Updated jdk1.4 TLS

jpstotz · Sep 7, 2018 · 85993c9 · 85993c9
1 parent b69302c
commit 85993c9
Show file tree

Hide file tree

Showing 20 changed files with 374 additions and 29 deletions.
diff --git a/ant/jdk14.xml b/ant/jdk14.xml
@@ -106,6 +106,39 @@
                 <exclude name="**/jcajce/provider/test/*.java"/>
                 <exclude name="**/jce/provider/test/JceTestUtil.java"/>
             </fileset>
+
+            <fileset dir="tls/src/main/java" includes="**/*.java">
+                <exclude name="**/jsse/**"/>
+                <exclude name="**/JceTlsECDomain.java"/>
+                <exclude name="**/JceX25519Domain.java"/>
+                <exclude name="**/JceX448Domain.java"/>
+                <exclude name="**/JceTlsECDH.java"/>
+                <exclude name="**/JceDefaultTlsCredentialedAgreement.java"/>
+                <exclude name="**/JceAEADCipherImpl.java"/>
+                <exclude name="**/JceBlockCipherWithCBCImplicitIVImpl.java"/>
+                <exclude name="**/JceBlockCipherImpl.java"/>
+                <exclude name="**/JcaTlsRSAVerifier.java"/>
+                <exclude name="**/JcaTlsDSSVerifier.java"/>
+                <exclude name="**/JcaTlsCryptoProvider.java"/>
+                <exclude name="**/JcaTlsCertificate.java"/>
+                <exclude name="**/JcaTlsCrypto.java"/>
+                <exclude name="**/JceTlsSecret.java"/>
+                <exclude name="**/JcaDefaultTlsCredentialedSigner.java"/>
+                <exclude name="**/bc/BcDefaultTlsCredentialedSigner.java"/>
+
+            </fileset>
+            <fileset dir="tls/src/main/jdk1.4" includes="**/*.java"/>
+            <fileset dir="tls/src/main/javadoc" includes="**/*.html"/>
+            <fileset dir="tls/src/test/java" includes="**/*.java">
+                <exclude name="**/jsse/**"/>
+                <exclude name="**/CertChainUtil.java"/>
+                <exclude name="**/TlsTestUtils.java"/>
+            </fileset>
+            <fileset dir="tls/src/test/jdk1.4" includes="**/*.java">
+            </fileset>
+
+            <fileset dir="tls/src/test/resources" includes="**/*.*"/>
+
             <fileset dir="core/src/test/" includes="**/*.properties"/>
             <fileset dir="prov/src/main/resources" includes="**/*.properties"/>
             <fileset dir="pkix/src/test/resources" includes="**/*.*"/>
@@ -144,6 +177,7 @@
             <fileset dir="pg/src/test/jdk1.4" includes="**/*.java"/>
             <fileset dir="pkix/src/test/jdk1.4" includes="**/*.java"/>
         </copy>
+
         <replaceregexp match="${regexp}" replace=" " flags="g" byline="true">
             <fileset dir="${src.dir}">
                 <include name="**/*.java"/>

diff --git a/core/src/main/jdk1.4/org/bouncycastle/util/Arrays.java b/core/src/main/jdk1.4/org/bouncycastle/util/Arrays.java
@@ -918,6 +918,44 @@ public static int[] append(int[] a, int b)
         return result;
     }
 
+    public static int compareUnsigned(byte[] a, byte[] b)
+    {
+        if (a == b)
+        {
+            return 0;
+        }
+        if (a == null)
+        {
+            return -1;
+        }
+        if (b == null)
+        {
+            return 1;
+        }
+        int minLen = Math.min(a.length, b.length);
+        for (int i = 0; i < minLen; ++i)
+        {
+            int aVal = a[i] & 0xFF, bVal = b[i] & 0xFF;
+            if (aVal < bVal)
+            {
+                return -1;
+            }
+            if (aVal > bVal)
+            {
+                return 1;
+            }
+        }
+        if (a.length < b.length)
+        {
+            return -1;
+        }
+        if (a.length > b.length)
+        {
+            return 1;
+        }
+        return 0;
+    }
+
     public static byte[] concatenate(byte[] a, byte[] b)
     {
         if (a != null && b != null)

diff --git a/tls/src/main/jdk1.4/.DS_Store b/tls/src/main/jdk1.4/.DS_Store
diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/bc/BcDefaultTlsCredentialedSigner.java
@@ -44,7 +44,7 @@ else if (privateKey instanceof Ed25519PrivateKeyParameters)
             }
             catch (IOException e)
             {
-                throw new org.bouncycastle.exceptions.IllegalArgumentException(e);
+                throw new org.bouncycastle.tls.exceptions.IllegalArgumentException(e);
             }
         }
         else if (privateKey instanceof Ed448PrivateKeyParameters)
@@ -56,7 +56,7 @@ else if (privateKey instanceof Ed448PrivateKeyParameters)
             }
             catch (IOException e)
             {
-                throw new org.bouncycastle.exceptions.IllegalArgumentException(e);
+                throw new org.bouncycastle.tls.exceptions.IllegalArgumentException(e);
             }
         }
         else

diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java
@@ -531,7 +531,7 @@ public TlsHash createHash(short algorithm)
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalArgumentException("unable to create message digest:" + e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalArgumentException("unable to create message digest:" + e.getMessage(), e);
         }
     }
 

diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCryptoProvider.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCryptoProvider.java
@@ -79,7 +79,7 @@ public TlsCrypto create(SecureRandom random)
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException("unable to create TlsCrypto: " + e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to create TlsCrypto: " + e.getMessage(), e);
         }
     }
 
@@ -107,7 +107,7 @@ public Provider getPkixProvider()
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException("unable to find CertificateFactory");
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to find CertificateFactory");
         }
     }
 
@@ -181,7 +181,7 @@ private void runDigest(byte[] x, byte[] y, byte[] z)
                 }
                 catch (DigestException e)
                 {
-                    throw new org.bouncycastle.exceptions.IllegalStateException("unable to generate nonce data: " + e.getMessage(), e);
+                    throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to generate nonce data: " + e.getMessage(), e);
                 }
             }
         }

diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsDSSVerifier.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsDSSVerifier.java
@@ -68,7 +68,7 @@ public boolean verifyRawSignature(DigitallySigned signedParams, byte[] hash)
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException("unable to process signature: " + e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to process signature: " + e.getMessage(), e);
         }
     }
 }
diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsRSAVerifier.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsRSAVerifier.java
@@ -132,7 +132,7 @@ public boolean verifyRawSignature(DigitallySigned signedParams, byte[] hash) thr
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException("unable to process signature: " + e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to process signature: " + e.getMessage(), e);
         }
     }
 

diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceAEADCipherImpl.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceAEADCipherImpl.java
@@ -100,7 +100,7 @@ public void init(byte[] nonce, int macSize, byte[] additionalData)
         }
         catch (Exception e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException(e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException(e.getMessage(), e);
         }
     }
 
@@ -117,7 +117,7 @@ public int doFinal(byte[] input, int inputOffset, int inputLength, byte[] output
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException(e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException(e);
         }
     }
 }
diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceBlockCipherImpl.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceBlockCipherImpl.java
@@ -42,7 +42,7 @@ public void init(byte[] iv, int ivOff, int ivLen)
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException(e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException(e);
         }
     }
 
@@ -54,7 +54,7 @@ public int doFinal(byte[] input, int inputOffset, int inputLength, byte[] output
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException(e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException(e);
         }
     }
 

diff --git a/...n/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceBlockCipherWithCBCImplicitIVImpl.java b/...n/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceBlockCipherWithCBCImplicitIVImpl.java
@@ -71,7 +71,7 @@ public int doFinal(byte[] input, int inputOffset, int inputLength, byte[] output
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException(e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException(e);
         }
     }
 

diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsECDomain.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsECDomain.java
@@ -126,7 +126,7 @@ public KeyPair generateKeyPair()
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException("unable to create key pair: " + e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to create key pair: " + e.getMessage(), e);
         }
     }
 
@@ -180,7 +180,7 @@ private void init(int namedGroup)
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException("unable to create key pair: " + e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to create key pair: " + e.getMessage(), e);
         }
     }
 

diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceX25519Domain.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceX25519Domain.java
@@ -107,7 +107,7 @@ public KeyPair generateKeyPair()
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException("unable to create key pair: " + e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to create key pair: " + e.getMessage(), e);
         }
     }
 }
diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceX448Domain.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JceX448Domain.java
@@ -107,7 +107,7 @@ public KeyPair generateKeyPair()
         }
         catch (GeneralSecurityException e)
         {
-            throw new org.bouncycastle.exceptions.IllegalStateException("unable to create key pair: " + e.getMessage(), e);
+            throw new org.bouncycastle.tls.exceptions.IllegalStateException("unable to create key pair: " + e.getMessage(), e);
         }
     }
 }
diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/exceptions/IllegalArgumentException.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/exceptions/IllegalArgumentException.java
@@ -0,0 +1,30 @@
+package org.bouncycastle.tls.exceptions;
+
+public class IllegalArgumentException
+    extends java.lang.IllegalArgumentException
+{
+    final Throwable cause;
+
+    public IllegalArgumentException(Throwable cause)
+    {
+        this.cause = cause;
+    }
+
+    public IllegalArgumentException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+
+    public IllegalArgumentException(String s)
+    {
+        super(s);
+        this.cause = null;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}
diff --git a/tls/src/main/jdk1.4/org/bouncycastle/tls/exceptions/IllegalStateException.java b/tls/src/main/jdk1.4/org/bouncycastle/tls/exceptions/IllegalStateException.java
@@ -0,0 +1,30 @@
+package org.bouncycastle.tls.exceptions;
+
+public class IllegalStateException
+    extends java.lang.IllegalArgumentException
+{
+    final Throwable cause;
+
+    public IllegalStateException(Throwable cause)
+    {
+        this.cause = cause;
+    }
+
+    public IllegalStateException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+
+    public IllegalStateException(String s)
+    {
+        super(s);
+        this.cause = null;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}
diff --git a/tls/src/test/java/org/bouncycastle/jsse/provider/test/CipherSuitesTestSuite.java b/tls/src/test/java/org/bouncycastle/jsse/provider/test/CipherSuitesTestSuite.java
@@ -18,16 +18,17 @@
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.jsse.provider.BouncyCastleJsseProvider;
 
-public class CipherSuitesTestSuite extends TestSuite
+public class CipherSuitesTestSuite
+    extends TestSuite
 {
     static final boolean hasSslParameters;
 
     static
     {
-        Class<?> clazz = null;
+        Class clazz = null;
         try
         {
-            clazz = loadClass(CipherSuitesTestSuite.class,"javax.net.ssl.SSLParameters");
+            clazz = loadClass(CipherSuitesTestSuite.class, "javax.net.ssl.SSLParameters");
         }
         catch (Exception e)
         {
@@ -79,7 +80,8 @@ public CipherSuitesTestSuite()
         super("CipherSuites");
     }
 
-    public static Test suite() throws Exception
+    public static Test suite()
+        throws Exception
     {
         String javaVersion = System.getProperty("java.version");
         boolean oldJDK = javaVersion.startsWith("1.5") || javaVersion.startsWith("1.6");
@@ -93,7 +95,7 @@ public static Test suite() throws Exception
         Security.removeProvider(BouncyCastleJsseProvider.PROVIDER_NAME);
         Security.insertProviderAt(bcjsse, 2);
 
-        
+
         CipherSuitesTestSuite testSuite = new CipherSuitesTestSuite();
 
         char[] serverPassword = "serverPassword".toCharArray();
@@ -108,9 +110,9 @@ public static Test suite() throws Exception
 
         KeyStore ks = KeyStore.getInstance("JKS");
         ks.load(null, null);
-        ks.setKeyEntry("serverDSA", caKeyPairDSA.getPrivate(), serverPassword, new X509Certificate[]{ caCertDSA });
-        ks.setKeyEntry("serverEC", caKeyPairEC.getPrivate(), serverPassword, new X509Certificate[]{ caCertEC });
-        ks.setKeyEntry("serverRSA", caKeyPairRSA.getPrivate(), serverPassword, new X509Certificate[]{ caCertRSA });
+        ks.setKeyEntry("serverDSA", caKeyPairDSA.getPrivate(), serverPassword, new X509Certificate[]{caCertDSA});
+        ks.setKeyEntry("serverEC", caKeyPairEC.getPrivate(), serverPassword, new X509Certificate[]{caCertEC});
+        ks.setKeyEntry("serverRSA", caKeyPairRSA.getPrivate(), serverPassword, new X509Certificate[]{caCertRSA});
 
         KeyStore ts = KeyStore.getInstance("JKS");
         ts.load(null, null);
@@ -127,19 +129,22 @@ public static Test suite() throws Exception
         else
         {
             TrustManagerFactory trustMgrFact = TrustManagerFactory.getInstance("PKIX",
-                      BouncyCastleJsseProvider.PROVIDER_NAME);
+                BouncyCastleJsseProvider.PROVIDER_NAME);
 
             trustMgrFact.init(ts);
 
             sslContext.init(null, trustMgrFact.getTrustManagers(),
-                 SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
+                SecureRandom.getInstance("DEFAULT", BouncyCastleProvider.PROVIDER_NAME));
             cipherSuites = sslContext.getSocketFactory().getSupportedCipherSuites();
         }
 
         Arrays.sort(cipherSuites);
 
-        for (String cipherSuite : cipherSuites)
+
+        for (int t = 0; t < cipherSuites.length; t++)
         {
+            String cipherSuite = cipherSuites[t];
+
             /*
              * TODO[jsse] Note that there may be failures for cipher suites that are listed as supported
              * even though the TlsCrypto instance doesn't implement them (JcaTlsCrypto is dependent on the
-Original file line number
+Diff line change
@@ Expand Up / @@ -531,7 +531,7 @@ public TlsHash createHash(short algorithm) @@
             }
             catch (GeneralSecurityException e)
             {
-                throw new org.bouncycastle.exceptions.IllegalArgumentException("unable to create message digest:" + e.getMessage(), e);
+                throw new org.bouncycastle.tls.exceptions.IllegalArgumentException("unable to create message digest:" + e.getMessage(), e);
             }
         }
@@ Expand Down @@