From 7a2c478836348e0f68469a66b3c11a5420dc868f Mon Sep 17 00:00:00 2001 From: Greg Steuck Date: Sat, 11 Jan 2020 16:26:34 -0800 Subject: [PATCH] Adjust primitive names to match JCE built-ins The recent versions of Java (e.g. 8) already have the requisite ciphers and the dependency can be eliminated. Completely unclear what the story is for Android. --- java/build.gradle | 1 - .../api/crypto/AttachmentCipherInputStream.java | 2 +- .../signalservice/api/crypto/DigestingOutputStream.java | 2 +- .../signalservice/api/crypto/ProfileCipherOutputStream.java | 2 +- .../signalservice/api/crypto/AttachmentCipherTest.java | 5 ----- .../signalservice/api/crypto/ProfileCipherTest.java | 5 ----- .../signalservice/api/crypto/SigningCertificateTest.java | 5 ----- .../signalservice/api/crypto/UnidentifiedAccessTest.java | 6 ------ 8 files changed, 3 insertions(+), 25 deletions(-) diff --git a/java/build.gradle b/java/build.gradle index d8948572c1..a8ef06df40 100644 --- a/java/build.gradle +++ b/java/build.gradle @@ -35,7 +35,6 @@ dependencies { testCompile 'junit:junit:3.8.2' testCompile 'org.assertj:assertj-core:1.7.1' - testCompile 'org.conscrypt:conscrypt-openjdk-uber:2.0.0' } tasks.whenTaskAdded { task -> diff --git a/java/src/main/java/org/whispersystems/signalservice/api/crypto/AttachmentCipherInputStream.java b/java/src/main/java/org/whispersystems/signalservice/api/crypto/AttachmentCipherInputStream.java index 0be576153c..11288b2c99 100644 --- a/java/src/main/java/org/whispersystems/signalservice/api/crypto/AttachmentCipherInputStream.java +++ b/java/src/main/java/org/whispersystems/signalservice/api/crypto/AttachmentCipherInputStream.java @@ -226,7 +226,7 @@ private static void verifyMac(InputStream inputStream, long length, Mac mac, byt throws InvalidMacException { try { - MessageDigest digest = MessageDigest.getInstance("SHA256"); + MessageDigest digest = MessageDigest.getInstance("SHA-256"); int remainingData = Util.toIntExact(length) - mac.getMacLength(); byte[] buffer = new byte[4096]; diff --git a/java/src/main/java/org/whispersystems/signalservice/api/crypto/DigestingOutputStream.java b/java/src/main/java/org/whispersystems/signalservice/api/crypto/DigestingOutputStream.java index 555c1e855d..51322b0f84 100644 --- a/java/src/main/java/org/whispersystems/signalservice/api/crypto/DigestingOutputStream.java +++ b/java/src/main/java/org/whispersystems/signalservice/api/crypto/DigestingOutputStream.java @@ -17,7 +17,7 @@ public DigestingOutputStream(OutputStream outputStream) { super(outputStream); try { - this.runningDigest = MessageDigest.getInstance("SHA256"); + this.runningDigest = MessageDigest.getInstance("SHA-256"); } catch (NoSuchAlgorithmException e) { throw new AssertionError(e); } diff --git a/java/src/main/java/org/whispersystems/signalservice/api/crypto/ProfileCipherOutputStream.java b/java/src/main/java/org/whispersystems/signalservice/api/crypto/ProfileCipherOutputStream.java index 39bb8bc088..77675f2636 100644 --- a/java/src/main/java/org/whispersystems/signalservice/api/crypto/ProfileCipherOutputStream.java +++ b/java/src/main/java/org/whispersystems/signalservice/api/crypto/ProfileCipherOutputStream.java @@ -21,7 +21,7 @@ public class ProfileCipherOutputStream extends DigestingOutputStream { public ProfileCipherOutputStream(OutputStream out, byte[] key) throws IOException { super(out); try { - this.cipher = Cipher.getInstance("AES/GCM/NoPadding"); + this.cipher = Cipher.getInstance("AES/GCM/NOPADDING"); byte[] nonce = generateNonce(); this.cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"), new GCMParameterSpec(128, nonce)); diff --git a/java/src/test/java/org/whispersystems/signalservice/api/crypto/AttachmentCipherTest.java b/java/src/test/java/org/whispersystems/signalservice/api/crypto/AttachmentCipherTest.java index 8c273ed760..f21f2bcb36 100644 --- a/java/src/test/java/org/whispersystems/signalservice/api/crypto/AttachmentCipherTest.java +++ b/java/src/test/java/org/whispersystems/signalservice/api/crypto/AttachmentCipherTest.java @@ -2,7 +2,6 @@ import junit.framework.TestCase; -import org.conscrypt.Conscrypt; import org.whispersystems.libsignal.InvalidMessageException; import org.whispersystems.libsignal.kdf.HKDFv3; import org.whispersystems.signalservice.internal.util.Util; @@ -18,10 +17,6 @@ public class AttachmentCipherTest extends TestCase { - static { - Security.insertProviderAt(Conscrypt.newProvider(), 1); - } - public void test_attachment_encryptDecrypt() throws IOException, InvalidMessageException { byte[] key = Util.getSecretBytes(64); byte[] plaintextInput = "Peter Parker".getBytes(); diff --git a/java/src/test/java/org/whispersystems/signalservice/api/crypto/ProfileCipherTest.java b/java/src/test/java/org/whispersystems/signalservice/api/crypto/ProfileCipherTest.java index ab0b0ec509..237edad011 100644 --- a/java/src/test/java/org/whispersystems/signalservice/api/crypto/ProfileCipherTest.java +++ b/java/src/test/java/org/whispersystems/signalservice/api/crypto/ProfileCipherTest.java @@ -3,7 +3,6 @@ import junit.framework.TestCase; -import org.conscrypt.Conscrypt; import org.whispersystems.signalservice.internal.util.Util; import java.io.ByteArrayInputStream; @@ -12,10 +11,6 @@ public class ProfileCipherTest extends TestCase { - static { - Security.insertProviderAt(Conscrypt.newProvider(), 1); - } - public void testEncryptDecrypt() throws InvalidCiphertextException { byte[] key = Util.getSecretBytes(32); ProfileCipher cipher = new ProfileCipher(key); diff --git a/java/src/test/java/org/whispersystems/signalservice/api/crypto/SigningCertificateTest.java b/java/src/test/java/org/whispersystems/signalservice/api/crypto/SigningCertificateTest.java index 9c2d69c63f..a8921cd417 100644 --- a/java/src/test/java/org/whispersystems/signalservice/api/crypto/SigningCertificateTest.java +++ b/java/src/test/java/org/whispersystems/signalservice/api/crypto/SigningCertificateTest.java @@ -2,7 +2,6 @@ import junit.framework.TestCase; -import org.conscrypt.Conscrypt; import org.whispersystems.signalservice.internal.contacts.crypto.SigningCertificate; import org.whispersystems.util.Base64; @@ -17,10 +16,6 @@ public class SigningCertificateTest extends TestCase { - static { - Security.insertProviderAt(Conscrypt.newProvider(), 1); - } - public void testGoodSignature() throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, CertPathValidatorException, SignatureException { String certificateChain = "-----BEGIN%20CERTIFICATE-----%0AMIIEoTCCAwmgAwIBAgIJANEHdl0yo7CWMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNV%0ABAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0%0AYXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwHhcNMTYxMTIyMDkzNjU4WhcNMjYxMTIw%0AMDkzNjU4WjB7MQswCQYDVQQGEwJVUzELMAkGA1UECAwCQ0ExFDASBgNVBAcMC1Nh%0AbnRhIENsYXJhMRowGAYDVQQKDBFJbnRlbCBDb3Jwb3JhdGlvbjEtMCsGA1UEAwwk%0ASW50ZWwgU0dYIEF0dGVzdGF0aW9uIFJlcG9ydCBTaWduaW5nMIIBIjANBgkqhkiG%0A9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXot4OZuphR8nudFrAFiaGxxkgma/Es/BA%2Bt%0AbeCTUR106AL1ENcWA4FX3K%2BE9BBL0/7X5rj5nIgX/R/1ubhkKWw9gfqPG3KeAtId%0Acv/uTO1yXv50vqaPvE1CRChvzdS/ZEBqQ5oVvLTPZ3VEicQjlytKgN9cLnxbwtuv%0ALUK7eyRPfJW/ksddOzP8VBBniolYnRCD2jrMRZ8nBM2ZWYwnXnwYeOAHV%2BW9tOhA%0AImwRwKF/95yAsVwd21ryHMJBcGH70qLagZ7Ttyt%2B%2BqO/6%2BKAXJuKwZqjRlEtSEz8%0AgZQeFfVYgcwSfo96oSMAzVr7V0L6HSDLRnpb6xxmbPdqNol4tQIDAQABo4GkMIGh%0AMB8GA1UdIwQYMBaAFHhDe3amfrzQr35CN%2Bs1fDuHAVE8MA4GA1UdDwEB/wQEAwIG%0AwDAMBgNVHRMBAf8EAjAAMGAGA1UdHwRZMFcwVaBToFGGT2h0dHA6Ly90cnVzdGVk%0Ac2VydmljZXMuaW50ZWwuY29tL2NvbnRlbnQvQ1JML1NHWC9BdHRlc3RhdGlvblJl%0AcG9ydFNpZ25pbmdDQS5jcmwwDQYJKoZIhvcNAQELBQADggGBAGcIthtcK9IVRz4r%0ARq%2BZKE%2B7k50/OxUsmW8aavOzKb0iCx07YQ9rzi5nU73tME2yGRLzhSViFs/LpFa9%0AlpQL6JL1aQwmDR74TxYGBAIi5f4I5TJoCCEqRHz91kpG6Uvyn2tLmnIdJbPE4vYv%0AWLrtXXfFBSSPD4Afn7%2B3/XUggAlc7oCTizOfbbtOFlYA4g5KcYgS1J2ZAeMQqbUd%0AZseZCcaZZZn65tdqee8UXZlDvx0%2BNdO0LR%2B5pFy%2BjuM0wWbu59MvzcmTXbjsi7HY%0A6zd53Yq5K244fwFHRQ8eOB0IWB%2B4PfM7FeAApZvlfqlKOlLcZL2uyVmzRkyR5yW7%0A2uo9mehX44CiPJ2fse9Y6eQtcfEhMPkmHXI01sN%2BKwPbpA39%2BxOsStjhP9N1Y1a2%0AtQAVo%2ByVgLgV2Hws73Fc0o3wC78qPEA%2Bv2aRs/Be3ZFDgDyghc/1fgU%2B7C%2BP6kbq%0Ad4poyb6IW8KCJbxfMJvkordNOgOUUxndPHEi/tb/U7uLjLOgPA%3D%3D%0A-----END%20CERTIFICATE-----%0A-----BEGIN%20CERTIFICATE-----%0AMIIFSzCCA7OgAwIBAgIJANEHdl0yo7CUMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV%0ABAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExGjAYBgNV%0ABAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQDDCdJbnRlbCBTR1ggQXR0ZXN0%0AYXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwIBcNMTYxMTE0MTUzNzMxWhgPMjA0OTEy%0AMzEyMzU5NTlaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEUMBIGA1UEBwwL%0AU2FudGEgQ2xhcmExGjAYBgNVBAoMEUludGVsIENvcnBvcmF0aW9uMTAwLgYDVQQD%0ADCdJbnRlbCBTR1ggQXR0ZXN0YXRpb24gUmVwb3J0IFNpZ25pbmcgQ0EwggGiMA0G%0ACSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCfPGR%2BtXc8u1EtJzLA10Feu1Wg%2Bp7e%0ALmSRmeaCHbkQ1TF3Nwl3RmpqXkeGzNLd69QUnWovYyVSndEMyYc3sHecGgfinEeh%0ArgBJSEdsSJ9FpaFdesjsxqzGRa20PYdnnfWcCTvFoulpbFR4VBuXnnVLVzkUvlXT%0AL/TAnd8nIZk0zZkFJ7P5LtePvykkar7LcSQO85wtcQe0R1Raf/sQ6wYKaKmFgCGe%0ANpEJUmg4ktal4qgIAxk%2BQHUxQE42sxViN5mqglB0QJdUot/o9a/V/mMeH8KvOAiQ%0AbyinkNndn%2BBgk5sSV5DFgF0DffVqmVMblt5p3jPtImzBIH0QQrXJq39AT8cRwP5H%0AafuVeLHcDsRp6hol4P%2BZFIhu8mmbI1u0hH3W/0C2BuYXB5PC%2B5izFFh/nP0lc2Lf%0A6rELO9LZdnOhpL1ExFOq9H/B8tPQ84T3Sgb4nAifDabNt/zu6MmCGo5U8lwEFtGM%0ARoOaX4AS%2B909x00lYnmtwsDVWv9vBiJCXRsCAwEAAaOByTCBxjBgBgNVHR8EWTBX%0AMFWgU6BRhk9odHRwOi8vdHJ1c3RlZHNlcnZpY2VzLmludGVsLmNvbS9jb250ZW50%0AL0NSTC9TR1gvQXR0ZXN0YXRpb25SZXBvcnRTaWduaW5nQ0EuY3JsMB0GA1UdDgQW%0ABBR4Q3t2pn680K9%2BQjfrNXw7hwFRPDAfBgNVHSMEGDAWgBR4Q3t2pn680K9%2BQjfr%0ANXw7hwFRPDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkq%0AhkiG9w0BAQsFAAOCAYEAeF8tYMXICvQqeXYQITkV2oLJsp6J4JAqJabHWxYJHGir%0AIEqucRiJSSx%2BHjIJEUVaj8E0QjEud6Y5lNmXlcjqRXaCPOqK0eGRz6hi%2BripMtPZ%0AsFNaBwLQVV905SDjAzDzNIDnrcnXyB4gcDFCvwDFKKgLRjOB/WAqgscDUoGq5ZVi%0AzLUzTqiQPmULAQaB9c6Oti6snEFJiCQ67JLyW/E83/frzCmO5Ru6WjU4tmsmy8Ra%0AUd4APK0wZTGtfPXU7w%2BIBdG5Ez0kE1qzxGQaL4gINJ1zMyleDnbuS8UicjJijvqA%0A152Sq049ESDz%2B1rRGc2NVEqh1KaGXmtXvqxXcTB%2BLjy5Bw2ke0v8iGngFBPqCTVB%0A3op5KBG3RjbF6RRSzwzuWfL7QErNC8WEy5yDVARzTA5%2BxmBc388v9Dm21HGfcC8O%0ADD%2BgT9sSpssq0ascmvH49MOgjt1yoysLtdCtJW/9FZpoOypaHx0R%2BmJTLwPXVMrv%0ADaVzWh5aiEx%2BidkSGMnX%0A-----END%20CERTIFICATE-----%0A"; String signature = "Kn2Ya2T039qvEWIzIQeSksNyyCQIkcVjciClcp3a6C766dJANXxLLIn6CfyvUZddMtePrTOLpC2e5QTQxB4RwtWmFfr7nxRdFUtA3dH2DAQL5DqqlmPv46ZWSPfiiOXUsu8vNgX3Z4Znt4Q+dIPIquNPY8ZmiAcpKR7n2K3QtabgOnJ2EyngabY3LMQTtriXbZjpl53ynhVhV1rciMdvMaTz4DUYt7gKi+KeNd3CBFSev+eTgYPC3em96J/3bfVR+wC5m3JGbIBCrwAsbO05JkiNIMck3s+p4d/hwiABR75EplxaWmGgIm6VvUKtGhdJ/cNrmF0nxMX6Vi6N2WaLTA=="; diff --git a/java/src/test/java/org/whispersystems/signalservice/api/crypto/UnidentifiedAccessTest.java b/java/src/test/java/org/whispersystems/signalservice/api/crypto/UnidentifiedAccessTest.java index d611640fec..6170bfb5a0 100644 --- a/java/src/test/java/org/whispersystems/signalservice/api/crypto/UnidentifiedAccessTest.java +++ b/java/src/test/java/org/whispersystems/signalservice/api/crypto/UnidentifiedAccessTest.java @@ -2,17 +2,11 @@ import junit.framework.TestCase; -import org.conscrypt.OpenSSLProvider; - import java.security.Security; import java.util.Arrays; public class UnidentifiedAccessTest extends TestCase { - static { - Security.insertProviderAt(new OpenSSLProvider(), 1); - } - private final byte[] EXPECTED_RESULT = {(byte)0x5a, (byte)0x72, (byte)0x3a, (byte)0xce, (byte)0xe5, (byte)0x2c, (byte)0x5e, (byte)0xa0, (byte)0x2b, (byte)0x92, (byte)0xa3, (byte)0xa3, (byte)0x60, (byte)0xc0, (byte)0x95, (byte)0x95}; public void testKeyDerivation() {