Java 2, Java 3, compatibility updates

ant/jdk13.xml

@@ -79,6 +79,8 @@
                 <exclude name="**/BCEC*.java" />
                 <exclude name="**/JCEEC5*.java" />
                 <exclude name="**/provider/JCEEC*.java" />
+                <exclude name="**/compositesignatures/*.java" />
+                <exclude name="**/CompositeSignatures.java" />
                 <exclude name="**/EC5*.java" />
                 <exclude name="**/SIKE*.java" />
                 <exclude name="**/Rainbow*.java" />
@@ -259,9 +261,13 @@
                 <exclude name="**/PKIXRevocationTest.java" />
                 <exclude name="**/cms/test/AnnotatedKeyTest.java"/>
                 <exclude name="**/bouncycastle/cms/test/AuthEnvelopedDataTest.java"/>
+                <exclude name="**/bouncycastle/cms/test/CMSAuthEnvelopedDataStreamGeneratorTest.java"/>
+                <exclude name="**/bouncycastle/cms/test/GOSTR3410_2012_256CmsSignVerifyDetached.java"/>
+                <exclude name="**/bouncycastle/cert/test/GOSTR3410_2012_256GenerateCertificate.java"/>
                 <exclude name="**/its/**" />
             </fileset>
             <fileset dir="mail/src/test/java">
+                <exclude name="**/MailGeneralTest.java" />
                 <exclude name="**/SignedMailValidatorTest.java" />
                 <exclude name="**/DummyCertPathReviewer.java" />
 		<exclude name="**/JournalingSecureRandomEncryptTest.java"/>
@@ -290,9 +296,12 @@
             </fileset>
             <fileset dir="pkix/src/main/jdk1.4" includes="**/*.java" />
             <fileset dir="util/src/main/jdk1.4" includes="**/*.java" />
+            <fileset dir="pg/src/main/jdk1.5" includes="**/*.java" />
+            <fileset dir="core/src/test/jdk1.4" includes="**/*.java" />
+        </copy>
+        <copy todir="${src.dir}" overwrite="true">
             <fileset dir="pg/src/main/jdk1.4" includes="**/*.java" />
             <fileset dir="pg/src/main/jdk1.3" includes="**/*.java" />
-            <fileset dir="core/src/test/jdk1.4" includes="**/*.java" />
         </copy>
         <copy todir="${src.dir}" overwrite="true">
             <fileset dir="prov/src/test/jdk1.4" includes="**/*.java" >

bc-build.properties

@@ -3,10 +3,10 @@
 # intended to hold user-specific settings that are *not* committed to 
 # the repository.
 
-release.suffix: 1.78
+release.suffix: 178
 release.name: 1.78
 release.version: 1.78
-release.debug: false
+release.debug: true
 
 mail.jar.home: ./libs/javax.mail-1.4.7.jar
 activation.jar.home:  ./libs/activation-1.1.1.jar

build.gradle

@@ -246,7 +246,7 @@ subprojects {
     }
 
     tasks.withType(JavaCompile).configureEach {
-        options.debug = false;
+        options.debug = true;
     }
 
     tasks.withType(Test).configureEach {

build1-2

@@ -47,6 +47,7 @@ mkdir -p $jdk12src
 ((cd pkix/src/test/jdk1.3 && tar cf - * ) | (cd $jdk12src && tar xf -))
 ((cd pkix/src/main/jdk1.2 && tar cf - * ) | (cd $jdk12src && tar xf -))
 ((cd pg/src/main/java && tar cf - * ) | (cd $jdk12src && tar xf -))
+((cd pg/src/main/jdk1.5 && tar cf - * ) | (cd $jdk12src && tar xf -))
 ((cd pg/src/main/jdk1.4 && tar cf - * ) | (cd $jdk12src && tar xf -))
 ((cd pg/src/main/jdk1.3 && tar cf - * ) | (cd $jdk12src && tar xf -))
 ((cd pg/src/test/java && tar cf - * ) | (cd $jdk12src && tar xf -))
@@ -67,6 +68,7 @@ find $jdk12src -name "*.java" -exec scripts/usejcecert.sh \{\} \;
     rm org/bouncycastle/test/PrintTestResult.java
     rm org/bouncycastle/pqc/legacy/crypto/qtesla/QTeslaKeyEncodingTests.java
     rm org/bouncycastle/pqc/crypto/util/PQCOtherInfoGenerator.java
+    rm -rf org/bouncycastle/test/JVMVersionTest.java
     rm -rf org/bouncycastle/crypto/test/ntru
     rm -rf org/bouncycastle/pqc/legacy/math/ntru
     rm -rf org/bouncycastle/pqc/math/test
@@ -204,12 +206,16 @@ find $jdk12src -name "*.java" -exec scripts/usejcecert.sh \{\} \;
     rm org/bouncycastle/pkix/test/TestUtil.java
     rm org/bouncycastle/cert/cmp/test/PQC*.java
     rm org/bouncycastle/cert/cmp/test/Elgamal*.java
+    rm org/bouncycastle/cert/cmp/test/InvalidMessagesTest.java
+    rm org/bouncycastle/cert/test/GOSTR3410_2012_256GenerateCertificate.java
     rm org/bouncycastle/cert/ocsp/test/PKIXRevocationTest.java
     rm -r org/bouncycastle/crypto/test/BigSkippingCipherTest.java
     rm -rf org/bouncycastle/openssl/test
+    rm -rf org/bouncycastle/jcajce/provider/asymmetric/compositesignatures
     rm -rf org/bouncycastle/jcajce/provider/asymmetric/dstu
     rm -rf org/bouncycastle/jcajce/provider/asymmetric/DSTU*.java
     rm -rf org/bouncycastle/jcajce/provider/asymmetric/util/EC5*.java
+    rm -rf org/bouncycastle/jcajce/provider/asymmetric/CompositeSignatures.java
     rm org/bouncycastle/asn1/test/EnumeratedTest.java
     rm -rf org/bouncycastle/pqc/crypto/test/QT*.java
     rm -rf org/bouncycastle/pqc/crypto/test/SphincsPlusTest.java
@@ -238,6 +244,10 @@ find $jdk12src -name "*.java" -exec scripts/usejcecert.sh \{\} \;
     rm  org/bouncycastle/openpgp/test/BcPGPEd25519JcaKeyPairConversionTest.java
     rm  org/bouncycastle/openpgp/test/ArmoredOutputStreamUTF8Test.java
     rm  org/bouncycastle/openpgp/test/PGPAeadTest.java
+    rm  org/bouncycastle/openpgp/test/BytesBooleansTest.java
+    rm  org/bouncycastle/openpgp/test/BcImplProviderTest.java
+    rm  org/bouncycastle/openpgp/test/BcpgGeneralTest.java
+    rm  org/bouncycastle/openpgp/test/OpenPGPTest.java
 
     sh ../../scripts/jdk1.2ed.sh
 

core/src/main/java/org/bouncycastle/asn1/x509/Extensions.java

@@ -71,10 +71,8 @@ else if (obj != null)
     private Extensions(
         ASN1Sequence seq)
     {
-        if (seq.size() == 0)
-        {
-            throw new IllegalArgumentException("empty extension sequence found");
-        }
+        // it's tempting to check there's at least one entry in the sequence. Don't!
+        // It turns out there's quite a few empty extension blocks out there...
 
         Enumeration e = seq.getObjects();
 

core/src/test/jdk1.3/org/bouncycastle/crypto/test/Ed25519Test.java

@@ -0,0 +1,162 @@
+package org.bouncycastle.crypto.test;
+
+import java.security.SecureRandom;
+
+import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import org.bouncycastle.crypto.Signer;
+import org.bouncycastle.crypto.generators.Ed25519KeyPairGenerator;
+import org.bouncycastle.crypto.params.Ed25519KeyGenerationParameters;
+import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
+import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
+import org.bouncycastle.crypto.signers.Ed25519Signer;
+import org.bouncycastle.crypto.signers.Ed25519ctxSigner;
+import org.bouncycastle.crypto.signers.Ed25519phSigner;
+import org.bouncycastle.math.ec.rfc8032.Ed25519;
+import org.bouncycastle.util.Arrays;
+import org.bouncycastle.util.encoders.Base64;
+import org.bouncycastle.util.encoders.Hex;
+import org.bouncycastle.util.test.SimpleTest;
+
+public class Ed25519Test
+    extends SimpleTest
+{
+    private static final SecureRandom RANDOM = new SecureRandom();
+
+    public String getName()
+    {
+        return "Ed25519";
+    }
+
+    public static void main(String[] args)
+    {
+        runTest(new Ed25519Test());
+    }
+
+    public void performTest()
+        throws Exception
+    {
+        basicSigTest();
+
+        for (int i = 0; i < 10; ++i)
+        {
+            testConsistency(Ed25519.Algorithm.Ed25519, null);
+
+            byte[] context = randomContext(RANDOM.nextInt() & 255);
+            testConsistency(Ed25519.Algorithm.Ed25519ctx, context);
+            testConsistency(Ed25519.Algorithm.Ed25519ph, context);
+        }
+
+    }
+
+    private void basicSigTest()
+        throws Exception
+    {
+        Ed25519PrivateKeyParameters privateKey = new Ed25519PrivateKeyParameters(
+            Hex.decode("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"));
+        Ed25519PublicKeyParameters publicKey = new Ed25519PublicKeyParameters(
+            Hex.decode("d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"));
+
+        byte[] sig = Hex.decode("e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b");
+
+        Signer signer = new Ed25519Signer();
+
+        signer.init(true, privateKey);
+
+        isTrue(areEqual(sig, signer.generateSignature()));
+
+        signer.init(false, publicKey);
+
+        isTrue(signer.verifySignature(sig));
+    }
+
+    private Signer createSigner(int algorithm, byte[] context)
+    {
+        switch (algorithm)
+        {
+        case Ed25519.Algorithm.Ed25519:
+            return new Ed25519Signer();
+        case Ed25519.Algorithm.Ed25519ctx:
+            return new Ed25519ctxSigner(context);
+        case Ed25519.Algorithm.Ed25519ph:
+            return new Ed25519phSigner(context);
+        default:
+            throw new IllegalArgumentException("algorithm");
+        }
+    }
+
+    private byte[] randomContext(int length)
+    {
+        byte[] context = new byte[length];
+        RANDOM.nextBytes(context);
+        return context;
+    }
+
+    private void testConsistency(int algorithm, byte[] context)
+        throws Exception
+    {
+        Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator();
+        kpg.init(new Ed25519KeyGenerationParameters(RANDOM));
+
+        AsymmetricCipherKeyPair kp = kpg.generateKeyPair();
+        Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.getPrivate();
+        Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.getPublic();
+
+        byte[] msg = new byte[RANDOM.nextInt() & 255];
+        RANDOM.nextBytes(msg);
+
+        Signer signer = createSigner(algorithm, context);
+        signer.init(true, privateKey);
+        signer.update(msg, 0, msg.length);
+        byte[] signature = signer.generateSignature();
+
+        Signer verifier = createSigner(algorithm, context);
+
+        {
+            verifier.init(false, publicKey);
+            verifier.update(msg, 0, msg.length);
+            boolean shouldVerify = verifier.verifySignature(signature);
+
+            if (!shouldVerify)
+            {
+                fail("Ed25519(" + algorithm + ") signature failed to verify");
+            }
+        }
+
+        {
+            byte[] wrongLengthSignature = Arrays.append(signature, (byte)0x00);
+
+            verifier.init(false, publicKey);
+            verifier.update(msg, 0, msg.length);
+            boolean shouldNotVerify = verifier.verifySignature(wrongLengthSignature);
+
+            if (shouldNotVerify)
+            {
+                fail("Ed25519(" + algorithm + ") wrong length signature incorrectly verified");
+            }
+        }
+
+        if (msg.length > 0)
+        {
+            boolean shouldNotVerify = verifier.verifySignature(signature);
+
+            if (shouldNotVerify)
+            {
+                fail("Ed25519(" + algorithm + ") wrong length failure did not reset verifier");
+            }
+        }
+
+        {
+            byte[] badSignature = Arrays.clone(signature);
+            badSignature[(RANDOM.nextInt() >>> 1) % badSignature.length] ^= 1 << (RANDOM.nextInt() & 7);
+
+            verifier.init(false, publicKey);
+            verifier.update(msg, 0, msg.length);
+            boolean shouldNotVerify = verifier.verifySignature(badSignature);
+
+            if (shouldNotVerify)
+            {
+                fail("Ed25519(" + algorithm + ") bad signature incorrectly verified");
+            }
+        }
+    }
+}