Skip to content

Commit 4020682

Browse files
author
Valerie Peng
committed
8172366: Support SHA-3 based signatures
Enhance default JDK providers including SUN, SunRsaSign, and SunEC, with signatures using SHA-3 family of digests. Reviewed-by: xuelei
1 parent 46598c8 commit 4020682

File tree

20 files changed

+671
-93
lines changed

20 files changed

+671
-93
lines changed

src/java.base/share/classes/java/security/spec/MGF1ParameterSpec.java

Lines changed: 29 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/*
2-
* Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
2+
* Copyright (c) 2003, 2020, Oracle and/or its affiliates. All rights reserved.
33
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44
*
55
* This code is free software; you can redistribute it and/or modify it
@@ -108,6 +108,34 @@ public class MGF1ParameterSpec implements AlgorithmParameterSpec {
108108
public static final MGF1ParameterSpec SHA512_256 =
109109
new MGF1ParameterSpec("SHA-512/256");
110110

111+
/**
112+
* The MGF1ParameterSpec which uses SHA3-224 message digest
113+
* @since 16
114+
*/
115+
public static final MGF1ParameterSpec SHA3_224 =
116+
new MGF1ParameterSpec("SHA3-224");
117+
118+
/**
119+
* The MGF1ParameterSpec which uses SHA3-256 message digest
120+
* @since 16
121+
*/
122+
public static final MGF1ParameterSpec SHA3_256 =
123+
new MGF1ParameterSpec("SHA3-256");
124+
125+
/**
126+
* The MGF1ParameterSpec which uses SHA3-384 message digest
127+
* @since 16
128+
*/
129+
public static final MGF1ParameterSpec SHA3_384 =
130+
new MGF1ParameterSpec("SHA3-384");
131+
132+
/**
133+
* The MGF1ParameterSpec which uses SHA3-512 message digest
134+
* @since 16
135+
*/
136+
public static final MGF1ParameterSpec SHA3_512 =
137+
new MGF1ParameterSpec("SHA3-512");
138+
111139
private String mdName;
112140

113141
/**

src/java.base/share/classes/sun/security/provider/DSA.java

Lines changed: 119 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/*
2-
* Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
2+
* Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
33
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44
*
55
* This code is free software; you can redistribute it and/or modify it
@@ -47,11 +47,16 @@
4747
* Standards and Technology (NIST), using SHA digest algorithms
4848
* from FIPS180-3.
4949
*
50-
* This file contains both the signature implementation for the
51-
* commonly used SHA1withDSA (DSS), SHA224withDSA, SHA256withDSA,
52-
* as well as RawDSA, used by TLS among others. RawDSA expects
53-
* the 20 byte SHA-1 digest as input via update rather than the
54-
* original data like other signature implementations.
50+
* This file contains the signature implementation for the
51+
* SHA1withDSA (DSS), SHA224withDSA, SHA256withDSA, SHA384withDSA,
52+
* SHA512withDSA, SHA3-224withDSA, SHA3-256withDSA, SHA3-384withDSA,
53+
* SHA3-512withDSA, as well as RawDSA, used by TLS among others.
54+
* RawDSA expects the 20 byte SHA-1 digest as input via update rather
55+
* than the original data like other signature implementations.
56+
*
57+
* In addition, IEEE P1363 signature format is supported. The
58+
* corresponding implementation is registered under <sig>inP1363Format,
59+
* e.g. SHA256withDSAinP1363Format.
5560
*
5661
* @author Benjamin Renaud
5762
*
@@ -504,6 +509,78 @@ public String toString() {
504509
return printable;
505510
}
506511

512+
/**
513+
* SHA3-224withDSA implementation.
514+
*/
515+
public static final class SHA3_224withDSA extends DSA {
516+
public SHA3_224withDSA() throws NoSuchAlgorithmException {
517+
super(MessageDigest.getInstance("SHA3-224"));
518+
}
519+
}
520+
521+
/**
522+
* SHA3-224withDSA implementation that uses the IEEE P1363 format.
523+
*/
524+
public static final class SHA3_224withDSAinP1363Format extends DSA {
525+
public SHA3_224withDSAinP1363Format() throws NoSuchAlgorithmException {
526+
super(MessageDigest.getInstance("SHA3-224"), true);
527+
}
528+
}
529+
530+
/**
531+
* Standard SHA3-256withDSA implementation.
532+
*/
533+
public static final class SHA3_256withDSA extends DSA {
534+
public SHA3_256withDSA() throws NoSuchAlgorithmException {
535+
super(MessageDigest.getInstance("SHA3-256"));
536+
}
537+
}
538+
539+
/**
540+
* Standard SHA3-256withDSA implementation that uses the IEEE P1363 format.
541+
*/
542+
public static final class SHA3_256withDSAinP1363Format extends DSA {
543+
public SHA3_256withDSAinP1363Format() throws NoSuchAlgorithmException {
544+
super(MessageDigest.getInstance("SHA3-256"), true);
545+
}
546+
}
547+
548+
/**
549+
* Standard SHA3-384withDSA implementation.
550+
*/
551+
public static final class SHA3_384withDSA extends DSA {
552+
public SHA3_384withDSA() throws NoSuchAlgorithmException {
553+
super(MessageDigest.getInstance("SHA3-384"));
554+
}
555+
}
556+
557+
/**
558+
* Standard SHA3-384withDSA implementation that uses the IEEE P1363 format.
559+
*/
560+
public static final class SHA3_384withDSAinP1363Format extends DSA {
561+
public SHA3_384withDSAinP1363Format() throws NoSuchAlgorithmException {
562+
super(MessageDigest.getInstance("SHA3-384"), true);
563+
}
564+
}
565+
566+
/**
567+
* Standard SHA3-512withDSA implementation.
568+
*/
569+
public static final class SHA3_512withDSA extends DSA {
570+
public SHA3_512withDSA() throws NoSuchAlgorithmException {
571+
super(MessageDigest.getInstance("SHA3-512"));
572+
}
573+
}
574+
575+
/**
576+
* Standard SHA3-512withDSA implementation that uses the IEEE P1363 format.
577+
*/
578+
public static final class SHA3_512withDSAinP1363Format extends DSA {
579+
public SHA3_512withDSAinP1363Format() throws NoSuchAlgorithmException {
580+
super(MessageDigest.getInstance("SHA3-512"), true);
581+
}
582+
}
583+
507584
/**
508585
* Standard SHA224withDSA implementation as defined in FIPS186-3.
509586
*/
@@ -540,6 +617,42 @@ public SHA256withDSAinP1363Format() throws NoSuchAlgorithmException {
540617
}
541618
}
542619

620+
/**
621+
* Standard SHA384withDSA implementation as defined in FIPS186-3.
622+
*/
623+
public static final class SHA384withDSA extends DSA {
624+
public SHA384withDSA() throws NoSuchAlgorithmException {
625+
super(MessageDigest.getInstance("SHA-384"));
626+
}
627+
}
628+
629+
/**
630+
* SHA384withDSA implementation that uses the IEEE P1363 format.
631+
*/
632+
public static final class SHA384withDSAinP1363Format extends DSA {
633+
public SHA384withDSAinP1363Format() throws NoSuchAlgorithmException {
634+
super(MessageDigest.getInstance("SHA-384"), true);
635+
}
636+
}
637+
638+
/**
639+
* Standard SHA512withDSA implementation as defined in FIPS186-3.
640+
*/
641+
public static final class SHA512withDSA extends DSA {
642+
public SHA512withDSA() throws NoSuchAlgorithmException {
643+
super(MessageDigest.getInstance("SHA-512"));
644+
}
645+
}
646+
647+
/**
648+
* SHA512withDSA implementation that uses the IEEE P1363 format.
649+
*/
650+
public static final class SHA512withDSAinP1363Format extends DSA {
651+
public SHA512withDSAinP1363Format() throws NoSuchAlgorithmException {
652+
super(MessageDigest.getInstance("SHA-512"), true);
653+
}
654+
}
655+
543656
/**
544657
* Standard SHA1withDSA implementation.
545658
*/

src/java.base/share/classes/sun/security/provider/SunEntries.java

Lines changed: 36 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -54,9 +54,13 @@
5454
* SHA-2 family of hash functions includes SHA-224, SHA-256, SHA-384,
5555
* and SHA-512.
5656
*
57-
* - SHA-224withDSA/SHA-256withDSA are the signature schemes
57+
* - [SHA-224|SHA-256|SHA-384|SHA-512]withDSA are the signature schemes
5858
* described in FIPS 186-3. The associated object identifiers are
59-
* "OID.2.16.840.1.101.3.4.3.1", and "OID.2.16.840.1.101.3.4.3.2".
59+
* "OID.2.16.840.1.101.3.4.3.[1|2|3|4]" respectively.
60+
*
61+
* - [SHA3-224|SHA3-256|SHA3-384|SHA3-512]withDSA are the signature schemes
62+
* using SHA-3 family of digests with DSA. The associated object identifiers
63+
* are "OID.2.16.840.1.101.3.4.3.[5|6|7|8]" respectively.
6064
*
6165
* - DSA is the key generation scheme as described in FIPS 186.
6266
* Aliases for DSA include the OID strings "OID.1.3.14.3.2.12"
@@ -127,13 +131,30 @@ public final class SunEntries {
127131
addWithAlias(p, "Signature", "NONEwithDSA",
128132
"sun.security.provider.DSA$RawDSA", attrs);
129133

130-
attrs.put("KeySize", "2048"); // for SHA224 and SHA256 DSA signatures
134+
// for DSA signatures with 224/256-bit digests
135+
attrs.put("KeySize", "2048");
131136

132137
addWithAlias(p, "Signature", "SHA224withDSA",
133138
"sun.security.provider.DSA$SHA224withDSA", attrs);
134139
addWithAlias(p, "Signature", "SHA256withDSA",
135140
"sun.security.provider.DSA$SHA256withDSA", attrs);
136141

142+
addWithAlias(p, "Signature", "SHA3-224withDSA",
143+
"sun.security.provider.DSA$SHA3_224withDSA", attrs);
144+
addWithAlias(p, "Signature", "SHA3-256withDSA",
145+
"sun.security.provider.DSA$SHA3_256withDSA", attrs);
146+
147+
attrs.put("KeySize", "3072"); // for DSA sig using 384/512-bit digests
148+
149+
addWithAlias(p, "Signature", "SHA384withDSA",
150+
"sun.security.provider.DSA$SHA384withDSA", attrs);
151+
addWithAlias(p, "Signature", "SHA512withDSA",
152+
"sun.security.provider.DSA$SHA512withDSA", attrs);
153+
addWithAlias(p, "Signature", "SHA3-384withDSA",
154+
"sun.security.provider.DSA$SHA3_384withDSA", attrs);
155+
addWithAlias(p, "Signature", "SHA3-512withDSA",
156+
"sun.security.provider.DSA$SHA3_512withDSA", attrs);
157+
137158
attrs.remove("KeySize");
138159

139160
add(p, "Signature", "SHA1withDSAinP1363Format",
@@ -144,7 +165,18 @@ public final class SunEntries {
144165
"sun.security.provider.DSA$SHA224withDSAinP1363Format");
145166
add(p, "Signature", "SHA256withDSAinP1363Format",
146167
"sun.security.provider.DSA$SHA256withDSAinP1363Format");
147-
168+
add(p, "Signature", "SHA384withDSAinP1363Format",
169+
"sun.security.provider.DSA$SHA384withDSAinP1363Format");
170+
add(p, "Signature", "SHA512withDSAinP1363Format",
171+
"sun.security.provider.DSA$SHA512withDSAinP1363Format");
172+
add(p, "Signature", "SHA3-224withDSAinP1363Format",
173+
"sun.security.provider.DSA$SHA3_224withDSAinP1363Format");
174+
add(p, "Signature", "SHA3-256withDSAinP1363Format",
175+
"sun.security.provider.DSA$SHA3_256withDSAinP1363Format");
176+
add(p, "Signature", "SHA3-384withDSAinP1363Format",
177+
"sun.security.provider.DSA$SHA3_384withDSAinP1363Format");
178+
add(p, "Signature", "SHA3-512withDSAinP1363Format",
179+
"sun.security.provider.DSA$SHA3_512withDSAinP1363Format");
148180
/*
149181
* Key Pair Generator engines
150182
*/

src/java.base/share/classes/sun/security/rsa/PSSParameters.java

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/*
2-
* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
2+
* Copyright (c) 2018, 2020, Oracle and/or its affiliates. All rights reserved.
33
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
44
*
55
* This code is free software; you can redistribute it and/or modify it
@@ -103,7 +103,7 @@ protected void engineInit(byte[] encoded) throws IOException {
103103
throw new IOException("Only MGF1 mgf is supported");
104104
}
105105
AlgorithmId params = AlgorithmId.parse(
106-
new DerValue(val.getEncodedParams()));
106+
new DerValue(val.getEncodedParams()));
107107
String mgfDigestName = params.getName();
108108
switch (mgfDigestName) {
109109
case "SHA-1":
@@ -127,6 +127,18 @@ protected void engineInit(byte[] encoded) throws IOException {
127127
case "SHA-512/256":
128128
mgfSpec = MGF1ParameterSpec.SHA512_256;
129129
break;
130+
case "SHA3-224":
131+
mgfSpec = MGF1ParameterSpec.SHA3_224;
132+
break;
133+
case "SHA3-256":
134+
mgfSpec = MGF1ParameterSpec.SHA3_256;
135+
break;
136+
case "SHA3-384":
137+
mgfSpec = MGF1ParameterSpec.SHA3_384;
138+
break;
139+
case "SHA3-512":
140+
mgfSpec = MGF1ParameterSpec.SHA3_512;
141+
break;
130142
default:
131143
throw new IOException
132144
("Unrecognized message digest algorithm " +

0 commit comments

Comments
 (0)