}
-
+ if (name.equalsIgnoreCase("SHA-224") ||
+ name.equalsIgnoreCase("SHA224")) {
+ return AlgorithmId.SHA224_oid;
+ }
// Various public key algorithms
if (name.equalsIgnoreCase("RSA")) {
@@ -625,6 +629,9 @@
public static final ObjectIdentifier SHA_oid =
ObjectIdentifier.newInternal(new int[] {1, 3, 14, 3, 2, 26});
+ public static final ObjectIdentifier SHA224_oid =
+ ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 4});
+
public static final ObjectIdentifier SHA256_oid =
ObjectIdentifier.newInternal(new int[] {2, 16, 840, 1, 101, 3, 4, 2, 1});
@@ -664,6 +671,8 @@
{ 1, 2, 840, 113549, 1, 1, 5 };
private static final int sha1WithRSAEncryption_OIW_data[] =
{ 1, 3, 14, 3, 2, 29 };
+ private static final int sha224WithRSAEncryption_data[] =
+ { 1, 2, 840, 113549, 1, 1, 14 };
private static final int sha256WithRSAEncryption_data[] =
{ 1, 2, 840, 113549, 1, 1, 11 };
private static final int sha384WithRSAEncryption_data[] =
@@ -681,6 +690,7 @@
public static final ObjectIdentifier md5WithRSAEncryption_oid;
public static final ObjectIdentifier sha1WithRSAEncryption_oid;
public static final ObjectIdentifier sha1WithRSAEncryption_OIW_oid;
+ public static final ObjectIdentifier sha224WithRSAEncryption_oid;
public static final ObjectIdentifier sha256WithRSAEncryption_oid;
public static final ObjectIdentifier sha384WithRSAEncryption_oid;
public static final ObjectIdentifier sha512WithRSAEncryption_oid;
@@ -810,6 +820,14 @@
ObjectIdentifier.newInternal(sha1WithRSAEncryption_OIW_data);
/**
+ * Identifies a signing algorithm where a SHA224 digest is
+ * encrypted using an RSA private key; defined by PKCS #1.
+ * OID = 1.2.840.113549.1.1.14
+ */
+ sha224WithRSAEncryption_oid =
+ ObjectIdentifier.newInternal(sha224WithRSAEncryption_data);
+
+ /**
* Identifies a signing algorithm where a SHA256 digest is
* encrypted using an RSA private key; defined by PKCS #1.
* OID = 1.2.840.113549.1.1.11
@@ -859,6 +877,7 @@
nameTable.put(MD5_oid, "MD5");
nameTable.put(MD2_oid, "MD2");
nameTable.put(SHA_oid, "SHA");
+ nameTable.put(SHA224_oid, "SHA224");
nameTable.put(SHA256_oid, "SHA256");
nameTable.put(SHA384_oid, "SHA384");
nameTable.put(SHA512_oid, "SHA512");
@@ -881,6 +900,7 @@
nameTable.put(shaWithDSA_OIW_oid, "SHA1withDSA");
nameTable.put(sha1WithRSAEncryption_oid, "SHA1withRSA");
nameTable.put(sha1WithRSAEncryption_OIW_oid, "SHA1withRSA");
+ nameTable.put(sha224WithRSAEncryption_oid, "SHA224withRSA");
nameTable.put(sha256WithRSAEncryption_oid, "SHA256withRSA");
nameTable.put(sha384WithRSAEncryption_oid, "SHA384withRSA");
nameTable.put(sha512WithRSAEncryption_oid, "SHA512withRSA");
--- a/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/windows/classes/sun/security/mscapi/RSASignature.java Tue May 08 17:57:48 2012 -0700
@@ -47,6 +47,7 @@
*
* . "NONEwithRSA"
* . "SHA1withRSA"
+ * . "SHA224withRSA"
* . "SHA256withRSA"
* . "SHA384withRSA"
* . "SHA512withRSA"
@@ -57,8 +58,8 @@
*
* NOTE: NONEwithRSA must be supplied with a pre-computed message digest.
* Only the following digest algorithms are supported: MD5, SHA-1,
- * SHA-256, SHA-384, SHA-512 and a special-purpose digest algorithm
- * which is a concatenation of SHA-1 and MD5 digests.
+ * SHA-224, SHA-256, SHA-384, SHA-512 and a special-purpose digest
+ * algorithm which is a concatenation of SHA-1 and MD5 digests.
*
* @since 1.6
* @author Stanley Man-Kit Ho
@@ -180,6 +181,8 @@
setDigestName("SHA-512");
} else if (offset == 16) {
setDigestName("MD5");
+ } else if (offset == 28) {
+ setDigestName("SHA-224");
} else {
throw new SignatureException(
"Message digest length is not supported");
@@ -199,6 +202,12 @@
}
}
+ public static final class SHA224 extends RSASignature {
+ public SHA224() {
+ super("SHA-224");
+ }
+ }
+
public static final class SHA256 extends RSASignature {
public SHA256() {
super("SHA-256");
--- a/jdk/src/windows/classes/sun/security/mscapi/SunMSCAPI.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/src/windows/classes/sun/security/mscapi/SunMSCAPI.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -81,18 +81,30 @@
*/
// NONEwithRSA must be supplied with a pre-computed message digest.
// Only the following digest algorithms are supported: MD5, SHA-1,
- // SHA-256, SHA-384, SHA-512 and a special-purpose digest algorithm
- // which is a concatenation of SHA-1 and MD5 digests.
+ // SHA-224, SHA-256, SHA-384, SHA-512 and a special-purpose digest
+ // algorithm which is a concatenation of SHA-1 and MD5 digests.
map.put("Signature.NONEwithRSA",
"sun.security.mscapi.RSASignature$Raw");
map.put("Signature.SHA1withRSA",
"sun.security.mscapi.RSASignature$SHA1");
+ map.put("Signature.SHA224withRSA",
+ "sun.security.mscapi.RSASignature$SHA224");
+ map.put("Alg.Alias.Signature.1.2.840.113549.1.1.14", "SHA224withRSA");
+ map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.14", "SHA224withRSA");
map.put("Signature.SHA256withRSA",
"sun.security.mscapi.RSASignature$SHA256");
+ map.put("Alg.Alias.Signature.1.2.840.113549.1.1.11", "SHA256withRSA");
+ map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.11", "SHA256withRSA");
map.put("Signature.SHA384withRSA",
"sun.security.mscapi.RSASignature$SHA384");
+ map.put("Alg.Alias.Signature.1.2.840.113549.1.1.12", "SHA384withRSA");
+ map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.12", "SHA384withRSA");
+
map.put("Signature.SHA512withRSA",
"sun.security.mscapi.RSASignature$SHA512");
+ map.put("Alg.Alias.Signature.1.2.840.113549.1.1.13", "SHA512withRSA");
+ map.put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.13", "SHA512withRSA");
+
map.put("Signature.MD5withRSA",
"sun.security.mscapi.RSASignature$MD5");
map.put("Signature.MD2withRSA",
@@ -103,6 +115,8 @@
"sun.security.mscapi.Key");
map.put("Signature.SHA1withRSA SupportedKeyClasses",
"sun.security.mscapi.Key");
+ map.put("Signature.SHA224withRSA SupportedKeyClasses",
+ "sun.security.mscapi.Key");
map.put("Signature.SHA256withRSA SupportedKeyClasses",
"sun.security.mscapi.Key");
map.put("Signature.SHA384withRSA SupportedKeyClasses",
--- a/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestOAEP.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestOAEP.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -58,6 +58,7 @@
Cipher.getInstance("RSA/ECB/OAEPwithMD5andMGF1Padding");
Cipher.getInstance("RSA/ECB/OAEPwithSHA1andMGF1Padding");
Cipher.getInstance("RSA/ECB/OAEPwithSHA-1andMGF1Padding");
+ Cipher.getInstance("RSA/ECB/OAEPwithSHA-224andMGF1Padding");
Cipher.getInstance("RSA/ECB/OAEPwithSHA-256andMGF1Padding");
Cipher.getInstance("RSA/ECB/OAEPwithSHA-384andMGF1Padding");
Cipher.getInstance("RSA/ECB/OAEPwithSHA-512andMGF1Padding");
@@ -88,6 +89,18 @@
// tests alias works
testEncryptDecrypt("SHA-1", 16);
+ // basic test using SHA-224
+ testEncryptDecrypt("SHA-224", 0);
+ testEncryptDecrypt("SHA-224", 16);
+ testEncryptDecrypt("SHA-224", 38);
+ try {
+ testEncryptDecrypt("SHA-224", 39);
+ throw new Exception("Unexpectedly completed call");
+ } catch (IllegalBlockSizeException e) {
+ // ok
+ System.out.println(e);
+ }
+
// basic test using SHA-256
testEncryptDecrypt("SHA-256", 0);
testEncryptDecrypt("SHA-256", 16);
@@ -195,6 +208,7 @@
System.out.println("Done (" + (stop - start) + " ms).");
}
+ // NOTE: OAEP can process up to (modLen - 2*digestLen - 2) bytes of data
private static void testEncryptDecrypt(String hashAlg, int dataLength) throws Exception {
System.out.println("Testing OAEP with hash " + hashAlg + ", " + dataLength + " bytes");
Cipher c = Cipher.getInstance("RSA/ECB/OAEPwith" + hashAlg + "andMGF1Padding", cp);
--- a/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestOAEPParameterSpec.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestOAEPParameterSpec.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -121,6 +121,7 @@
public static void main(String[] argv) throws Exception {
boolean status = true;
byte[] p = { (byte) 0x01, (byte) 0x02, (byte) 0x03, (byte) 0x04 };
+ status &= runTest("SHA-224", MGF1ParameterSpec.SHA224, p);
status &= runTest("SHA-256", MGF1ParameterSpec.SHA256, p);
status &= runTest("SHA-384", MGF1ParameterSpec.SHA384, p);
status &= runTest("SHA-512", MGF1ParameterSpec.SHA512, p);
--- a/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestOAEPWithParams.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/com/sun/crypto/provider/Cipher/RSA/TestOAEPWithParams.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -47,10 +47,10 @@
private static Random random = new Random();
private static String MD[] = {
- "MD5", "SHA1", "SHA-256"
+ "MD5", "SHA1", "SHA-224", "SHA-256"
};
private static int DATA_LENGTH[] = {
- 62, 54, 30
+ 62, 54, 34, 30
};
public static void main(String[] args) throws Exception {
long start = System.currentTimeMillis();
--- a/jdk/test/com/sun/crypto/provider/KeyGenerator/Test4628062.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/com/sun/crypto/provider/KeyGenerator/Test4628062.java Tue May 08 17:57:48 2012 -0700
@@ -23,7 +23,7 @@
/*
* @test
- * @bug 4628062
+ * @bug 4628062 4963723
* @summary Verify that AES KeyGenerator supports default initialization
* when init is not called
* @author Valerie Peng
@@ -34,39 +34,45 @@
public class Test4628062 {
- private static final String ALGO = "AES";
- private static final int[] KEYSIZES =
- { 16, 24, 32 }; // in bytes
+ private static final int[] AES_SIZES = { 16, 24, 32 }; // in bytes
+ private static final int[] HMACSHA224_SIZES = { 28 };
+ private static final int[] HMACSHA256_SIZES = { 32 };
+ private static final int[] HMACSHA384_SIZES = { 48 };
+ private static final int[] HMACSHA512_SIZES = { 64 };
- public boolean execute() throws Exception {
- KeyGenerator kg = KeyGenerator.getInstance(ALGO, "SunJCE");
+ public boolean execute(String algo, int[] keySizes) throws Exception {
+ KeyGenerator kg = KeyGenerator.getInstance(algo, "SunJCE");
// TEST FIX 4628062
Key keyWithDefaultSize = kg.generateKey();
byte[] encoding = keyWithDefaultSize.getEncoded();
- if (encoding.length == 0) {
+ int defKeyLen = encoding.length ;
+ if (defKeyLen == 0) {
throw new Exception("default key length is 0!");
+ } else if (defKeyLen != keySizes[0]) {
+ throw new Exception("default key length mismatch!");
}
// BONUS TESTS
- // 1. call init(int keysize) with various valid key sizes
- // and see if the generated key is the right size.
- for (int i=0; i<KEYSIZES.length; i++) {
- kg.init(KEYSIZES[i]*8); // in bits
- Key key = kg.generateKey();
- if (key.getEncoded().length != KEYSIZES[i]) {
- throw new Exception("key is generated with the wrong length!");
+ if (keySizes.length > 1) {
+ // 1. call init(int keysize) with various valid key sizes
+ // and see if the generated key is the right size.
+ for (int i=0; i<keySizes.length; i++) {
+ kg.init(keySizes[i]*8); // in bits
+ Key key = kg.generateKey();
+ if (key.getEncoded().length != keySizes[i]) {
+ throw new Exception("key is generated with the wrong length!");
+ }
+ }
+ // 2. call init(int keysize) with invalid key size and see
+ // if the expected InvalidParameterException is thrown.
+ try {
+ kg.init(keySizes[0]*8+1);
+ } catch (InvalidParameterException ex) {
+ } catch (Exception ex) {
+ throw new Exception("wrong exception is thrown for invalid key size!");
}
}
- // 2. call init(int keysize) with invalid key size and see
- // if the expected InvalidParameterException is thrown.
- try {
- kg.init(KEYSIZES[0]*8+1);
- } catch (InvalidParameterException ex) {
- } catch (Exception ex) {
- throw new Exception("wrong exception is thrown for invalid key size!");
- }
-
// passed all tests...hooray!
return true;
}
@@ -76,8 +82,20 @@
Test4628062 test = new Test4628062();
String testName = test.getClass().getName();
- if (test.execute()) {
- System.out.println(testName + ": Passed!");
+ if (test.execute("AES", AES_SIZES)) {
+ System.out.println(testName + ": AES Passed!");
+ }
+ if (test.execute("HmacSHA224", HMACSHA224_SIZES)) {
+ System.out.println(testName + ": HmacSHA224 Passed!");
+ }
+ if (test.execute("HmacSHA256", HMACSHA256_SIZES)) {
+ System.out.println(testName + ": HmacSHA256 Passed!");
+ }
+ if (test.execute("HmacSHA384", HMACSHA384_SIZES)) {
+ System.out.println(testName + ": HmacSHA384 Passed!");
+ }
+ if (test.execute("HmacSHA512", HMACSHA512_SIZES)) {
+ System.out.println(testName + ": HmacSHA512 Passed!");
}
}
}
--- a/jdk/test/com/sun/crypto/provider/Mac/MacClone.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/com/sun/crypto/provider/Mac/MacClone.java Tue May 08 17:57:48 2012 -0700
@@ -28,15 +28,33 @@
* @author Jan Luehe
*/
import javax.crypto.*;
+import javax.crypto.spec.SecretKeySpec;
public class MacClone {
public static void main(String[] args) throws Exception {
+ String[] algos = { "HmacMD5", "HmacSHA1", "HmacSHA224", "HmacSHA256",
+ "HmacSHA384", "HmacSHA512" };
+ KeyGenerator kgen = KeyGenerator.getInstance("DES");
+ SecretKey skey = kgen.generateKey();
+ for (String algo : algos) {
+ doTest(algo, skey);
+ }
+
+ String[] algos2 = { "HmacPBESHA1" };
+ skey = new SecretKeySpec("whatever".getBytes(), "PBE");
+ for (String algo : algos2) {
+ doTest(algo, skey);
+ }
+ System.out.println("Test Passed");
+ }
+
+ private static void doTest(String algo, SecretKey skey) throws Exception {
//
- // Clone uninitialized Mac object
+ // Clone an uninitialized Mac object
//
- Mac mac = Mac.getInstance("HmacSHA1", "SunJCE");
+ Mac mac = Mac.getInstance(algo, "SunJCE");
Mac macClone = (Mac)mac.clone();
System.out.println(macClone.getProvider().toString());
System.out.println(macClone.getAlgorithm());
@@ -51,12 +69,9 @@
}
//
- // Clone initialized Mac object
+ // Clone an initialized Mac object
//
- KeyGenerator kgen = KeyGenerator.getInstance("DES");
- SecretKey skey = kgen.generateKey();
-
- mac = Mac.getInstance("HmacSHA1", "SunJCE");
+ mac = Mac.getInstance(algo, "SunJCE");
mac.init(skey);
macClone = (Mac)mac.clone();
System.out.println(macClone.getProvider().toString());
@@ -66,7 +81,20 @@
byte[] macFinal = mac.doFinal();
byte[] macCloneFinal = macClone.doFinal();
if (!java.util.Arrays.equals(macFinal, macCloneFinal)) {
- throw new Exception("MAC results are different");
- }
+ throw new Exception("ERROR: MAC result of init clone is different");
+ } else System.out.println("MAC check#1 passed");
+
+ //
+ // Clone an updated Mac object
+ //
+ mac.update((byte)0x12);
+ macClone = (Mac)mac.clone();
+ mac.update((byte)0x34);
+ macClone.update((byte)0x34);
+ macFinal = mac.doFinal();
+ macCloneFinal = macClone.doFinal();
+ if (!java.util.Arrays.equals(macFinal, macCloneFinal)) {
+ throw new Exception("ERROR: MAC result of updated clone is different");
+ } else System.out.println("MAC check#2 passed");
}
}
--- a/jdk/test/com/sun/crypto/provider/Mac/MacKAT.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/com/sun/crypto/provider/Mac/MacKAT.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
/**
* @test
- * @bug 4846410 6313661
+ * @bug 4846410 6313661 4963723
* @summary Basic known-answer-test for Hmac and SslMac algorithms
* @author Andreas Sterbenz
*/
@@ -147,7 +147,9 @@
private static Test t(String alg, String input, String macvalue, String key) {
return new MacTest(alg, b(input), b(macvalue), b(key));
}
-
+ private static Test t(String alg, String input, String macvalue, byte[] key) {
+ return new MacTest(alg, b(input), b(macvalue), key);
+ }
private static Test t(String alg, byte[] input, String macvalue, String key) {
return new MacTest(alg, input, b(macvalue), b(key));
}
@@ -155,8 +157,8 @@
private static Test t(String alg, byte[] input, String macvalue, byte[] key) {
return new MacTest(alg, input, b(macvalue), key);
}
-
private final static byte[] ALONG, BLONG, BKEY;
+ private final static byte[] BKEY_20, DDDATA_50, AAKEY_20, CDDATA_50, AAKEY_131;
static {
ALONG = new byte[1024 * 128];
@@ -166,6 +168,16 @@
random.nextBytes(BLONG);
BKEY = new byte[128];
random.nextBytes(BKEY);
+ BKEY_20 = new byte[20];
+ Arrays.fill(BKEY_20, (byte) 0x0b);
+ DDDATA_50 = new byte[50];
+ Arrays.fill(DDDATA_50, (byte) 0xdd);
+ AAKEY_20 = new byte[20];
+ Arrays.fill(AAKEY_20, (byte) 0xaa);
+ CDDATA_50 = new byte[50];
+ Arrays.fill(CDDATA_50, (byte) 0xcd);
+ AAKEY_131 = new byte[131];
+ Arrays.fill(AAKEY_131, (byte) 0xaa);
}
private final static Test[] tests = {
@@ -203,15 +215,24 @@
"1b:34:61:29:05:0d:73:db:25:d0:dd:64:06:29:f6:8a"),
t("HmacSHA512", BLONG, "fb:cf:4b:c6:d5:49:5a:5b:0b:d9:2a:32:f5:fa:68:d2:68:a4:0f:ae:53:fc:49:12:e6:1d:53:cf:b2:cb:c5:c5:f2:2d:86:bd:14:61:30:c3:a6:6f:44:1f:77:9b:aa:a1:22:48:a9:dd:d0:45:86:d1:a1:82:53:13:c4:03:06:a3",
BKEY),
+ // Test vectors From RFC4231
+ t("HmacSHA224", s("Hi There"), "89:6f:b1:12:8a:bb:df:19:68:32:10:7c:d4:9d:f3:3f:47:b4:b1:16:99:12:ba:4f:53:68:4b:22", BKEY_20),
+ t("HmacSHA224", s("what do ya want for nothing?"), "a3:0e:01:09:8b:c6:db:bf:45:69:0f:3a:7e:9e:6d:0f:8b:be:a2:a3:9e:61:48:00:8f:d0:5e:44", s("Jefe")),
+ t("HmacSHA224", DDDATA_50, "7f:b3:cb:35:88:c6:c1:f6:ff:a9:69:4d:7d:6a:d2:64:93:65:b0:c1:f6:5d:69:d1:ec:83:33:ea", AAKEY_20),
+ t("HmacSHA224", CDDATA_50, "6c:11:50:68:74:01:3c:ac:6a:2a:bc:1b:b3:82:62:7c:ec:6a:90:d8:6e:fc:01:2d:e7:af:ec:5a", "01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f:10:11:12:13:14:15:16:17:18:19"),
+ t("HmacSHA224", s("Test Using Larger Than Block-Size Key - Hash Key First"), "95:e9:a0:db:96:20:95:ad:ae:be:9b:2d:6f:0d:bc:e2:d4:99:f1:12:f2:d2:b7:27:3f:a6:87:0e", AAKEY_131),
+ t("HmacSHA224", s("This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."), "3a:85:41:66:ac:5d:9f:02:3f:54:d5:17:d0:b3:9d:bd:94:67:70:db:9c:2b:95:c9:f6:f5:65:d1", AAKEY_131),
};
static void runTests(Test[] tests) throws Exception {
long start = System.currentTimeMillis();
Provider p = Security.getProvider("SunJCE");
System.out.println("Testing provider " + p.getName() + "...");
+ Mac.getInstance("HmacSHA224", p);
Mac.getInstance("HmacSHA256", p);
Mac.getInstance("HmacSHA384", p);
Mac.getInstance("HmacSHA512", p);
+ KeyGenerator.getInstance("HmacSHA224", p);
KeyGenerator.getInstance("HmacSHA256", p);
KeyGenerator.getInstance("HmacSHA384", p);
KeyGenerator.getInstance("HmacSHA512", p);
--- a/jdk/test/sun/security/mscapi/SignUsingNONEwithRSA.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/mscapi/SignUsingNONEwithRSA.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -48,6 +48,12 @@
0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x30,
0x31, 0x32, 0x33, 0x34, 0x35, 0x36
},
+ // A SHA-224 hash
+ new byte[] {
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
+ 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x20,
+ 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28
+ },
// A SHA-256 hash
new byte[] {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x10,
--- a/jdk/test/sun/security/mscapi/SignUsingSHA2withRSA.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/mscapi/SignUsingSHA2withRSA.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -78,12 +78,16 @@
generatedSignatures.add(signUsing("SHA256withRSA", privateKey));
generatedSignatures.add(signUsing("SHA384withRSA", privateKey));
generatedSignatures.add(signUsing("SHA512withRSA", privateKey));
+ generatedSignatures.add(signUsing("SHA224withRSA", privateKey));
+
System.out.println("-------------------------------------------------");
verifyUsing("SHA256withRSA", publicKey, generatedSignatures.get(0));
verifyUsing("SHA384withRSA", publicKey, generatedSignatures.get(1));
verifyUsing("SHA512withRSA", publicKey, generatedSignatures.get(2));
+ verifyUsing("SHA224withRSA", publicKey, generatedSignatures.get(3));
+
System.out.println("-------------------------------------------------");
}
--- a/jdk/test/sun/security/pkcs11/MessageDigest/DigestKAT.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/pkcs11/MessageDigest/DigestKAT.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -174,6 +174,12 @@
t("SHA1", s("12345678901234567890123456789012345678901234567890123456789012345678901234567890"), "50:ab:f5:70:6a:15:09:90:a0:8b:2c:5e:a4:0f:a0:e5:85:55:47:32"),
t("SHA1", ALONG, "ce:56:53:59:08:04:ba:a9:36:9f:72:d4:83:ed:9e:ba:72:f0:4d:29"),
+ t("SHA-224", s(""), "d1:4a:02:8c:2a:3a:2b:c9:47:61:02:bb:28:82:34:c4:15:a2:b0:1f:82:8e:a6:2a:c5:b3:e4:2f"),
+ t("SHA-224", s("abc"), "23:09:7d:22:34:05:d8:22:86:42:a4:77:bd:a2:55:b3:2a:ad:bc:e4:bd:a0:b3:f7:e3:6c:9d:a7"),
+ t("SHA-224", s("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"), "75:38:8b:16:51:27:76:cc:5d:ba:5d:a1:fd:89:01:50:b0:c6:45:5c:b4:f5:8b:19:52:52:25:25"),
+ t("SHA-224", s("The quick brown fox jumps over the lazy dog"), "73:0e:10:9b:d7:a8:a3:2b:1c:b9:d9:a0:9a:a2:32:5d:24:30:58:7d:db:c0:c3:8b:ad:91:15:25"),
+ t("SHA-224", s("The quick brown fox jumps over the lazy dog."), "61:9c:ba:8e:8e:05:82:6e:9b:8c:51:9c:0a:5c:68:f4:fb:65:3e:8a:3d:8a:a0:4b:b2:c8:cd:4c"),
+
t("SHA-256", s(""), "e3:b0:c4:42:98:fc:1c:14:9a:fb:f4:c8:99:6f:b9:24:27:ae:41:e4:64:9b:93:4c:a4:95:99:1b:78:52:b8:55"),
t("SHA-256", s("a"), "ca:97:81:12:ca:1b:bd:ca:fa:c2:31:b3:9a:23:dc:4d:a7:86:ef:f8:14:7c:4e:72:b9:80:77:85:af:ee:48:bb"),
t("SHA-256", s("abc"), "ba:78:16:bf:8f:01:cf:ea:41:41:40:de:5d:ae:22:23:b0:03:61:a3:96:17:7a:9c:b4:10:ff:61:f2:00:15:ad"),
--- a/jdk/test/sun/security/pkcs11/MessageDigest/TestCloning.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/pkcs11/MessageDigest/TestCloning.java Tue May 08 17:57:48 2012 -0700
@@ -36,7 +36,7 @@
public class TestCloning extends PKCS11Test {
private static final String[] ALGOS = {
- "MD2", "MD5", "SHA1", "SHA-256", "SHA-384", "SHA-512"
+ "MD2", "MD5", "SHA1", "SHA-224", "SHA-256", "SHA-384", "SHA-512"
};
public static void main(String[] args) throws Exception {
--- a/jdk/test/sun/security/pkcs11/Signature/TestRSAKeyLength.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/pkcs11/Signature/TestRSAKeyLength.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -37,7 +37,7 @@
}
public void main(Provider p) throws Exception {
boolean isValidKeyLength[] = { true, true, false, false };
- String algos[] = { "SHA1withRSA", "SHA256withRSA",
+ String algos[] = { "SHA1withRSA", "SHA224withRSA", "SHA256withRSA",
"SHA384withRSA", "SHA512withRSA" };
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", p);
kpg.initialize(512);
--- a/jdk/test/sun/security/pkcs11/ec/TestCurves.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/pkcs11/ec/TestCurves.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2006, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -68,6 +68,7 @@
kp2 = kpg.generateKeyPair();
testSigning(p, "SHA1withECDSA", data, kp1, kp2);
+ testSigning(p, "SHA224withECDSA", data, kp1, kp2);
testSigning(p, "SHA256withECDSA", data, kp1, kp2);
testSigning(p, "SHA384withECDSA", data, kp1, kp2);
testSigning(p, "SHA512withECDSA", data, kp1, kp2);
--- a/jdk/test/sun/security/pkcs11/rsa/TestKeyPairGenerator.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/pkcs11/rsa/TestKeyPairGenerator.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -61,6 +61,7 @@
testSignature("MD2withRSA", privateKey, publicKey);
testSignature("MD5withRSA", privateKey, publicKey);
testSignature("SHA1withRSA", privateKey, publicKey);
+ testSignature("SHA224withRSA", privateKey, publicKey);
testSignature("SHA256withRSA", privateKey, publicKey);
RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
if (rsaKey.getModulus().bitLength() > 512) {
--- a/jdk/test/sun/security/pkcs11/rsa/TestSignatures.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/pkcs11/rsa/TestSignatures.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -81,6 +81,7 @@
testSignature("MD2withRSA", privateKey, publicKey);
testSignature("MD5withRSA", privateKey, publicKey);
testSignature("SHA1withRSA", privateKey, publicKey);
+ testSignature("SHA224withRSA", privateKey, publicKey);
testSignature("SHA256withRSA", privateKey, publicKey);
RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
if (rsaKey.getModulus().bitLength() > 512) {
--- a/jdk/test/sun/security/provider/MessageDigest/DigestKAT.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/provider/MessageDigest/DigestKAT.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
/**
* @test
- * @bug 4819771 4834179 5008306
+ * @bug 4819771 4834179 5008306 4963723
* @summary Basic known-answer-test for all our MessageDigest algorithms
* @author Andreas Sterbenz
*/
@@ -190,6 +190,12 @@
t("SHA1", ALONG, "ce:56:53:59:08:04:ba:a9:36:9f:72:d4:83:ed:9e:ba:72:f0:4d:29"),
t("SHA1", BLONG, "1d:a8:1a:de:8d:1e:d0:82:ba:12:13:e2:56:26:30:fc:05:b8:8d:a6"),
+ t("SHA-224", s(""), "d1:4a:02:8c:2a:3a:2b:c9:47:61:02:bb:28:82:34:c4:15:a2:b0:1f:82:8e:a6:2a:c5:b3:e4:2f"),
+ t("SHA-224", s("abc"), "23:09:7d:22:34:05:d8:22:86:42:a4:77:bd:a2:55:b3:2a:ad:bc:e4:bd:a0:b3:f7:e3:6c:9d:a7"),
+ t("SHA-224", s("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"), "75:38:8b:16:51:27:76:cc:5d:ba:5d:a1:fd:89:01:50:b0:c6:45:5c:b4:f5:8b:19:52:52:25:25"),
+ t("SHA-224", s("The quick brown fox jumps over the lazy dog"), "73:0e:10:9b:d7:a8:a3:2b:1c:b9:d9:a0:9a:a2:32:5d:24:30:58:7d:db:c0:c3:8b:ad:91:15:25"),
+ t("SHA-224", s("The quick brown fox jumps over the lazy dog."), "61:9c:ba:8e:8e:05:82:6e:9b:8c:51:9c:0a:5c:68:f4:fb:65:3e:8a:3d:8a:a0:4b:b2:c8:cd:4c"),
+
t("SHA-256", s(""), "e3:b0:c4:42:98:fc:1c:14:9a:fb:f4:c8:99:6f:b9:24:27:ae:41:e4:64:9b:93:4c:a4:95:99:1b:78:52:b8:55"),
t("SHA-256", s("a"), "ca:97:81:12:ca:1b:bd:ca:fa:c2:31:b3:9a:23:dc:4d:a7:86:ef:f8:14:7c:4e:72:b9:80:77:85:af:ee:48:bb"),
t("SHA-256", s("abc"), "ba:78:16:bf:8f:01:cf:ea:41:41:40:de:5d:ae:22:23:b0:03:61:a3:96:17:7a:9c:b4:10:ff:61:f2:00:15:ad"),
--- a/jdk/test/sun/security/provider/MessageDigest/Offsets.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/provider/MessageDigest/Offsets.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -80,6 +80,7 @@
test("MD2", 0, 64, 0, 128);
test("MD5", 0, 64, 0, 128);
test("SHA1", 0, 64, 0, 128);
+ test("SHA-224", 0, 64, 0, 128);
test("SHA-256", 0, 64, 0, 128);
test("SHA-384", 0, 128, 0, 256);
test("SHA-512", 0, 128, 0, 256);
--- a/jdk/test/sun/security/provider/MessageDigest/TestSHAClone.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/provider/MessageDigest/TestSHAClone.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002, 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -24,7 +24,7 @@
/**
* @test
* @bug 4775971
- * @summary test the clone implementation of SHA, SHA-256,
+ * @summary test the clone implementation of SHA, SHA-224, SHA-256,
* SHA-384, SHA-512 MessageDigest implementation.
*/
import java.security.*;
@@ -33,7 +33,7 @@
public class TestSHAClone {
private static final String[] ALGOS = {
- "SHA", "SHA-256", "SHA-512", "SHA-384"
+ "SHA", "SHA-224", "SHA-256", "SHA-512", "SHA-384"
};
private static byte[] input1 = {
--- a/jdk/test/sun/security/rsa/TestKeyPairGenerator.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/rsa/TestKeyPairGenerator.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
/**
* @test
- * @bug 4853305 4865198 4888410
+ * @bug 4853305 4865198 4888410 4963723
* @summary Verify that the RSA KeyPairGenerator works
* @author Andreas Sterbenz
*/
@@ -60,6 +60,7 @@
testSignature("MD2withRSA", privateKey, publicKey);
testSignature("MD5withRSA", privateKey, publicKey);
testSignature("SHA1withRSA", privateKey, publicKey);
+ testSignature("SHA224withRSA", privateKey, publicKey);
testSignature("SHA256withRSA", privateKey, publicKey);
RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
if (rsaKey.getModulus().bitLength() > 512) {
--- a/jdk/test/sun/security/rsa/TestSignatures.java Tue May 08 11:16:36 2012 -0700
+++ b/jdk/test/sun/security/rsa/TestSignatures.java Tue May 08 17:57:48 2012 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2003, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -23,7 +23,7 @@
/**
* @test
- * @bug 4853305
+ * @bug 4853305 4963723
* @summary Test signing/verifying using all the signature algorithms
* @author Andreas Sterbenz
*/
@@ -80,6 +80,7 @@
testSignature("MD2withRSA", privateKey, publicKey);
testSignature("MD5withRSA", privateKey, publicKey);
testSignature("SHA1withRSA", privateKey, publicKey);
+ testSignature("SHA224withRSA", privateKey, publicKey);
testSignature("SHA256withRSA", privateKey, publicKey);
RSAPublicKey rsaKey = (RSAPublicKey)publicKey;
if (rsaKey.getModulus().bitLength() > 512) {