Fix non-BC EC private key usage
This is a port of the previous patch to BC 1.47
Change-Id: I67d95635e05379fdbd09560c5be622de08f6018f
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java
index 80ff2af..2c44d2a 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtil.java
@@ -154,6 +154,16 @@
k.getD(),
new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
}
+// BEGIN android-added
+ else if (key instanceof java.security.interfaces.ECPrivateKey)
+ {
+ java.security.interfaces.ECPrivateKey privKey = (java.security.interfaces.ECPrivateKey)key;
+ ECParameterSpec s = EC5Util.convertSpec(privKey.getParams(), false);
+ return new ECPrivateKeyParameters(
+ privKey.getS(),
+ new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
+ }
+// END android-added
throw new InvalidKeyException("can't identify EC private key.");
}
diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
index a92b7da..f5fbc3b 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
@@ -5,6 +5,9 @@
import java.security.InvalidKeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
+// BEGIN android-added
+import java.security.interfaces.ECPrivateKey;
+// END android-added
import java.security.interfaces.ECPublicKey;
import org.bouncycastle.asn1.ASN1EncodableVector;
@@ -95,7 +98,25 @@
}
else
{
+// BEGIN android-added
+ try
+ {
+ if (privateKey instanceof ECPrivateKey)
+ {
+ param = ECUtil.generatePrivateKeyParameter(privateKey);
+ }
+ else
+ {
+ throw new InvalidKeyException("can't recognise key type in ECDSA based signer");
+ }
+ }
+ catch (Exception e)
+ {
+// END android-added
throw new InvalidKeyException("can't recognise key type in ECDSA based signer");
+// BEGIN android-added
+ }
+// END android-added
}
digest.reset();
diff --git a/patches/bcprov.patch b/patches/bcprov.patch
index 5feae73..7f45753 100644
--- a/patches/bcprov.patch
+++ b/patches/bcprov.patch
@@ -2043,7 +2043,24 @@
import org.bouncycastle.asn1.x9.X962NamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-@@ -166,14 +170,16 @@
+@@ -150,6 +154,16 @@
+ k.getD(),
+ new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
+ }
++// BEGIN android-added
++ else if (key instanceof java.security.interfaces.ECPrivateKey)
++ {
++ java.security.interfaces.ECPrivateKey privKey = (java.security.interfaces.ECPrivateKey)key;
++ ECParameterSpec s = EC5Util.convertSpec(privKey.getParams(), false);
++ return new ECPrivateKeyParameters(
++ privKey.getS(),
++ new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
++ }
++// END android-added
+
+ throw new InvalidKeyException("can't identify EC private key.");
+ }
+@@ -166,14 +180,16 @@
{
oid = NISTNamedCurves.getOID(name);
}
@@ -2587,7 +2604,17 @@
diff -Naur bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
--- bcprov-jdk15on-147.orig/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2012-03-22 15:11:48.000000000 +0000
+++ bcprov-jdk15on-147/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java 2012-09-19 21:17:12.000000000 +0000
-@@ -18,15 +18,22 @@
+@@ -5,6 +5,9 @@
+ import java.security.InvalidKeyException;
+ import java.security.PrivateKey;
+ import java.security.PublicKey;
++// BEGIN android-added
++import java.security.interfaces.ECPrivateKey;
++// END android-added
+ import java.security.interfaces.ECPublicKey;
+
+ import org.bouncycastle.asn1.ASN1EncodableVector;
+@@ -18,15 +21,22 @@
import org.bouncycastle.crypto.DSA;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.NullDigest;
@@ -2617,7 +2644,33 @@
import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase;
import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder;
import org.bouncycastle.jce.interfaces.ECKey;
-@@ -108,7 +115,9 @@
+@@ -88,7 +98,25 @@
+ }
+ else
+ {
++// BEGIN android-added
++ try
++ {
++ if (privateKey instanceof ECPrivateKey)
++ {
++ param = ECUtil.generatePrivateKeyParameter(privateKey);
++ }
++ else
++ {
++ throw new InvalidKeyException("can't recognise key type in ECDSA based signer");
++ }
++ }
++ catch (Exception e)
++ {
++// END android-added
+ throw new InvalidKeyException("can't recognise key type in ECDSA based signer");
++// BEGIN android-added
++ }
++// END android-added
+ }
+
+ digest.reset();
+@@ -108,7 +136,9 @@
{
public ecDSA()
{
@@ -2628,7 +2681,7 @@
}
}
-@@ -121,21 +130,25 @@
+@@ -121,21 +151,25 @@
}
}
@@ -2663,7 +2716,7 @@
}
}
-@@ -144,7 +157,9 @@
+@@ -144,7 +178,9 @@
{
public ecDSA384()
{
@@ -2674,7 +2727,7 @@
}
}
-@@ -153,90 +168,94 @@
+@@ -153,90 +189,94 @@
{
public ecDSA512()
{
@@ -2853,7 +2906,7 @@
private static class StdDSAEncoder
implements DSAEncoder
-@@ -330,4 +349,4 @@
+@@ -330,4 +370,4 @@
return sig;
}
}
