Skip to content
Commits on Source (2)
Expand all Show whitespace changes
Inline Side-by-side
debian/changelog
View file @ beed771d
jss (4.4.2-7) UNRELEASED; urgency=medium
jss (4.4.3-1) unstable; urgency=medium
* New upstream release.
- jss-*.patch: Dropped, upstream
* control: Update VCS urls.
-- Timo Aaltonen <tjaalton@debian.org> Sat, 14 Apr 2018 10:14:10 +0300
-- Timo Aaltonen <tjaalton@debian.org> Tue, 17 Apr 2018 10:42:06 +0300
jss (4.4.2-6) unstable; urgency=medium
......
debian/libjss-java.files
View file @ beed771d
usr/share/java/jss-4.4.2.jar
usr/share/java/jss-4.4.3.jar
usr/lib/jss/libjss4.so
debian/libjss-java.links
View file @ beed771d
# Required by ldapjdk
usr/share/java/jss-4.4.2.jar usr/share/java/jss.jar
usr/share/java/jss-4.4.3.jar usr/share/java/jss.jar
# Required by idm-console-framework
usr/share/java/jss-4.4.2.jar usr/share/java/jss4.jar
usr/share/java/jss-4.4.3.jar usr/share/java/jss4.jar
debian/patches/jss-HMAC-test-for-AES-encrypt-unwrap.patch deleted 100644 → 0
View file @ b8d9486a
# HG changeset patch
# User Jack Magne <jmagne@redhat.com>
# Date 1504307754 25200
# Fri Sep 01 16:15:54 2017 -0700
# Node ID eec15518fd61f1d988c25b4de589555796f9e65f
# Parent 17d1d7b740ca5777fbcf8ee817a2f26b9c93593a
unwrapping of HMAC-SHA1 secret keys using AES wrapping and unwrapping
cfu on behalf of jmagne
diff -r 17d1d7b740ca -r eec15518fd61 org/mozilla/jss/pkcs11/PK11KeyWrapper.java
--- a/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.java Mon May 01 10:39:50 2017 -0700
+++ b/jss/org/mozilla/jss/pkcs11/PK11KeyWrapper.java Fri Sep 01 16:15:54 2017 -0700
@@ -588,6 +588,8 @@
return EncryptionAlgorithm.RC4;
} else if( type == SymmetricKey.AES ) {
return EncryptionAlgorithm.AES_128_ECB;
+ } else if( type == SymmetricKey.SHA1_HMAC) {
+ return HMACAlgorithm.SHA1;
} else {
Assert._assert( type == SymmetricKey.RC2 );
return EncryptionAlgorithm.RC2_CBC;
diff -r 17d1d7b740ca -r eec15518fd61 org/mozilla/jss/pkcs11/PK11MessageDigest.c
--- a/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c Mon May 01 10:39:50 2017 -0700
+++ b/jss/org/mozilla/jss/pkcs11/PK11MessageDigest.c Fri Sep 01 16:15:54 2017 -0700
@@ -67,19 +67,19 @@
}
/* copy the key, setting the CKA_SIGN attribute */
- /*
+
newKey = PK11_CopySymKeyForSigning(origKey, mech);
+
+ /* For some key on the hsm, this call could fail, but the key may work anyway */
+
if( newKey == NULL ) {
- JSS_throwMsg(env, DIGEST_EXCEPTION,
- "Unable to set CKA_SIGN attribute on symmetric key");
- goto finish;
+ newKey = origKey;
}
- */
param.data = NULL;
param.len = 0;
- context = PK11_CreateContextBySymKey(mech, CKA_SIGN, origKey, &param);
+ context = PK11_CreateContextBySymKey(mech, CKA_SIGN, newKey, &param);
if( context == NULL ) {
JSS_throwMsg(env, DIGEST_EXCEPTION,
"Unable to initialize digest context");
@@ -88,7 +88,7 @@
contextObj = JSS_PK11_wrapCipherContextProxy(env, &context);
finish:
- if(newKey) {
+ if(newKey && (newKey != origKey)) {
/* SymKeys are ref counted, and the context will free it's ref
* when it is destroyed */
PK11_FreeSymKey(newKey);
diff -r 17d1d7b740ca -r eec15518fd61 org/mozilla/jss/tests/HmacTest.java
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jss/org/mozilla/jss/tests/HmacTest.java Fri Sep 01 16:15:54 2017 -0700
@@ -0,0 +1,119 @@
+
+package org.mozilla.jss.tests;
+
+
+import java.security.Key;
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+
+import org.mozilla.jss.CryptoManager;
+import org.mozilla.jss.crypto.CryptoToken;
+import org.mozilla.jss.crypto.SymmetricKey;
+
+
+public class HmacTest {
+
+ private static final String INTERNAL_KEY_STORAGE_TOKEN =
+ new CryptoManager.InitializationValues("").getInternalKeyStorageTokenDescription().trim();
+
+ private static final String NSS_DATABASE_DIR = "sql:data";
+ private static final String PROVIDER = "Mozilla-JSS";
+
+
+ public static void main(String[] args)
+ {
+
+ String algorithm = "hmac-sha1";
+
+ try {
+ configureCrypto(args);
+
+ Mac mac = Mac.getInstance(algorithm, PROVIDER);
+
+ byte[] keyData = new byte[16];
+ Key key = importHmacSha1Key(keyData);
+
+ mac.init(key);
+
+ doHMAC(mac,"Dogtag rules!");
+
+ System.out.println("Done");
+
+ System.exit(0);
+ } catch (Exception e) {
+ System.exit(1);
+ }
+ }
+
+ private static void configureCrypto(String[] args)
+ throws Exception {
+
+ CryptoManager.InitializationValues initializationValues =
+ new CryptoManager.InitializationValues(args[0]);
+
+ CryptoManager.initialize(initializationValues);
+
+ CryptoManager cryptoManager = CryptoManager.getInstance();
+
+ CryptoToken cryptoToken =
+ cryptoManager.getTokenByName(INTERNAL_KEY_STORAGE_TOKEN);
+
+ cryptoManager.setThreadToken(cryptoToken);
+ }
+
+ private static Key importHmacSha1Key(byte[] key)
+ throws Exception {
+
+ final String WRAPPING_ALGORITHM = "AES/CBC/PKCS5Padding";
+
+ Key wrappingKey = getWrappingKey();
+
+ byte[] iv = new byte[16];
+ IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
+
+ Cipher wrappingCipher = Cipher.getInstance(WRAPPING_ALGORITHM, PROVIDER);
+ wrappingCipher.init(Cipher.ENCRYPT_MODE, wrappingKey, ivParameterSpec);
+
+ byte[] wrappedKeyData = wrappingCipher.doFinal(key);
+
+ Cipher unwrappingCipher = Cipher.getInstance(WRAPPING_ALGORITHM, PROVIDER);
+ unwrappingCipher.init(Cipher.UNWRAP_MODE, wrappingKey, ivParameterSpec);
+
+ return (SecretKey) unwrappingCipher.unwrap(wrappedKeyData,
+ SymmetricKey.SHA1_HMAC.toString(),
+ Cipher.SECRET_KEY);
+ }
+
+ private static synchronized Key getWrappingKey()
+ throws Exception {
+
+ final String keyGenAlgorithm = "AES";
+ final int wrappingKeyLength = 256;
+
+ KeyGenerator keyGen = KeyGenerator.getInstance(keyGenAlgorithm, PROVIDER);
+ keyGen.init(wrappingKeyLength);
+ return keyGen.generateKey();
+ }
+
+ public static void doHMAC(Mac mozillaHmac, String clearText)
+ throws Exception {
+ byte[] mozillaHmacOut;
+
+ //Get the Mozilla HMAC
+ mozillaHmacOut = mozillaHmac.doFinal(clearText.getBytes());
+
+ if (mozillaHmacOut.length == mozillaHmac.getMacLength()) {
+ System.out.println(PROVIDER + " supports " +
+ mozillaHmac.getAlgorithm() + " and the output size is " + mozillaHmac.getMacLength());
+ } else {
+ throw new Exception("ERROR: hmac output size is " +
+ mozillaHmacOut.length + ", should be " +
+ mozillaHmac.getMacLength());
+ }
+ }
+
+
+}
diff -r 17d1d7b740ca -r eec15518fd61 org/mozilla/jss/tests/all.pl
--- a/jss/org/mozilla/jss/tests/all.pl Mon May 01 10:39:50 2017 -0700
+++ b/jss/org/mozilla/jss/tests/all.pl Fri Sep 01 16:15:54 2017 -0700
@@ -492,6 +492,10 @@
$command = "$java -cp $jss_classpath org.mozilla.jss.tests.HMACTest $testdir $pwfile";
run_test($testname, $command);
+$testname = "HMAC Unwrap";
+$command = "$java -cp $jss_classpath org.mozilla.jss.tests.HmacTest $testdir $pwfile";
+run_test($testname, $command);
+
$testname = "KeyWrapping ";
$command = "$java -cp $jss_classpath org.mozilla.jss.tests.JCAKeyWrap $testdir $pwfile";
run_test($testname, $command);
debian/patches/jss-HMAC-unwrap-keywrap-FIPSMODE.patch deleted 100644 → 0
View file @ b8d9486a
# HG changeset patch
# User Jack Magne <jmagne@redhat.com>
# Date 1506640850 25200
# Thu Sep 28 16:20:50 2017 -0700
# Node ID 252c10f448971b7ae087bde259505abd5dc5a03a
# Parent 3e9a5ae2149d04877dc19b117a8917c22854f8eb
Fix: Bug 1400884 - new JSS failures: HMAC Unwrap and KeyWrapping FIPSMODE.
diff --git a/org/mozilla/jss/pkcs11/KeyType.java b/org/mozilla/jss/pkcs11/KeyType.java
--- a/jss/org/mozilla/jss/pkcs11/KeyType.java
+++ b/jss/org/mozilla/jss/pkcs11/KeyType.java
@@ -204,9 +204,7 @@
EncryptionAlgorithm.AES_192_CBC,
EncryptionAlgorithm.AES_256_ECB,
EncryptionAlgorithm.AES_256_CBC,
- /* AES CBC PAD is the same as AES_256_CBC_PAD */
- /* shouldn't break backward compatibility 313798*/
- //EncryptionAlgorithm.AES_CBC_PAD,
+ EncryptionAlgorithm.AES_CBC_PAD,
EncryptionAlgorithm.AES_128_CBC_PAD,
EncryptionAlgorithm.AES_192_CBC_PAD,
EncryptionAlgorithm.AES_256_CBC_PAD
debian/patches/jss-SignatureAlgorithm.patch deleted 100644 → 0
View file @ b8d9486a
# HG changeset patch
# User David Stutzman david.konrad.stutzman@us.army.mil
# Date 1509062346 25200
# Thu Oct 26 16:59:06 2017 -0700
# Node ID b1a3c3cc6b3584948d251d3bfcfe6630d8970db5
# Parent 252c10f448971b7ae087bde259505abd5dc5a03a
Bugzilla.mozilla 1409867 org.mozilla.jss.pkix.cms.SignerInfo incorrectly producing signatures (especially for EC)
The patch fixes the OID that goes into the signatureAlgorithm field as well as passing the full signature algorithm to the Signature context to generate the signature using the proper algorithm.
With this patch, if one passes SignatureAlgorithm.RSASignatureWithSHA256Digest in the constructor one will now get sha256WithRSAEncryption (1 2 840 113549 1 1 11) in the signatureAlgorithm field.
cfu checking in for dstutzman
diff --git a/org/mozilla/jss/pkix/cms/SignerInfo.java b/org/mozilla/jss/pkix/cms/SignerInfo.java
--- a/jss/org/mozilla/jss/pkix/cms/SignerInfo.java
+++ b/jss/org/mozilla/jss/pkix/cms/SignerInfo.java
@@ -289,7 +289,7 @@
}
digestEncryptionAlgorithm = new AlgorithmIdentifier(
- signingAlg.getRawAlg().toOID(),null );
+ signingAlg.toOID(),null );
if( signedAttributes != null )
@@ -332,7 +332,7 @@
// encrypt the DER-encoded DigestInfo with the private key
CryptoToken token = signingKey.getOwningToken();
Signature sig;
- sig = token.getSignatureContext( signingAlg.getRawAlg() );
+ sig = token.getSignatureContext( signingAlg );
sig.initSign(signingKey);
sig.update(toBeSigned);
encryptedDigest = new OCTET_STRING(sig.sign());
debian/patches/jss-fix-PK11Store-getEncryptedPrivateKeyInfo-segfault.patch deleted 100644 → 0
View file @ b8d9486a
# HG changeset patch
# User Fraser Tweedale<ftweedale@redhat.com>
# Date 1505175862 25200
# Mon Sep 11 17:24:22 2017 -0700
# Node ID 3e9a5ae2149d04877dc19b117a8917c22854f8eb
# Parent 87dca07f7529463398734d1279bcfd7023a43d4c
Bug 1371147 PK11Store.getEncryptedPrivateKeyInfo() segfault if export fails -
patch jss-ftweedal-0011-Don-t-crash-if-PK11_ExportEncryptedPrivKeyInfo-retur.patch
Subject: Don't crash if PK11_ExportEncryptedPrivKeyInfo returns NULL
From: Fraser Tweedale <ftweedal@redhat.com>
Content-Type: text/plain
found patch at byte 239
message:
Don't crash if PK11_ExportEncryptedPrivKeyInfo returns NULL
PK11_ExportEncryptedPrivKeyInfo returning NULL is not being handled
properly, causing segfault. Detect this condition and raise a
TokenException instead.
cfu for ftweedal
diff -r 87dca07f7529 -r 3e9a5ae2149d org/mozilla/jss/pkcs11/PK11Store.c
--- a/jss/org/mozilla/jss/pkcs11/PK11Store.c Fri Sep 08 11:56:04 2017 -0700
+++ b/jss/org/mozilla/jss/pkcs11/PK11Store.c Mon Sep 11 17:24:22 2017 -0700
@@ -581,6 +581,11 @@
// export the epki
epki = PK11_ExportEncryptedPrivKeyInfo(
slot, algTag, pwItem, privk, iterations, NULL /*wincx*/);
+ if (epki == NULL) {
+ JSS_throwMsgPrErr(
+ env, TOKEN_EXCEPTION, "Failed to export EncryptedPrivateKeyInfo");
+ goto finish;
+ }
// DER-encode the epki
if (SEC_ASN1EncodeItem(NULL, &epkiItem, epki,
debian/patches/jss-fix-SignerInfo-version.patch deleted 100644 → 0
View file @ b8d9486a
# HG changeset patch
# User David Stutzman<david.konrad.stutzman@us.army.mil>
# Date 1516144092 28800
# Tue Jan 16 15:08:12 2018 -0800
# Node ID 1d858c6d4626b625bb671426e6899d98c2f5bb2e
# Parent 8746a3fc74785e2fd12f86d08a6886ed9160620e
Bug# 386351 SignerInfo version, r=cfu
This patch fixes versioning of SignerInfo to match CMS spec.
cfu for dstutzman
diff --git a/org/mozilla/jss/pkix/cms/SignerInfo.java b/org/mozilla/jss/pkix/cms/SignerInfo.java
--- a/jss/org/mozilla/jss/pkix/cms/SignerInfo.java
+++ b/jss/org/mozilla/jss/pkix/cms/SignerInfo.java
@@ -52,9 +52,6 @@
private OCTET_STRING encryptedDigest;
private SET unsignedAttributes; // [1] OPTIONAL
- // we only do CMS in RFC 2630
- private static final INTEGER VERSION = new INTEGER(3);
-
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
// Accessor methods
@@ -198,8 +195,17 @@
CryptoManager.NotInitializedException, SignatureException,
TokenException
{
- version = VERSION;
+ if (signerIdentifier == null) {
+ throw new IllegalArgumentException("SignerIdentifier may not be null");
+ }
this.signerIdentifier = signerIdentifier;
+ if (SignerIdentifier.ISSUER_AND_SERIALNUMBER.equals(this.signerIdentifier.getType())) {
+ this.version = new INTEGER(1);
+ } else if (SignerIdentifier.SUBJECT_KEY_IDENTIFIER.equals(this.signerIdentifier.getType())) {
+ this.version = new INTEGER(3);
+ } else {
+ throw new IllegalArgumentException("Unexpected SignerIdentifier type");
+ }
this.digestAlgorithm =
new AlgorithmIdentifier(signingAlg.getDigestAlg().toOID(),null);
debian/patches/jss-signature-correction.patch deleted 100644 → 0
View file @ b8d9486a
# HG changeset patch
# User David Stutzman<david.konrad.stutzman@us.army.mil>
# Date 1515711524 28800
# Thu Jan 11 14:58:44 2018 -0800
# Node ID 9e2db7eee6652330723d935c2b900b9b09b1ab9d
# Parent ca2c2fcfaf207f87c3c69e493f2b30fd0a088e95
Bug 1409867 - additional fix from dstutzman: allow signatures to be created correctly.
cfu for dstutzman
diff --git a/org/mozilla/jss/pkix/cms/SignerInfo.java b/org/mozilla/jss/pkix/cms/SignerInfo.java
--- a/jss/org/mozilla/jss/pkix/cms/SignerInfo.java
+++ b/jss/org/mozilla/jss/pkix/cms/SignerInfo.java
@@ -9,14 +9,10 @@
import org.mozilla.jss.util.Assert;
import org.mozilla.jss.pkix.primitive.*;
import org.mozilla.jss.crypto.*;
-import java.util.Vector;
-import java.math.BigInteger;
-import java.io.ByteArrayInputStream;
import java.security.InvalidKeyException;
import java.security.SignatureException;
import java.security.NoSuchAlgorithmException;
import java.security.MessageDigest;
-import org.mozilla.jss.crypto.*;
import org.mozilla.jss.crypto.X509Certificate;
import org.mozilla.jss.pkix.cert.*;
import org.mozilla.jss.*;
@@ -73,14 +69,6 @@
}
/**
- * Low-level method to set the version.
- * It is not normally necessary to call this. Use it at your own risk.
- public void setVersion(INTEGER version) {
- this.version = version;
- }
- */
-
- /**
* Retrieves the SignerIdentifier.
*/
public SignerIdentifier getSignerIdentifier() {
@@ -88,14 +76,6 @@
}
/**
- * Low-level method to set the signerIdentifier.
- * It is not normally necessary to call this. Use it at your own risk.
- public void setSignerIdentifier( SignerIdentifier iasn ) {
- this.signerIdentifier = iasn;
- }
- */
-
- /**
* Retrieves the DigestAlgorithm used in this SignerInfo.
*
* @exception NoSuchAlgorithmException If the algorithm is not
@@ -116,14 +96,6 @@
}
/**
- * Low-level method to set the digest AlgorithmIdentifier.
- * It is not normally necessary to call this. Use it at your own risk.
- public void setDigestAlgorithmIdentifier(AlgorithmIdentifier algid) {
- this.digestAlgorithm = algid;
- }
- */
-
- /**
* Retrieves the signed attributes, if they exist.
*
*/
@@ -139,14 +111,6 @@
}
/**
- * Low-level method to set the signedAttributes field.
- * It is not normally necessary to call this. Use it at your own risk.
- public void setSignedAttributes(SET authAttrib) {
- this.signedAttributes = authAttrib;
- }
- */
-
- /**
* Returns the raw signature (digest encryption) algorithm used in this
* SignerInfo.
*
@@ -168,15 +132,6 @@
}
/**
- * Low-level method to set the digestEncryptionAlgorithm field.
- * It is not normally necessary to call this. Use it at your own risk.
- public void
- setDigestEncryptionAlgorithmIdentifier(AlgorithmIdentifier algid) {
- this.digestEncryptionAlgorithm= algid;
- }
- */
-
- /**
* Retrieves the encrypted digest.
*/
public byte[] getEncryptedDigest() {
@@ -184,14 +139,6 @@
}
/**
- * Low-level method to set the encryptedDigest field.
- * It is not normally necessary to call this. Use it at your own risk.
- public void setEncryptedDigest(byte[] ed) {
- this.encryptedDigest = new OCTET_STRING(ed);
- }
- */
-
- /**
* Retrieves the unsigned attributes, if they exist.
*
*/
@@ -206,14 +153,6 @@
return (unsignedAttributes!=null);
}
- /**
- * Low-level method to set the unsignedAttributes field.
- * It is not normally necessary to call this. Use it at your own risk.
- public void setUnsignedAttributes(SET unauthAttrib) {
- this.unsignedAttributes = unauthAttrib;
- }
- */
-
///////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////
// Constructors
@@ -221,17 +160,6 @@
///////////////////////////////////////////////////////////////////////
/**
- * Low-level default constructor. All fields are initialized to null.
- * Before this SignerInfo can be processed or used in any way, all of
- * the fields except <code>signedAttributes</code> and
- * <code>unsignedAttributes</code> must be non-null.
- * <p>It is not normally necessary to call this constructor.Use it at
- * your own risk.
- public SignerInfo() {
- }
- */
-
- /**
* A constructor for creating a new SignerInfo from scratch.
*
* @param signerIdentifier The signerIdentifier of the
@@ -303,36 +231,32 @@
//////////////////////////////////////////////////
// compute the digest
- byte[] digest=null;
- DigestAlgorithm digestAlg = signingAlg.getDigestAlg();
- if( signedAttributes == null ) {
+ CryptoToken token = signingKey.getOwningToken();
+ Signature sig;
+ byte[] toBeSigned = null;
+ if (signedAttributes == null) {
// just use the message digest of the content
- digest = messageDigest;
+ if (signingAlg.getRawAlg() == SignatureAlgorithm.RSASignature) {
+ SEQUENCE digestInfo = createDigestInfo(messageDigest, false);
+ toBeSigned = ASN1Util.encode(digestInfo);
+ } else {
+ toBeSigned = messageDigest;
+ }
+ sig = token.getSignatureContext(signingAlg.getRawAlg()); //data is already digested
} else {
- // digest the contents octets of the signed attributes
- byte[] enc = ASN1Util.encode(signedAttributes);
- MessageDigest md =
- MessageDigest.getInstance(digestAlg.toString());
- digest = md.digest( enc );
- }
-
- byte[] toBeSigned;
- if( signingAlg.getRawAlg() == SignatureAlgorithm.RSASignature ) {
- // put the digest in a DigestInfo
- SEQUENCE digestInfo = new SEQUENCE();
- AlgorithmIdentifier digestAlgId =
- new AlgorithmIdentifier( digestAlg.toOID(),null );
- digestInfo.addElement( digestAlgId );
- digestInfo.addElement( new OCTET_STRING( digest ) );
- toBeSigned = ASN1Util.encode(digestInfo);
- } else {
- toBeSigned = digest;
+ byte[] encoding = ASN1Util.encode(signedAttributes);
+ if (signingAlg.getRawAlg() == SignatureAlgorithm.RSASignature) {
+ // put the digest in a DigestInfo
+ SEQUENCE digestInfo = createDigestInfo(encoding, true);
+ toBeSigned = ASN1Util.encode(digestInfo);
+ sig = token.getSignatureContext(SignatureAlgorithm.RSASignature);
+ } else {
+ toBeSigned = encoding;
+ sig = token.getSignatureContext(signingAlg);
+ }
}
// encrypt the DER-encoded DigestInfo with the private key
- CryptoToken token = signingKey.getOwningToken();
- Signature sig;
- sig = token.getSignatureContext( signingAlg );
sig.initSign(signingKey);
sig.update(toBeSigned);
encryptedDigest = new OCTET_STRING(sig.sign());
@@ -494,21 +418,20 @@
digestEncryptionAlgorithm.getOID()
);
+ CryptoToken token = CryptoManager.getInstance()
+ .getInternalCryptoToken();
+ Signature sig;
byte[] toBeVerified;
- if( sigAlg.getRawAlg() == SignatureAlgorithm.RSASignature ) {
+ if (sigAlg.getRawAlg() == SignatureAlgorithm.RSASignature) {
// create DigestInfo structure
- SEQUENCE digestInfo = new SEQUENCE();
- digestInfo.addElement(
- new AlgorithmIdentifier(digestAlgorithm.getOID(), null) );
- digestInfo.addElement( new OCTET_STRING(messageDigest) );
+ SEQUENCE digestInfo = createDigestInfo(messageDigest, false);
toBeVerified = ASN1Util.encode(digestInfo);
+ sig = token.getSignatureContext(sigAlg.getRawAlg());
} else {
toBeVerified = messageDigest;
+ sig = token.getSignatureContext(sigAlg);
}
-
- CryptoToken token = CryptoManager.getInstance()
- .getInternalCryptoToken();
- Signature sig = token.getSignatureContext(sigAlg);
+
sig.initVerify(pubkey);
sig.update(toBeVerified);
if( sig.verify(encryptedDigest.toByteArray()) ) {
@@ -671,31 +594,22 @@
// Now verify the signature.
CryptoToken token =
CryptoManager.getInstance().getInternalCryptoToken();
- Signature sig = token.getSignatureContext( sigAlg );
- sig.initVerify(pubkey);
+ Signature sig;
// verify the contents octets of the DER encoded signed attribs
- byte[] toBeDigested = ASN1Util.encode(signedAttributes);
-
- MessageDigest md = MessageDigest.getInstance(
- DigestAlgorithm.fromOID(digestAlgorithm.getOID()).toString() );
- byte[] digest = md.digest(toBeDigested);
-
+ byte[] encoding = ASN1Util.encode(signedAttributes);
byte[] toBeVerified;
- if( sigAlg.getRawAlg() == SignatureAlgorithm.RSASignature ) {
+ if (sigAlg.getRawAlg() == SignatureAlgorithm.RSASignature) {
// create DigestInfo structure
- SEQUENCE digestInfo = new SEQUENCE();
-
- AlgorithmIdentifier digestAlgId =
- new AlgorithmIdentifier( digestAlgorithm.getOID(),null );
- digestInfo.addElement( digestAlgId );
-
- digestInfo.addElement( new OCTET_STRING(digest) );
+ SEQUENCE digestInfo = createDigestInfo(encoding, true);
toBeVerified = ASN1Util.encode(digestInfo);
+ sig = token.getSignatureContext(SignatureAlgorithm.RSASignature);
} else {
- toBeVerified = digest;
+ toBeVerified = encoding;
+ sig = token.getSignatureContext(sigAlg);
}
+ sig.initVerify(pubkey);
sig.update( toBeVerified );
if( ! sig.verify(encryptedDigest.toByteArray()) ) {
@@ -708,6 +622,25 @@
// SUCCESSFULLY VERIFIED
}
+
+ private SEQUENCE createDigestInfo(byte[] data, boolean doDigest) throws NoSuchAlgorithmException {
+ if(data == null || data.length == 0){
+ throw new IllegalArgumentException("Data to digest must be supplied");
+ }
+ SEQUENCE digestInfo = new SEQUENCE();
+ digestInfo.addElement(this.digestAlgorithm);
+ byte[] digest;
+ if (doDigest) {
+ MessageDigest md = MessageDigest.getInstance(
+ DigestAlgorithm.fromOID(this.digestAlgorithm.getOID()).toString());
+ digest = md.digest(data);
+ } else {
+ digest = data;
+ }
+ digestInfo.addElement(new OCTET_STRING(digest));
+ return digestInfo;
+ }
+
/**
* Compares two non-null byte arrays. Returns true if they are identical,
debian/patches/jss-standardize-ECC-algorithm-names.patch deleted 100644 → 0
View file @ b8d9486a
# HG changeset patch
# User David Stutzman<david.konrad.stutzman@us.army.mil>
# Date 1515722400 28800
# Thu Jan 11 18:00:00 2018 -0800
# Node ID 8746a3fc74785e2fd12f86d08a6886ed9160620e
# Parent 9e2db7eee6652330723d935c2b900b9b09b1ab9d
Bug 589158 Add support for Java Security Standard Algorithm Names for EC Signature types
This patch adds the aliases for Java Security Standard Algorithm Names for EC Signature types.
cfu for dstutzman (reviewed by wtc)
diff --git a/org/mozilla/jss/JSSProvider.java b/org/mozilla/jss/JSSProvider.java
--- a/jss/org/mozilla/jss/JSSProvider.java
+++ b/jss/org/mozilla/jss/JSSProvider.java
@@ -79,21 +79,25 @@
put("Alg.Alias.Signature.SHA-1/EC", "SHA1withEC");
put("Alg.Alias.Signature.SHA/ECDSA", "SHA1withEC");
put("Alg.Alias.Signature.SHA1/ECDSA", "SHA1withEC");
+ put("Alg.Alias.Signature.SHA1withECDSA", "SHA1withEC"); //JCE Standard Name
put("Signature.SHA256withEC",
"org.mozilla.jss.provider.java.security.JSSSignatureSpi$SHA256EC");
put("Alg.Alias.Signature.SHA256/EC", "SHA256withEC");
put("Alg.Alias.Signature.SHA-256/EC", "SHA256withEC");
+ put("Alg.Alias.Signature.SHA256withECDSA", "SHA256withEC"); //JCE Standard Name
put("Signature.SHA384withEC",
"org.mozilla.jss.provider.java.security.JSSSignatureSpi$SHA384EC");
put("Alg.Alias.Signature.SHA384/EC", "SHA384withEC");
put("Alg.Alias.Signature.SHA-384/EC", "SHA384withEC");
+ put("Alg.Alias.Signature.SHA384withECDSA", "SHA384withEC"); //JCE Standard Name
put("Signature.SHA512withEC",
"org.mozilla.jss.provider.java.security.JSSSignatureSpi$SHA512EC");
put("Alg.Alias.Signature.SHA512/EC", "SHA512withEC");
put("Alg.Alias.Signature.SHA-512/EC", "SHA512withEC");
+ put("Alg.Alias.Signature.SHA512withECDSA", "SHA512withEC"); //JCE Standard Name
/////////////////////////////////////////////////////////////
// Message Digesting
debian/patches/series
View file @ beed771d
fix-jdk9-ftbfs.diff
jss-HMAC-test-for-AES-encrypt-unwrap.patch
jss-PBE-padded-block-cipher-enhancements.patch
jss-fix-PK11Store-getEncryptedPrivateKeyInfo-segfault.patch
jss-HMAC-unwrap-keywrap-FIPSMODE.patch
jss-SignatureAlgorithm.patch
jss-ObjectNotFoundException-message.patch
jss-signature-correction.patch
jss-standardize-ECC-algorithm-names.patch
jss-fix-SignerInfo-version.patch