diff --git a/core/java/src/net/i2p/crypto/DSAEngine.java b/core/java/src/net/i2p/crypto/DSAEngine.java index e8eb3b9ba..a7e18e1f7 100644 --- a/core/java/src/net/i2p/crypto/DSAEngine.java +++ b/core/java/src/net/i2p/crypto/DSAEngine.java @@ -506,8 +506,8 @@ public class DSAEngine { return altVerifySigSHA1(signature, data, offset, len, verifyingKey); java.security.Signature jsig; - if (type == SigType.EdDSA_SHA512_25519) - jsig = new net.i2p.crypto.eddsa.EdDSAEngine(java.security.MessageDigest.getInstance("SHA-512")); + if (type.getBaseAlgorithm() == SigAlgo.EdDSA) + jsig = new net.i2p.crypto.eddsa.EdDSAEngine(type.getDigestInstance()); else jsig = java.security.Signature.getInstance(type.getAlgorithmName()); PublicKey pubKey = SigUtil.toJavaKey(verifyingKey); @@ -587,8 +587,8 @@ public class DSAEngine { return altSignSHA1(data, offset, len, privateKey); java.security.Signature jsig; - if (type == SigType.EdDSA_SHA512_25519) - jsig = new net.i2p.crypto.eddsa.EdDSAEngine(java.security.MessageDigest.getInstance("SHA-512")); + if (type.getBaseAlgorithm() == SigAlgo.EdDSA) + jsig = new net.i2p.crypto.eddsa.EdDSAEngine(type.getDigestInstance()); else jsig = java.security.Signature.getInstance(type.getAlgorithmName()); PrivateKey privKey = SigUtil.toJavaKey(privateKey); diff --git a/core/java/src/net/i2p/crypto/KeyGenerator.java b/core/java/src/net/i2p/crypto/KeyGenerator.java index efd1a8897..69f53f71c 100644 --- a/core/java/src/net/i2p/crypto/KeyGenerator.java +++ b/core/java/src/net/i2p/crypto/KeyGenerator.java @@ -217,45 +217,47 @@ public class KeyGenerator { if (type == SigType.DSA_SHA1) return generateSigningKeys(); KeyPair kp; - if (type == SigType.EdDSA_SHA512_25519) { - kp = new net.i2p.crypto.eddsa.KeyPairGenerator().generateKeyPair(); - } else { - KeyPairGenerator kpg = KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName()); - try { + if (type.getBaseAlgorithm() == SigAlgo.EdDSA) { + net.i2p.crypto.eddsa.KeyPairGenerator kpg = new net.i2p.crypto.eddsa.KeyPairGenerator(); kpg.initialize(type.getParams(), _context.random()); kp = kpg.generateKeyPair(); - } catch (ProviderException pe) { - // java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID - // This is a RuntimeException, thx Sun - // Fails for P-192 only, on Ubuntu - Log log = _context.logManager().getLog(KeyGenerator.class); - String pname = kpg.getProvider().getName(); - if ("BC".equals(pname)) { - if (log.shouldLog(Log.WARN)) - log.warn("BC KPG failed for " + type, pe); - throw new GeneralSecurityException("BC KPG for " + type, pe); - } - if (!ECConstants.isBCAvailable()) - throw new GeneralSecurityException(pname + " KPG failed for " + type, pe); - if (log.shouldLog(Log.WARN)) - log.warn(pname + " KPG failed for " + type + ", trying BC" /* , pe */ ); + } else { + KeyPairGenerator kpg = KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName()); try { - kpg = KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName(), "BC"); kpg.initialize(type.getParams(), _context.random()); kp = kpg.generateKeyPair(); - } catch (ProviderException pe2) { + } catch (ProviderException pe) { + // java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID + // This is a RuntimeException, thx Sun + // Fails for P-192 only, on Ubuntu + Log log = _context.logManager().getLog(KeyGenerator.class); + String pname = kpg.getProvider().getName(); + if ("BC".equals(pname)) { + if (log.shouldLog(Log.WARN)) + log.warn("BC KPG failed for " + type, pe); + throw new GeneralSecurityException("BC KPG for " + type, pe); + } + if (!ECConstants.isBCAvailable()) + throw new GeneralSecurityException(pname + " KPG failed for " + type, pe); if (log.shouldLog(Log.WARN)) - log.warn("BC KPG failed for " + type + " also", pe2); - // throw original exception - throw new GeneralSecurityException(pname + " KPG for " + type, pe); - } catch (GeneralSecurityException gse) { - if (log.shouldLog(Log.WARN)) - log.warn("BC KPG failed for " + type + " also", gse); - // throw original exception - throw new GeneralSecurityException(pname + " KPG for " + type, pe); + log.warn(pname + " KPG failed for " + type + ", trying BC" /* , pe */ ); + try { + kpg = KeyPairGenerator.getInstance(type.getBaseAlgorithm().getName(), "BC"); + kpg.initialize(type.getParams(), _context.random()); + kp = kpg.generateKeyPair(); + } catch (ProviderException pe2) { + if (log.shouldLog(Log.WARN)) + log.warn("BC KPG failed for " + type + " also", pe2); + // throw original exception + throw new GeneralSecurityException(pname + " KPG for " + type, pe); + } catch (GeneralSecurityException gse) { + if (log.shouldLog(Log.WARN)) + log.warn("BC KPG failed for " + type + " also", gse); + // throw original exception + throw new GeneralSecurityException(pname + " KPG for " + type, pe); + } } } - } java.security.PublicKey pubkey = kp.getPublic(); java.security.PrivateKey privkey = kp.getPrivate(); SimpleDataStructure[] keys = new SimpleDataStructure[2];