Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/classes/sun/security/util/ECUtil.java
38830 views
/*1* Copyright (c) 2006, 2020, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package sun.security.util;2627import java.io.IOException;2829import java.math.BigInteger;3031import java.security.*;3233import java.security.interfaces.*;3435import java.security.spec.*;3637import java.util.Arrays;3839import sun.security.x509.X509Key;4041public final class ECUtil {4243// Used by SunPKCS11 and SunJSSE.44public static ECPoint decodePoint(byte[] data, EllipticCurve curve)45throws IOException {46if ((data.length == 0) || (data[0] != 4)) {47throw new IOException("Only uncompressed point format supported");48}49// Per ANSI X9.62, an encoded point is a 1 byte type followed by50// ceiling(log base 2 field-size / 8) bytes of x and the same of y.51int n = (data.length - 1) / 2;52if (n != ((curve.getField().getFieldSize() + 7 ) >> 3)) {53throw new IOException("Point does not match field size");54}5556byte[] xb = Arrays.copyOfRange(data, 1, 1 + n);57byte[] yb = Arrays.copyOfRange(data, n + 1, n + 1 + n);5859return new ECPoint(new BigInteger(1, xb), new BigInteger(1, yb));60}6162// Used by SunPKCS11 and SunJSSE.63public static byte[] encodePoint(ECPoint point, EllipticCurve curve) {64// get field size in bytes (rounding up)65int n = (curve.getField().getFieldSize() + 7) >> 3;66byte[] xb = trimZeroes(point.getAffineX().toByteArray());67byte[] yb = trimZeroes(point.getAffineY().toByteArray());68if ((xb.length > n) || (yb.length > n)) {69throw new RuntimeException70("Point coordinates do not match field size");71}72byte[] b = new byte[1 + (n << 1)];73b[0] = 4; // uncompressed74System.arraycopy(xb, 0, b, n - xb.length + 1, xb.length);75System.arraycopy(yb, 0, b, b.length - yb.length, yb.length);76return b;77}7879public static byte[] trimZeroes(byte[] b) {80int i = 0;81while ((i < b.length - 1) && (b[i] == 0)) {82i++;83}84if (i == 0) {85return b;86}8788return Arrays.copyOfRange(b, i, b.length);89}9091public static AlgorithmParameters getECParameters(Provider p) {92try {93if (p != null) {94return AlgorithmParameters.getInstance("EC", p);95}9697return AlgorithmParameters.getInstance("EC");98} catch (NoSuchAlgorithmException nsae) {99throw new RuntimeException(nsae);100}101}102103public static byte[] encodeECParameterSpec(Provider p,104ECParameterSpec spec) {105AlgorithmParameters parameters = getECParameters(p);106107try {108parameters.init(spec);109} catch (InvalidParameterSpecException ipse) {110throw new RuntimeException("Not a known named curve: " + spec);111}112113try {114return parameters.getEncoded();115} catch (IOException ioe) {116// it is a bug if this should happen117throw new RuntimeException(ioe);118}119}120121public static ECParameterSpec getECParameterSpec(Provider p,122ECParameterSpec spec) {123AlgorithmParameters parameters = getECParameters(p);124125try {126parameters.init(spec);127return parameters.getParameterSpec(ECParameterSpec.class);128} catch (InvalidParameterSpecException ipse) {129return null;130}131}132133public static ECParameterSpec getECParameterSpec(Provider p,134byte[] params)135throws IOException {136AlgorithmParameters parameters = getECParameters(p);137138parameters.init(params);139140try {141return parameters.getParameterSpec(ECParameterSpec.class);142} catch (InvalidParameterSpecException ipse) {143return null;144}145}146147public static ECParameterSpec getECParameterSpec(Provider p, String name) {148AlgorithmParameters parameters = getECParameters(p);149150try {151parameters.init(new ECGenParameterSpec(name));152return parameters.getParameterSpec(ECParameterSpec.class);153} catch (InvalidParameterSpecException ipse) {154return null;155}156}157158public static ECParameterSpec getECParameterSpec(Provider p, int keySize) {159AlgorithmParameters parameters = getECParameters(p);160161try {162parameters.init(new ECKeySizeParameterSpec(keySize));163return parameters.getParameterSpec(ECParameterSpec.class);164} catch (InvalidParameterSpecException ipse) {165return null;166}167168}169170public static String getCurveName(Provider p, ECParameterSpec spec) {171ECGenParameterSpec nameSpec;172AlgorithmParameters parameters = getECParameters(p);173174try {175parameters.init(spec);176nameSpec = parameters.getParameterSpec(ECGenParameterSpec.class);177} catch (InvalidParameterSpecException ipse) {178return null;179}180181if (nameSpec == null) {182return null;183}184185return nameSpec.getName();186}187188public static boolean equals(ECParameterSpec spec1, ECParameterSpec spec2) {189if (spec1 == spec2) {190return true;191}192193if (spec1 == null || spec2 == null) {194return false;195}196return (spec1.getCofactor() == spec2.getCofactor() &&197spec1.getOrder().equals(spec2.getOrder()) &&198spec1.getCurve().equals(spec2.getCurve()) &&199spec1.getGenerator().equals(spec2.getGenerator()));200}201202// Convert the concatenation R and S in into their DER encoding203public static byte[] encodeSignature(byte[] signature) throws SignatureException {204205try {206207int n = signature.length >> 1;208byte[] bytes = new byte[n];209System.arraycopy(signature, 0, bytes, 0, n);210BigInteger r = new BigInteger(1, bytes);211System.arraycopy(signature, n, bytes, 0, n);212BigInteger s = new BigInteger(1, bytes);213214DerOutputStream out = new DerOutputStream(signature.length + 10);215out.putInteger(r);216out.putInteger(s);217DerValue result =218new DerValue(DerValue.tag_Sequence, out.toByteArray());219220return result.toByteArray();221222} catch (Exception e) {223throw new SignatureException("Could not encode signature", e);224}225}226227// Convert the DER encoding of R and S into a concatenation of R and S228public static byte[] decodeSignature(byte[] sig) throws SignatureException {229230try {231// Enforce strict DER checking for signatures232DerInputStream in = new DerInputStream(sig, 0, sig.length, false);233DerValue[] values = in.getSequence(2);234235// check number of components in the read sequence236// and trailing data237if ((values.length != 2) || (in.available() != 0)) {238throw new IOException("Invalid encoding for signature");239}240241BigInteger r = values[0].getPositiveBigInteger();242BigInteger s = values[1].getPositiveBigInteger();243244// trim leading zeroes245byte[] rBytes = trimZeroes(r.toByteArray());246byte[] sBytes = trimZeroes(s.toByteArray());247int k = Math.max(rBytes.length, sBytes.length);248// r and s each occupy half the array249byte[] result = new byte[k << 1];250System.arraycopy(rBytes, 0, result, k - rBytes.length,251rBytes.length);252System.arraycopy(sBytes, 0, result, result.length - sBytes.length,253sBytes.length);254return result;255256} catch (Exception e) {257throw new SignatureException("Invalid encoding for signature", e);258}259}260261private ECUtil() {}262}263264265