Browse Source

REPORT-71512 fix: 修改内置BouncyCastle的providerName

bugfix/10.0
Cloud.Liu 3 years ago
parent
commit
0750c20ac8
  1. 3
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jcajce/util/BCJcaJceHelper.java
  2. 9
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jce/netscape/NetscapeCertRequest.java
  3. 13
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jce/provider/BouncyCastleProvider.java
  4. 3
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/AttributeCertificateHolder.java
  5. 6
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/PKIXCertPathReviewer.java
  6. 6
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V1CertificateGenerator.java
  7. 6
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V2CRLGenerator.java
  8. 6
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V3CertificateGenerator.java
  9. 12
      fine-poi/src/main/java/com/fr/third/v2/org/apache/poi/poifs/crypt/CryptoFunctions.java

3
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jcajce/util/BCJcaJceHelper.java

@ -15,7 +15,8 @@ public class BCJcaJceHelper
private static synchronized Provider getBouncyCastleProvider() private static synchronized Provider getBouncyCastleProvider()
{ {
final Provider system = Security.getProvider("BC"); // [BouncyCastle]
final Provider system = Security.getProvider("FR_BC");
// Avoid using the old, deprecated system BC provider on Android. // Avoid using the old, deprecated system BC provider on Android.
// See: https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html // See: https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html
if (system instanceof BouncyCastleProvider) if (system instanceof BouncyCastleProvider)

9
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jce/netscape/NetscapeCertRequest.java

@ -115,7 +115,8 @@ public class NetscapeCertRequest
pubkeyinfo).getBytes()); pubkeyinfo).getBytes());
keyAlg = pubkeyinfo.getAlgorithm(); keyAlg = pubkeyinfo.getAlgorithm();
pubkey = KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), "BC") // [BouncyCastle]
pubkey = KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), "FR_BC")
.generatePublic(xspec); .generatePublic(xspec);
} }
@ -203,8 +204,9 @@ public class NetscapeCertRequest
// Verify the signature .. shows the response was generated // Verify the signature .. shows the response was generated
// by someone who knew the associated private key // by someone who knew the associated private key
// //
// [BouncyCastle]
Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(), Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(),
"BC"); "FR_BC");
sig.initVerify(pubkey); sig.initVerify(pubkey);
sig.update(content.getBytes()); sig.update(content.getBytes());
@ -223,8 +225,9 @@ public class NetscapeCertRequest
SignatureException, NoSuchProviderException, SignatureException, NoSuchProviderException,
InvalidKeySpecException InvalidKeySpecException
{ {
// [BouncyCastle]
Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(), Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(),
"BC"); "FR_BC");
if (rand != null) if (rand != null)
{ {

13
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jce/provider/BouncyCastleProvider.java

@ -60,7 +60,14 @@ public final class BouncyCastleProvider extends Provider
{ {
private static String info = "BouncyCastle Security Provider v1.68"; private static String info = "BouncyCastle Security Provider v1.68";
public static final String PROVIDER_NAME = "BC"; /**
* 内置的BouncyCastleproviderName改为FR_BC防止跟客户引入的BouncyCastle冲突
*
* 对应地改了fine-third中其他库使用"BC"字面量而非BouncyCastleProvider.PROVIDER_NAME引用BouncyCastle的地方会有[BouncyCastle]标识.
* fine-core等库中的位置也要对应修改
*/
// [BouncyCastle]
public static final String PROVIDER_NAME = "FR_BC";
public static final ProviderConfiguration CONFIGURATION = new BouncyCastleProviderConfiguration(); public static final ProviderConfiguration CONFIGURATION = new BouncyCastleProviderConfiguration();
@ -124,8 +131,8 @@ public final class BouncyCastleProvider extends Provider
*/ */
private static final String KEYSTORE_PACKAGE = "com.fr.third.org.bouncycastle.jcajce.provider.keystore."; private static final String KEYSTORE_PACKAGE = "com.fr.third.org.bouncycastle.jcajce.provider.keystore.";
private static final String[] KEYSTORES = private static final String[] KEYSTORES =
{ { // [BouncyCastle]
"BC", "BCFKS", "PKCS12" "FR_BC", "BCFKS", "PKCS12"
}; };
/* /*

3
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/AttributeCertificateHolder.java

@ -354,7 +354,8 @@ public class AttributeCertificateHolder
MessageDigest md = null; MessageDigest md = null;
try try
{ {
md = MessageDigest.getInstance(getDigestAlgorithm(), "BC"); // [BouncyCastle]
md = MessageDigest.getInstance(getDigestAlgorithm(), "FR_BC");
} }
catch (Exception e) catch (Exception e)

6
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/PKIXCertPathReviewer.java

@ -2173,7 +2173,8 @@ public class PKIXCertPathReviewer extends CertPathValidatorUtilities
{ {
try try
{ {
crl.verify(workingPublicKey, "BC"); // [BouncyCastle]
crl.verify(workingPublicKey, "FR_BC");
} }
catch (Exception e) catch (Exception e)
{ {
@ -2445,7 +2446,8 @@ public class PKIXCertPathReviewer extends CertPathValidatorUtilities
conn.connect(); conn.connect();
if (conn.getResponseCode() == HttpURLConnection.HTTP_OK) if (conn.getResponseCode() == HttpURLConnection.HTTP_OK)
{ {
CertificateFactory cf = CertificateFactory.getInstance("X.509","BC"); // [BouncyCastle]
CertificateFactory cf = CertificateFactory.getInstance("X.509","FR_BC");
result = (X509CRL) cf.generateCRL(conn.getInputStream()); result = (X509CRL) cf.generateCRL(conn.getInputStream());
} }
else else

6
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V1CertificateGenerator.java

@ -189,7 +189,8 @@ public class X509V1CertificateGenerator
{ {
try try
{ {
return generateX509Certificate(key, "BC", null); // [BouncyCastle]
return generateX509Certificate(key, "FR_BC", null);
} }
catch (NoSuchProviderException e) catch (NoSuchProviderException e)
{ {
@ -209,7 +210,8 @@ public class X509V1CertificateGenerator
{ {
try try
{ {
return generateX509Certificate(key, "BC", random); // [BouncyCastle]
return generateX509Certificate(key, "FR_BC", random);
} }
catch (NoSuchProviderException e) catch (NoSuchProviderException e)
{ {

6
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V2CRLGenerator.java

@ -247,7 +247,8 @@ public class X509V2CRLGenerator
{ {
try try
{ {
return generateX509CRL(key, "BC", null); // [BouncyCastle]
return generateX509CRL(key, "FR_BC", null);
} }
catch (NoSuchProviderException e) catch (NoSuchProviderException e)
{ {
@ -268,7 +269,8 @@ public class X509V2CRLGenerator
{ {
try try
{ {
return generateX509CRL(key, "BC", random); // [BouncyCastle]
return generateX509CRL(key, "FR_BC", random);
} }
catch (NoSuchProviderException e) catch (NoSuchProviderException e)
{ {

6
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V3CertificateGenerator.java

@ -326,7 +326,8 @@ public class X509V3CertificateGenerator
{ {
try try
{ {
return generateX509Certificate(key, "BC", null); // [BouncyCastle]
return generateX509Certificate(key, "FR_BC", null);
} }
catch (NoSuchProviderException e) catch (NoSuchProviderException e)
{ {
@ -347,7 +348,8 @@ public class X509V3CertificateGenerator
{ {
try try
{ {
return generateX509Certificate(key, "BC", random); // [BouncyCastle]
return generateX509Certificate(key, "FR_BC", random);
} }
catch (NoSuchProviderException e) catch (NoSuchProviderException e)
{ {

12
fine-poi/src/main/java/com/fr/third/v2/org/apache/poi/poifs/crypt/CryptoFunctions.java

@ -213,7 +213,8 @@ public class CryptoFunctions {
cipher = Cipher.getInstance(cipherAlgorithm.jceId); cipher = Cipher.getInstance(cipherAlgorithm.jceId);
} else if (cipherAlgorithm.needsBouncyCastle) { } else if (cipherAlgorithm.needsBouncyCastle) {
registerBouncyCastle(); registerBouncyCastle();
cipher = Cipher.getInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + padding, "BC"); // [BouncyCastle]
cipher = Cipher.getInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + padding, "FR_BC");
} else { } else {
cipher = Cipher.getInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + padding); cipher = Cipher.getInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + padding);
} }
@ -272,7 +273,8 @@ public class CryptoFunctions {
try { try {
if (hashAlgorithm.needsBouncyCastle) { if (hashAlgorithm.needsBouncyCastle) {
registerBouncyCastle(); registerBouncyCastle();
return MessageDigest.getInstance(hashAlgorithm.jceId, "BC"); // [BouncyCastle]
return MessageDigest.getInstance(hashAlgorithm.jceId, "FR_BC");
} else { } else {
return MessageDigest.getInstance(hashAlgorithm.jceId); return MessageDigest.getInstance(hashAlgorithm.jceId);
} }
@ -285,7 +287,8 @@ public class CryptoFunctions {
try { try {
if (hashAlgorithm.needsBouncyCastle) { if (hashAlgorithm.needsBouncyCastle) {
registerBouncyCastle(); registerBouncyCastle();
return Mac.getInstance(hashAlgorithm.jceHmacId, "BC"); // [BouncyCastle]
return Mac.getInstance(hashAlgorithm.jceHmacId, "FR_BC");
} else { } else {
return Mac.getInstance(hashAlgorithm.jceHmacId); return Mac.getInstance(hashAlgorithm.jceHmacId);
} }
@ -296,7 +299,8 @@ public class CryptoFunctions {
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
public static void registerBouncyCastle() { public static void registerBouncyCastle() {
if (Security.getProvider("BC") != null) return; // [BouncyCastle]
if (Security.getProvider("FR_BC") != null) return;
try { try {
ClassLoader cl = Thread.currentThread().getContextClassLoader(); ClassLoader cl = Thread.currentThread().getContextClassLoader();
String bcProviderName = "org.bouncycastle.jce.provider.BouncyCastleProvider"; String bcProviderName = "org.bouncycastle.jce.provider.BouncyCastleProvider";

Loading…
Cancel
Save