Merge branch 'main' of gitlab.cryptoworkshop.com:root/bc-java

Author: dghgit

core/src/main/java/org/bouncycastle/asn1/x509/CertificateList.java

@@ -117,6 +117,11 @@ public Time getNextUpdate()
         return tbsCertList.getNextUpdate();
     }
 
+    public Extensions getExtensions()
+    {
+        return tbsCertList.getExtensions();
+    }
+
     public ASN1Primitive toASN1Primitive()
     {
         ASN1EncodableVector v = new ASN1EncodableVector(3);

core/src/main/java/org/bouncycastle/asn1/x509/Extensions.java

@@ -8,6 +8,7 @@
 import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1Object;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1OctetString;
 import org.bouncycastle.asn1.ASN1Primitive;
 import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.ASN1TaggedObject;
@@ -40,6 +41,11 @@ public static ASN1Encodable getExtensionParsedValue(Extensions extensions, ASN1O
         return null == extensions ? null : extensions.getExtensionParsedValue(oid);
     }
 
+    public static ASN1OctetString getExtensionValue(Extensions extensions, ASN1ObjectIdentifier oid)
+    {
+        return null == extensions ? null : extensions.getExtensionValue(oid);
+    }
+
     public static Extensions getInstance(
         ASN1TaggedObject obj,
         boolean explicit)
@@ -141,8 +147,7 @@ public Enumeration oids()
      *
      * @return the extension if it's present, null otherwise.
      */
-    public Extension getExtension(
-        ASN1ObjectIdentifier oid)
+    public Extension getExtension(ASN1ObjectIdentifier oid)
     {
         return (Extension)extensions.get(oid);
     }
@@ -155,14 +160,19 @@ public Extension getExtension(
      */
     public ASN1Encodable getExtensionParsedValue(ASN1ObjectIdentifier oid)
     {
-        Extension ext = this.getExtension(oid);
-
-        if (ext != null)
-        {
-            return ext.getParsedValue();
-        }
+        Extension ext = getExtension(oid);
+        return ext == null ? null : ext.getParsedValue();
+    }
 
-        return null;
+    /**
+     * return the value of the extension represented by the object identifier passed in.
+     *
+     * @return the value of the extension if it's present, null otherwise.
+     */
+    public ASN1OctetString getExtensionValue(ASN1ObjectIdentifier oid)
+    {
+        Extension ext = getExtension(oid);
+        return ext == null ? null : ext.getExtnValue();
     }
 
     /**
@@ -229,6 +239,21 @@ public ASN1ObjectIdentifier[] getCriticalExtensionOIDs()
         return getExtensionOIDs(true);
     }
 
+    public boolean hasAnyCriticalExtensions()
+    {
+        for (int i = 0; i != ordering.size(); i++)
+        {
+            Object oid = ordering.elementAt(i);
+
+            if (((Extension)extensions.get(oid)).isCritical())
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
     private ASN1ObjectIdentifier[] getExtensionOIDs(boolean isCritical)
     {
         Vector oidVec = new Vector();

core/src/main/java/org/bouncycastle/crypto/agreement/BasicRawAgreement.java

@@ -0,0 +1,40 @@
+package org.bouncycastle.crypto.agreement;
+
+import java.math.BigInteger;
+
+import org.bouncycastle.crypto.BasicAgreement;
+import org.bouncycastle.crypto.CipherParameters;
+import org.bouncycastle.crypto.RawAgreement;
+import org.bouncycastle.util.BigIntegers;
+
+public final class BasicRawAgreement
+    implements RawAgreement
+{
+    public final BasicAgreement basicAgreement;
+
+    public BasicRawAgreement(BasicAgreement basicAgreement)
+    {
+        if (basicAgreement == null)
+        {
+            throw new NullPointerException("'basicAgreement' cannot be null");
+        }
+
+        this.basicAgreement = basicAgreement;
+    }
+
+    public void init(CipherParameters parameters)
+    {
+        basicAgreement.init(parameters);
+    }
+
+    public int getAgreementSize()
+    {
+        return basicAgreement.getFieldSize();
+    }
+
+    public void calculateAgreement(CipherParameters publicKey, byte[] buf, int off)
+    {
+        BigInteger z = basicAgreement.calculateAgreement(publicKey);
+        BigIntegers.asUnsignedByteArray(z, buf, off, getAgreementSize());
+    }
+}

core/src/main/java/org/bouncycastle/crypto/hpke/AEAD.java

@@ -9,11 +9,11 @@
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
 import org.bouncycastle.util.Arrays;
+import org.bouncycastle.util.Bytes;
 import org.bouncycastle.util.Pack;
 
 public class AEAD
 {
-
     private final short aeadId;
     private final byte[] key;
     private final byte[] baseNonce;
@@ -32,7 +32,7 @@ public AEAD(short aeadId, byte[] key, byte[] baseNonce)
         {
         case HPKE.aead_AES_GCM128:
         case HPKE.aead_AES_GCM256:
-            cipher = new GCMBlockCipher(new AESEngine());
+            cipher = GCMBlockCipher.newInstance(AESEngine.newInstance());
             break;
         case HPKE.aead_CHACHA20_POLY1305:
             cipher = new ChaCha20Poly1305();
@@ -42,106 +42,73 @@ public AEAD(short aeadId, byte[] key, byte[] baseNonce)
         }
     }
 
+    // used by Sender
+    public byte[] seal(byte[] aad, byte[] pt)
+        throws InvalidCipherTextException
+    {
+        return process(true, aad, pt, 0, pt.length);
+    }
 
     // used by Sender
     public byte[] seal(byte[] aad, byte[] pt, int ptOffset, int ptLength)
         throws InvalidCipherTextException
     {
-        if (ptOffset < 0 || ptOffset > pt.length)
-        {
-            throw new IndexOutOfBoundsException("Invalid offset");
-        }
-        if (ptOffset + ptLength > pt.length)
-        {
-            throw new IndexOutOfBoundsException("Invalid length");
-        }
-
-        CipherParameters params;
-        switch (aeadId)
-        {
-        case HPKE.aead_AES_GCM128:
-        case HPKE.aead_AES_GCM256:
-        case HPKE.aead_CHACHA20_POLY1305:
-            params = new ParametersWithIV(new KeyParameter(key), ComputeNonce());
-            break;
-        case HPKE.aead_EXPORT_ONLY:
-        default:
-            throw new IllegalStateException("Export only mode, cannot be used to seal/open");
-        }
-        cipher.init(true, params);
-        cipher.processAADBytes(aad, 0, aad.length);
-        byte[] ct = new byte[cipher.getOutputSize(ptLength)];
-        int len = cipher.processBytes(pt, ptOffset, ptLength, ct, 0);
-        cipher.doFinal(ct, len);
+        Arrays.validateSegment(pt, ptOffset, ptLength);
 
-        seq++;
-        return ct;
+        return process(true, aad, pt, ptOffset, ptLength);
     }
 
-    // used by Sender
-    public byte[] seal(byte[] aad, byte[] pt)
+    // used by Receiver
+    public byte[] open(byte[] aad, byte[] ct)
         throws InvalidCipherTextException
     {
-        return this.seal(aad, pt, 0, pt.length);
+        return process(false, aad, ct, 0, ct.length);
     }
 
     // used by Receiver
     public byte[] open(byte[] aad, byte[] ct, int ctOffset, int ctLength)
         throws InvalidCipherTextException
     {
-        if (ctOffset < 0 || ctOffset > ct.length)
-        {
-            throw new IndexOutOfBoundsException("Invalid offset");
-        }
-        if (ctOffset + ctLength > ct.length)
-        {
-            throw new IndexOutOfBoundsException("Invalid length");
-        }
+        Arrays.validateSegment(ct, ctOffset, ctLength);
+
+        return process(false, aad, ct, ctOffset, ctLength);
+    }
+
+    private byte[] computeNonce()
+    {
+        byte[] seq_bytes = Pack.longToBigEndian(seq++);
+        byte[] nonce = Arrays.clone(baseNonce);
+        Bytes.xorTo(8, seq_bytes, 0, nonce, nonce.length - 8);
+        return nonce;
+    }
 
+    private byte[] process(boolean forEncryption, byte[] aad, byte[] buf, int off, int len)
+        throws InvalidCipherTextException
+    {
         CipherParameters params;
         switch (aeadId)
         {
         case HPKE.aead_AES_GCM128:
         case HPKE.aead_AES_GCM256:
         case HPKE.aead_CHACHA20_POLY1305:
-            params = new ParametersWithIV(new KeyParameter(key), ComputeNonce());
+            params = new ParametersWithIV(new KeyParameter(key), computeNonce());
             break;
         case HPKE.aead_EXPORT_ONLY:
         default:
             throw new IllegalStateException("Export only mode, cannot be used to seal/open");
         }
 
-        cipher.init(false, params);
+        cipher.init(forEncryption, params);
         cipher.processAADBytes(aad, 0, aad.length);
 
-        byte[] pt = new byte[cipher.getOutputSize(ctLength)];
-        int len = cipher.processBytes(ct, ctOffset, ctLength, pt, 0);
-        len += cipher.doFinal(pt, len);
-
-        seq++;
-        return pt;
-    }
-
-    // used by Receiver
-    public byte[] open(byte[] aad, byte[] ct)
-        throws InvalidCipherTextException
-    {
-        return this.open(aad, ct, 0, ct.length);
-    }
-
-    private byte[] ComputeNonce()
-    {
-        byte[] seq_bytes = Pack.longToBigEndian(seq);
-        int Nn = baseNonce.length;
-        byte[] nonce = Arrays.clone(baseNonce);
-        //xor
-        for (int i = 0; i < 8; i++)
+        byte[] output = new byte[cipher.getOutputSize(len)];
+        int pos = cipher.processBytes(buf, off, len, output, 0);
+        pos += cipher.doFinal(output, pos);
+        if (pos != output.length)
         {
-            nonce[Nn - 8 + i] ^= seq_bytes[i];
+            // Existing AEAD modes should return exact value for getOutputSize.
+            throw new IllegalStateException();
         }
-        return nonce;
+        return output;
     }
-
-
 }
-