bcgit
diff --git a/‎core/src/main/java/org/bouncycastle/asn1/x9/KeySpecificInfo.java‎
Lines changed: 43 additions & 24 deletions b/‎core/src/main/java/org/bouncycastle/asn1/x9/KeySpecificInfo.java‎
Lines changed: 43 additions & 24 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/asn1/x9/OtherInfo.java‎
Lines changed: 52 additions & 28 deletions b/‎core/src/main/java/org/bouncycastle/asn1/x9/OtherInfo.java‎
Lines changed: 52 additions & 28 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/agreement/kdf/DHKEKGenerator.java‎
Lines changed: 34 additions & 54 deletions b/‎core/src/main/java/org/bouncycastle/crypto/agreement/kdf/DHKEKGenerator.java‎
Lines changed: 34 additions & 54 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/agreement/kdf/ECDHKEKGenerator.java‎
Lines changed: 10 additions & 7 deletions b/‎core/src/main/java/org/bouncycastle/crypto/agreement/kdf/ECDHKEKGenerator.java‎
Lines changed: 10 additions & 7 deletions
@@ -1,12 +1,11 @@
 package org.bouncycastle.asn1.x9;
 
-import java.util.Enumeration;
-
 import org.bouncycastle.asn1.ASN1Object;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.ASN1OctetString;
 import org.bouncycastle.asn1.ASN1Primitive;
 import org.bouncycastle.asn1.ASN1Sequence;
+import org.bouncycastle.asn1.ASN1TaggedObject;
 import org.bouncycastle.asn1.DERSequence;
 
 /**
@@ -22,23 +21,6 @@
 public class KeySpecificInfo
     extends ASN1Object
 {
-    private ASN1ObjectIdentifier algorithm;
-    private ASN1OctetString      counter;
-
-    /**
-     * Base constructor.
-     *
-     * @param algorithm  algorithm identifier for the CEK.
-     * @param counter initial counter value for key derivation.
-     */
-    public KeySpecificInfo(
-        ASN1ObjectIdentifier algorithm,
-        ASN1OctetString      counter)
-    {
-        this.algorithm = algorithm;
-        this.counter = counter;
-    }
-
     /**
      * Return a KeySpecificInfo object from the passed in object.
      *
@@ -59,13 +41,50 @@ else if (obj != null)
         return null;
     }
 
-    private KeySpecificInfo(
-        ASN1Sequence  seq)
+    public static KeySpecificInfo getInstance(ASN1TaggedObject taggedObject, boolean declaredExplicit)
+    {
+        return new KeySpecificInfo(ASN1Sequence.getInstance(taggedObject, declaredExplicit));
+    }
+
+    public static KeySpecificInfo getTagged(ASN1TaggedObject taggedObject, boolean declaredExplicit)
+    {
+        return new KeySpecificInfo(ASN1Sequence.getTagged(taggedObject, declaredExplicit));
+    }
+
+    private final ASN1ObjectIdentifier algorithm;
+    private final ASN1OctetString counter;
+
+    private KeySpecificInfo(ASN1Sequence  seq)
     {
-        Enumeration e = seq.getObjects();
+        int count = seq.size();
+        if (count != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + count);
+        }
+
+        this.algorithm = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+        this.counter = ASN1OctetString.getInstance(seq.getObjectAt(1));
+    }
 
-        algorithm = (ASN1ObjectIdentifier)e.nextElement();
-        counter = (ASN1OctetString)e.nextElement();
+    /**
+     * Base constructor.
+     *
+     * @param algorithm  algorithm identifier for the CEK.
+     * @param counter initial counter value for key derivation.
+     */
+    public KeySpecificInfo(ASN1ObjectIdentifier algorithm, ASN1OctetString counter)
+    {
+        if (algorithm == null)
+        {
+            throw new NullPointerException("'algorithm' cannot be null");
+        }
+        if (counter == null)
+        {
+            throw new NullPointerException("'counter' cannot be null");
+        }
+
+        this.algorithm = algorithm;
+        this.counter = counter;
     }
 
     /**
 
@@ -1,7 +1,5 @@
 package org.bouncycastle.asn1.x9;
 
-import java.util.Enumeration;
-
 import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1Object;
 import org.bouncycastle.asn1.ASN1OctetString;
@@ -25,20 +23,6 @@
 public class OtherInfo
     extends ASN1Object
 {
-    private KeySpecificInfo     keyInfo;
-    private ASN1OctetString     partyAInfo;
-    private ASN1OctetString     suppPubInfo;
-
-    public OtherInfo(
-        KeySpecificInfo     keyInfo,
-        ASN1OctetString     partyAInfo,
-        ASN1OctetString     suppPubInfo)
-    {
-        this.keyInfo = keyInfo;
-        this.partyAInfo = partyAInfo;
-        this.suppPubInfo = suppPubInfo;
-    }
-
     /**
      * Return a OtherInfo object from the passed in object.
      *
@@ -59,26 +43,66 @@ else if (obj != null)
         return null;
     }
 
-    private OtherInfo(
-        ASN1Sequence  seq)
+    public static OtherInfo getInstance(ASN1TaggedObject taggedObject, boolean declaredExplicit)
     {
-        Enumeration e = seq.getObjects();
+        return new OtherInfo(ASN1Sequence.getInstance(taggedObject, declaredExplicit));
+    }
 
-        keyInfo = KeySpecificInfo.getInstance(e.nextElement());
+    public static OtherInfo getTagged(ASN1TaggedObject taggedObject, boolean declaredExplicit)
+    {
+        return new OtherInfo(ASN1Sequence.getTagged(taggedObject, declaredExplicit));
+    }
+
+    private final KeySpecificInfo keyInfo;
+    private final ASN1OctetString partyAInfo;
+    private final ASN1OctetString suppPubInfo;
 
-        while (e.hasMoreElements())
+    private OtherInfo(ASN1Sequence seq)
+    {
+        int count = seq.size(), pos = 0;
+        if (count < 2 || count > 3)
         {
-            ASN1TaggedObject o = (ASN1TaggedObject)e.nextElement();
+            throw new IllegalArgumentException("Bad sequence size: " + count);
+        }
 
-            if (o.hasContextTag(0))
-            {
-                partyAInfo = (ASN1OctetString)o.getExplicitBaseObject();
-            }
-            else if (o.hasContextTag(2))
+        this.keyInfo = KeySpecificInfo.getInstance(seq.getObjectAt(pos++));
+
+        // partyAInfo [0] OCTET STRING OPTIONAL
+        ASN1OctetString partyAInfo = null;
+        if (pos < count)
+        {
+            ASN1TaggedObject tag0 = ASN1TaggedObject.getContextOptional(seq.getObjectAt(pos), 0);
+            if (tag0 != null)
             {
-                suppPubInfo = (ASN1OctetString)o.getExplicitBaseObject();
+                pos++;
+                partyAInfo = ASN1OctetString.getTagged(tag0, true);
             }
         }
+        this.partyAInfo = partyAInfo;
+
+        ASN1TaggedObject tag2 = ASN1TaggedObject.getContextInstance(seq.getObjectAt(pos++), 2);        
+        this.suppPubInfo = ASN1OctetString.getTagged(tag2, true);
+
+        if (pos != count)
+        {
+            throw new IllegalArgumentException("Unexpected elements in sequence");
+        }
+    }
+
+    public OtherInfo(KeySpecificInfo keyInfo, ASN1OctetString partyAInfo, ASN1OctetString suppPubInfo)
+    {
+        if (keyInfo == null)
+        {
+            throw new NullPointerException("'keyInfo' cannot be null");
+        }
+        if (suppPubInfo == null)
+        {
+            throw new NullPointerException("'suppPubInfo' cannot be null");
+        }
+
+        this.keyInfo = keyInfo;
+        this.partyAInfo = partyAInfo;
+        this.suppPubInfo = suppPubInfo;
     }
 
     /**
 
@@ -2,17 +2,18 @@
 
 import java.io.IOException;
 
-import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1Encoding;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1OctetString;
 import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
+import org.bouncycastle.asn1.x9.KeySpecificInfo;
+import org.bouncycastle.asn1.x9.OtherInfo;
 import org.bouncycastle.crypto.DataLengthException;
 import org.bouncycastle.crypto.DerivationFunction;
 import org.bouncycastle.crypto.DerivationParameters;
 import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.OutputLengthException;
+import org.bouncycastle.crypto.io.DigestOutputStream;
 import org.bouncycastle.util.Pack;
 
 /**
@@ -26,10 +27,9 @@ public class DHKEKGenerator
     private ASN1ObjectIdentifier algorithm;
     private int                 keySize;
     private byte[]              z;
-    private byte[]              partyAInfo;
+    private byte[]              extraInfo;
 
-    public DHKEKGenerator(
-        Digest digest)
+    public DHKEKGenerator(Digest digest)
     {
         this.digest = digest;
     }
@@ -41,7 +41,7 @@ public void init(DerivationParameters param)
         this.algorithm = params.getAlgorithm();
         this.keySize = params.getKeySize();
         this.z = params.getZ();
-        this.partyAInfo = params.getExtraInfo();
+        this.extraInfo = params.getExtraInfo();
     }
 
     public Digest getDigest()
@@ -57,76 +57,56 @@ public int generateBytes(byte[] out, int outOff, int len)
             throw new OutputLengthException("output buffer too small");
         }
 
-        long    oBytes = len;
-        int     outLen = digest.getDigestSize();
+        digest.reset();
+
+        int outputLength = len;
+        int digestSize = digest.getDigestSize();
 
-        //
-        // this is at odds with the standard implementation, the
-        // maximum value should be hBits * (2^32 - 1) where hBits
-        // is the digest output size in bits. We can't have an
-        // array with a long index at the moment...
-        //
-        if (oBytes > ((2L << 32) - 1))
+        // NOTE: This limit isn't reachable for current array lengths
+        if (outputLength > ((1L << 32) - 1) * digestSize)
         {
             throw new IllegalArgumentException("Output length too large");
         }
 
-        int cThreshold = (int)((oBytes + outLen - 1) / outLen);
+        int counter32 = 0;
+        byte[] counterOctets = new byte[4];
 
-        byte[] dig = new byte[digest.getDigestSize()];
+        ASN1OctetString counter = DEROctetString.withContents(counterOctets);
+        KeySpecificInfo keyInfo = new KeySpecificInfo(algorithm, counter);
+        ASN1OctetString partyAInfo = DEROctetString.withContentsOptional(extraInfo);
+        ASN1OctetString suppPubInfo = DEROctetString.withContents(Pack.intToBigEndian(keySize));
+        OtherInfo otherInfo = new OtherInfo(keyInfo, partyAInfo, suppPubInfo);
 
-        int counter = 1;
+        DigestOutputStream digestSink = new DigestOutputStream(digest);
 
-        for (int i = 0; i < cThreshold; i++)
+        while (len > 0)
         {
             digest.update(z, 0, z.length);
 
-            // OtherInfo
-            ASN1EncodableVector v1 = new ASN1EncodableVector();
-            // KeySpecificInfo
-            ASN1EncodableVector v2 = new ASN1EncodableVector();
-
-            v2.add(algorithm);
-            v2.add(new DEROctetString(Pack.intToBigEndian(counter)));
-
-            v1.add(new DERSequence(v2));
-
-            if (partyAInfo != null)
-            {
-                v1.add(new DERTaggedObject(true, 0, new DEROctetString(partyAInfo)));
-            }
-
-            v1.add(new DERTaggedObject(true, 2, new DEROctetString(Pack.intToBigEndian(keySize))));
-
             try
             {
-                byte[] other = new DERSequence(v1).getEncoded(ASN1Encoding.DER);
-
-                digest.update(other, 0, other.length);
+                // NOTE: Modify counterOctets in-situ since counter is private to this method
+                Pack.intToBigEndian(++counter32, counterOctets);
+                otherInfo.encodeTo(digestSink, ASN1Encoding.DER);
             }
             catch (IOException e)
             {
                 throw new IllegalArgumentException("unable to encode parameter info: " + e.getMessage());
             }
 
-            digest.doFinal(dig, 0);
-
-            if (len > outLen)
+            if (len < digestSize)
             {
-                System.arraycopy(dig, 0, out, outOff, outLen);
-                outOff += outLen;
-                len -= outLen;
-            }
-            else
-            {
-                System.arraycopy(dig, 0, out, outOff, len);
+                byte[] tmp = new byte[digestSize];
+                digest.doFinal(tmp, 0);
+                System.arraycopy(tmp, 0, out, outOff, len);
+                break;
             }
 
-            counter++;
+            digest.doFinal(out, outOff);
+            outOff += digestSize;
+            len -= digestSize;
         }
 
-        digest.reset();
-
-        return (int)oBytes;
+        return outputLength;
     }
 }
@@ -2,9 +2,10 @@
 
 import java.io.IOException;
 
-import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1Encoding;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.DERNull;
 import org.bouncycastle.asn1.DEROctetString;
 import org.bouncycastle.asn1.DERSequence;
@@ -58,16 +59,18 @@ public int generateBytes(byte[] out, int outOff, int len)
             throw new DataLengthException("output buffer too small");
         }
 
-        // TODO Create an ASN.1 class for this (RFC3278)
-        // ECC-CMS-SharedInfo
-        ASN1EncodableVector v = new ASN1EncodableVector();
+        AlgorithmIdentifier keyInfo = new AlgorithmIdentifier(algorithm, DERNull.INSTANCE);
+        ASN1OctetString suppPubInfo = DEROctetString.withContents(Pack.intToBigEndian(keySize));
 
-        v.add(new AlgorithmIdentifier(algorithm, DERNull.INSTANCE));
-        v.add(new DERTaggedObject(true, 2, new DEROctetString(Pack.intToBigEndian(keySize))));
+        // TODO org.bouncycastle.asn1.cms.ecc.ECCCMSSharedInfo exists, but is located in the 'util' jar.
+        // TODO Should the optional DHKDFParameters.getExtraInfo be used for ECCCMSSharedInfo.entityUInfo?
+        ASN1Sequence eccCMSSharedInfo = new DERSequence(keyInfo, new DERTaggedObject(2, suppPubInfo));
 
         try
         {
-            kdf.init(new KDFParameters(z, new DERSequence(v).getEncoded(ASN1Encoding.DER)));
+            byte[] iv = eccCMSSharedInfo.getEncoded(ASN1Encoding.DER);
+
+            kdf.init(new KDFParameters(z, iv));
         }
         catch (IOException e)
         {