Browse Source

REPORT-71512 fix: 修改内置BouncyCastle的providerName

feature/x
Cloud.Liu 3 years ago
parent
commit
9f3d09cd6c
  1. 3
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jcajce/util/BCJcaJceHelper.java
  2. 9
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jce/netscape/NetscapeCertRequest.java
  3. 13
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jce/provider/BouncyCastleProvider.java
  4. 3
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/AttributeCertificateHolder.java
  5. 6
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/PKIXCertPathReviewer.java
  6. 6
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V1CertificateGenerator.java
  7. 6
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V2CRLGenerator.java
  8. 6
      fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V3CertificateGenerator.java
  9. 15
      fine-poi/src/main/java/com/fr/third/v2/org/apache/poi/poifs/crypt/CryptoFunctions.java

3
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jcajce/util/BCJcaJceHelper.java

@ -15,7 +15,8 @@ public class BCJcaJceHelper
private static synchronized Provider getBouncyCastleProvider()
{
final Provider system = Security.getProvider("BC");
// [BouncyCastle]
final Provider system = Security.getProvider("FR_BC");
// Avoid using the old, deprecated system BC provider on Android.
// See: https://android-developers.googleblog.com/2018/03/cryptography-changes-in-android-p.html
if (system instanceof BouncyCastleProvider)

9
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jce/netscape/NetscapeCertRequest.java

@ -115,7 +115,8 @@ public class NetscapeCertRequest
pubkeyinfo).getBytes());
keyAlg = pubkeyinfo.getAlgorithm();
pubkey = KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), "BC")
// [BouncyCastle]
pubkey = KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), "FR_BC")
.generatePublic(xspec);
}
@ -203,8 +204,9 @@ public class NetscapeCertRequest
// Verify the signature .. shows the response was generated
// by someone who knew the associated private key
//
// [BouncyCastle]
Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(),
"BC");
"FR_BC");
sig.initVerify(pubkey);
sig.update(content.getBytes());
@ -223,8 +225,9 @@ public class NetscapeCertRequest
SignatureException, NoSuchProviderException,
InvalidKeySpecException
{
// [BouncyCastle]
Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(),
"BC");
"FR_BC");
if (rand != null)
{

13
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/jce/provider/BouncyCastleProvider.java

@ -60,7 +60,14 @@ public final class BouncyCastleProvider extends Provider
{
private static String info = "BouncyCastle Security Provider v1.68";
public static final String PROVIDER_NAME = "BC";
/**
* 内置的BouncyCastleproviderName改为FR_BC防止跟客户引入的BouncyCastle冲突
*
* 对应地改了fine-third中其他库使用"BC"字面量而非BouncyCastleProvider.PROVIDER_NAME引用BouncyCastle的地方会有[BouncyCastle]标识.
* fine-core等库中的位置也要对应修改
*/
// [BouncyCastle]
public static final String PROVIDER_NAME = "FR_BC";
public static final ProviderConfiguration CONFIGURATION = new BouncyCastleProviderConfiguration();
@ -124,8 +131,8 @@ public final class BouncyCastleProvider extends Provider
*/
private static final String KEYSTORE_PACKAGE = "com.fr.third.org.bouncycastle.jcajce.provider.keystore.";
private static final String[] KEYSTORES =
{
"BC", "BCFKS", "PKCS12"
{ // [BouncyCastle]
"FR_BC", "BCFKS", "PKCS12"
};
/*

3
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/AttributeCertificateHolder.java

@ -354,7 +354,8 @@ public class AttributeCertificateHolder
MessageDigest md = null;
try
{
md = MessageDigest.getInstance(getDigestAlgorithm(), "BC");
// [BouncyCastle]
md = MessageDigest.getInstance(getDigestAlgorithm(), "FR_BC");
}
catch (Exception e)

6
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/PKIXCertPathReviewer.java

@ -2173,7 +2173,8 @@ public class PKIXCertPathReviewer extends CertPathValidatorUtilities
{
try
{
crl.verify(workingPublicKey, "BC");
// [BouncyCastle]
crl.verify(workingPublicKey, "FR_BC");
}
catch (Exception e)
{
@ -2445,7 +2446,8 @@ public class PKIXCertPathReviewer extends CertPathValidatorUtilities
conn.connect();
if (conn.getResponseCode() == HttpURLConnection.HTTP_OK)
{
CertificateFactory cf = CertificateFactory.getInstance("X.509","BC");
// [BouncyCastle]
CertificateFactory cf = CertificateFactory.getInstance("X.509","FR_BC");
result = (X509CRL) cf.generateCRL(conn.getInputStream());
}
else

6
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V1CertificateGenerator.java

@ -189,7 +189,8 @@ public class X509V1CertificateGenerator
{
try
{
return generateX509Certificate(key, "BC", null);
// [BouncyCastle]
return generateX509Certificate(key, "FR_BC", null);
}
catch (NoSuchProviderException e)
{
@ -209,7 +210,8 @@ public class X509V1CertificateGenerator
{
try
{
return generateX509Certificate(key, "BC", random);
// [BouncyCastle]
return generateX509Certificate(key, "FR_BC", random);
}
catch (NoSuchProviderException e)
{

6
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V2CRLGenerator.java

@ -247,7 +247,8 @@ public class X509V2CRLGenerator
{
try
{
return generateX509CRL(key, "BC", null);
// [BouncyCastle]
return generateX509CRL(key, "FR_BC", null);
}
catch (NoSuchProviderException e)
{
@ -268,7 +269,8 @@ public class X509V2CRLGenerator
{
try
{
return generateX509CRL(key, "BC", random);
// [BouncyCastle]
return generateX509CRL(key, "FR_BC", random);
}
catch (NoSuchProviderException e)
{

6
fine-bouncycastle/src/main/java/com/fr/third/org/bouncycastle/x509/X509V3CertificateGenerator.java

@ -326,7 +326,8 @@ public class X509V3CertificateGenerator
{
try
{
return generateX509Certificate(key, "BC", null);
// [BouncyCastle]
return generateX509Certificate(key, "FR_BC", null);
}
catch (NoSuchProviderException e)
{
@ -347,7 +348,8 @@ public class X509V3CertificateGenerator
{
try
{
return generateX509Certificate(key, "BC", random);
// [BouncyCastle]
return generateX509Certificate(key, "FR_BC", random);
}
catch (NoSuchProviderException e)
{

15
fine-poi/src/main/java/com/fr/third/v2/org/apache/poi/poifs/crypt/CryptoFunctions.java

@ -238,7 +238,8 @@ public final class CryptoFunctions {
cipher = Cipher.getInstance(cipherAlgorithm.jceId);
} else if (cipherAlgorithm.needsBouncyCastle) {
registerBouncyCastle();
cipher = Cipher.getInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + padding, "BC");
// [BouncyCastle]
cipher = Cipher.getInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + padding, "FR_BC");
} else {
cipher = Cipher.getInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + padding);
}
@ -297,7 +298,8 @@ public final class CryptoFunctions {
try {
if (hashAlgorithm.needsBouncyCastle) {
registerBouncyCastle();
return MessageDigest.getInstance(hashAlgorithm.jceId, "BC");
// [BouncyCastle]
return MessageDigest.getInstance(hashAlgorithm.jceId, "FR_BC");
} else {
return MessageDigest.getInstance(hashAlgorithm.jceId);
}
@ -310,7 +312,8 @@ public final class CryptoFunctions {
try {
if (hashAlgorithm.needsBouncyCastle) {
registerBouncyCastle();
return Mac.getInstance(hashAlgorithm.jceHmacId, "BC");
// [BouncyCastle]
return Mac.getInstance(hashAlgorithm.jceHmacId, "FR_BC");
} else {
return Mac.getInstance(hashAlgorithm.jceHmacId);
}
@ -321,10 +324,8 @@ public final class CryptoFunctions {
@SuppressWarnings("unchecked")
public static void registerBouncyCastle() {
if (Security.getProvider("BC") != null) {
return;
}
// [BouncyCastle]
if (Security.getProvider("FR_BC") != null) return;
try {
ClassLoader cl = CryptoFunctions.class.getClassLoader();
String bcProviderName = "com.fr.third.v2.org.bouncycastle.jce.provider.BouncyCastleProvider";

Loading…
Cancel
Save