Skip to content

Commit a4fb240

Browse files
committed
Add PKIX Support
1 parent 1bec328 commit a4fb240

File tree

218 files changed

+71456
-7
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

218 files changed

+71456
-7
lines changed

common/src/main/java/org/conscrypt/OpenSSLKey.java

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -336,10 +336,12 @@ static PrivateKey getPrivateKey(PKCS8EncodedKeySpec keySpec, int type)
336336
throw new InvalidKeySpecException(e);
337337
}
338338

339-
if (NativeCrypto.EVP_PKEY_type(key.getNativeRef()) != type) {
339+
int decodedKeyType = NativeCrypto.EVP_PKEY_type(key.getNativeRef());
340+
if (decodedKeyType != type &&
341+
!(decodedKeyType == NativeConstants.EVP_PKEY_SM2 &&
342+
type == NativeConstants.EVP_PKEY_EC)) {
340343
throw new InvalidKeySpecException("Unexpected key type");
341344
}
342-
343345
try {
344346
return key.getPrivateKey();
345347
} catch (NoSuchAlgorithmException e) {

openjdk/src/main/java/net/tongsuo/TongsuoProvider.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,5 +24,6 @@ public TongsuoProvider() {
2424
// Register TlcpKeyManagerFactoryImpl and TlcpKeyManagerImpl
2525
put("KeyManagerFactory.TlcpKeyManagerFactory", TlcpKeyManagerFactoryImpl.class.getName());
2626
// put("X509ExtendedKeyManager.TlcpKeyManager", TlcpKeyManagerImpl.class.getName());
27+
put("KeyStore.PKCS12", "net.tongsuo.sun.security.pkcs12.PKCS12KeyStore");
2728
}
2829
}
Lines changed: 186 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,186 @@
1+
package net.tongsuo.crypto;
2+
3+
import javax.crypto.Cipher;
4+
import javax.crypto.KeyAgreement;
5+
import javax.crypto.KeyGenerator;
6+
import javax.crypto.Mac;
7+
import javax.crypto.NoSuchPaddingException;
8+
import java.security.AlgorithmParameterGenerator;
9+
import java.security.AlgorithmParameters;
10+
import java.security.KeyFactory;
11+
import java.security.KeyPairGenerator;
12+
import java.security.MessageDigest;
13+
import java.security.NoSuchAlgorithmException;
14+
import java.security.NoSuchProviderException;
15+
import java.security.Signature;
16+
import java.util.Arrays;
17+
import java.util.Collections;
18+
import java.util.HashSet;
19+
import java.util.Set;
20+
21+
public class CryptoInsts {
22+
23+
static final String PROV_NAME = "Tongsuo_Security_Provider";
24+
25+
private static final Set<String> ALGO_PARAMS_ALGOS
26+
= new HashSet<>(Arrays.asList("SM4"));
27+
28+
public static AlgorithmParameters getAlgorithmParameters(String algorithm)
29+
throws NoSuchAlgorithmException {
30+
AlgorithmParameters algoParams = null;
31+
if (ALGO_PARAMS_ALGOS.contains(algorithm)) {
32+
try {
33+
algoParams = AlgorithmParameters.getInstance(algorithm, PROV_NAME);
34+
} catch (NoSuchProviderException e) {
35+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
36+
}
37+
} else {
38+
algoParams = AlgorithmParameters.getInstance(algorithm);
39+
}
40+
return algoParams;
41+
}
42+
43+
private static final Set<String> KEY_FACTORY_ALGOS
44+
= new HashSet<>(Arrays.asList("EC", "SM2"));
45+
46+
public static KeyFactory getKeyFactory(String algorithm)
47+
throws NoSuchAlgorithmException {
48+
KeyFactory keyFactory = null;
49+
if (KEY_FACTORY_ALGOS.contains(algorithm)) {
50+
try {
51+
keyFactory = KeyFactory.getInstance(algorithm, PROV_NAME);
52+
} catch (NoSuchProviderException e) {
53+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
54+
}
55+
} else {
56+
keyFactory = KeyFactory.getInstance(algorithm);
57+
}
58+
return keyFactory;
59+
}
60+
61+
private static final Set<String> KEY_GEN_ALGOS
62+
= new HashSet<>(Arrays.asList("HMacSM3", "SM4"));
63+
64+
public static KeyGenerator getKeyGenerator(String algorithm)
65+
throws NoSuchAlgorithmException {
66+
KeyGenerator keyGenerator = null;
67+
if (KEY_GEN_ALGOS.contains(algorithm)) {
68+
try {
69+
keyGenerator = KeyGenerator.getInstance(algorithm, PROV_NAME);
70+
} catch (NoSuchProviderException e) {
71+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
72+
}
73+
} else {
74+
keyGenerator = KeyGenerator.getInstance(algorithm);
75+
}
76+
return keyGenerator;
77+
}
78+
79+
private static final Set<String> KEY_PAIR_GEN_ALGOS
80+
= new HashSet<>(Arrays.asList("SM2"));
81+
82+
public static KeyPairGenerator getKeyPairGenerator(String algorithm)
83+
throws NoSuchAlgorithmException {
84+
KeyPairGenerator keyPairGenerator = null;
85+
if (KEY_PAIR_GEN_ALGOS.contains(algorithm)) {
86+
try {
87+
keyPairGenerator = KeyPairGenerator.getInstance(algorithm, PROV_NAME);
88+
} catch (NoSuchProviderException e) {
89+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
90+
}
91+
} else {
92+
keyPairGenerator = KeyPairGenerator.getInstance(algorithm);
93+
}
94+
return keyPairGenerator;
95+
}
96+
97+
private static final Set<String> CIPHER_ALGOS
98+
= new HashSet<>(Arrays.asList("SM2", "SM4"));
99+
100+
public static Cipher getCipher(String algorithm)
101+
throws NoSuchPaddingException, NoSuchAlgorithmException {
102+
Cipher cipher = null;
103+
if (CIPHER_ALGOS.contains(algorithm)) {
104+
try {
105+
cipher = Cipher.getInstance(algorithm, PROV_NAME);
106+
} catch (NoSuchProviderException e) {
107+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
108+
}
109+
} else {
110+
cipher = Cipher.getInstance(algorithm);
111+
}
112+
return cipher;
113+
}
114+
115+
private static final Set<String> MESSAGE_DIGEST_ALGOS
116+
= new HashSet<>(Collections.singletonList("SM3"));
117+
118+
public static MessageDigest getMessageDigest(String algorithm)
119+
throws NoSuchAlgorithmException {
120+
MessageDigest messageDigest = null;
121+
if (MESSAGE_DIGEST_ALGOS.contains(algorithm)) {
122+
try {
123+
messageDigest = MessageDigest.getInstance(algorithm, PROV_NAME);
124+
} catch (NoSuchProviderException e) {
125+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
126+
}
127+
} else {
128+
messageDigest = MessageDigest.getInstance(algorithm);
129+
}
130+
131+
return messageDigest;
132+
}
133+
134+
private static final Set<String> MAC_ALGOS
135+
= new HashSet<>(Collections.singletonList("HMacSM3"));
136+
137+
public static Mac getMac(String algorithm) throws NoSuchAlgorithmException {
138+
Mac mac = null;
139+
if (MAC_ALGOS.contains(algorithm)) {
140+
try {
141+
mac = Mac.getInstance(algorithm, PROV_NAME);
142+
} catch (NoSuchProviderException e) {
143+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
144+
}
145+
} else {
146+
mac = Mac.getInstance(algorithm);
147+
}
148+
return mac;
149+
}
150+
151+
private static final Set<String> SIGNATURE_ALGOS
152+
= new HashSet<>(Arrays.asList("SM3withSM2"));
153+
154+
public static Signature getSignature(String algorithm)
155+
throws NoSuchAlgorithmException {
156+
Signature signature = null;
157+
if (SIGNATURE_ALGOS.contains(algorithm)) {
158+
try {
159+
signature = Signature.getInstance(algorithm, PROV_NAME);
160+
} catch (NoSuchProviderException e) {
161+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
162+
}
163+
} else {
164+
signature = Signature.getInstance(algorithm);
165+
}
166+
return signature;
167+
}
168+
169+
private static final Set<String> KEY_AGREEMENT_ALGOS
170+
= new HashSet<>(Arrays.asList("SM2", "ECDH"));
171+
172+
public static KeyAgreement getKeyAgreement(String algorithm)
173+
throws NoSuchAlgorithmException {
174+
KeyAgreement keyAgreement = null;
175+
if (KEY_AGREEMENT_ALGOS.contains(algorithm)) {
176+
try {
177+
keyAgreement = KeyAgreement.getInstance(algorithm, PROV_NAME);
178+
} catch (NoSuchProviderException e) {
179+
throw new IllegalStateException("No provider: " + PROV_NAME, e);
180+
}
181+
} else {
182+
keyAgreement = KeyAgreement.getInstance(algorithm);
183+
}
184+
return keyAgreement;
185+
}
186+
}
Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
package net.tongsuo.crypto;
2+
3+
import java.security.AccessController;
4+
import java.security.PrivilegedAction;
5+
6+
public final class CryptoUtils {
7+
8+
public static String privilegedGetProperty(String key, String def) {
9+
return AccessController.doPrivileged(
10+
(PrivilegedAction<String>) () -> System.getProperty(key, def));
11+
}
12+
13+
public static String privilegedGetProperty(String key) {
14+
return privilegedGetProperty(key, null);
15+
}
16+
17+
public static Boolean privilegedGetBoolProperty(String key, String def) {
18+
return AccessController.doPrivileged(
19+
(PrivilegedAction<Boolean>) () -> Boolean.parseBoolean(
20+
System.getProperty(key, def)));
21+
}
22+
23+
public static Boolean privilegedGetBoolProperty(String key) {
24+
return privilegedGetBoolProperty(key, "false");
25+
}
26+
27+
public static boolean isJdk8() {
28+
return privilegedGetProperty("java.specification.version").equals("1.8");
29+
}
30+
31+
public static boolean isJdk11() {
32+
return privilegedGetProperty("java.specification.version").equals("11");
33+
}
34+
35+
public static boolean isJdk17() {
36+
return privilegedGetProperty("java.specification.version").equals("17");
37+
}
38+
39+
public static boolean isAndroid() {
40+
return privilegedGetProperty("java.specification.vendor").equals("Android");
41+
}
42+
}

0 commit comments

Comments
 (0)