From 8e41011e5a704c9dd0ec65e92ee53fcb5fb3b9ff Mon Sep 17 00:00:00 2001 From: Daniel Widdis Date: Fri, 1 Dec 2023 16:15:59 -0800 Subject: [PATCH 1/2] fix: Add Locale.ROOT to String uppercase conversions Signed-off-by: Daniel Widdis --- .../amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java | 3 ++- .../java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java | 5 +++-- .../com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java | 3 ++- .../java/com/amazonaws/encryptionsdk/TestVectorRunner.java | 7 ++++--- .../com/amazonaws/encryptionsdk/XCompatDecryptTest.java | 5 +++-- 5 files changed, 14 insertions(+), 9 deletions(-) diff --git a/src/main/java/com/amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java b/src/main/java/com/amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java index 233cffe37..49c8684dd 100644 --- a/src/main/java/com/amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java +++ b/src/main/java/com/amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java @@ -19,6 +19,7 @@ import java.security.PublicKey; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.MGF1ParameterSpec; +import java.util.Locale; import java.util.Map; import java.util.logging.Logger; import java.util.regex.Matcher; @@ -49,7 +50,7 @@ class RsaJceKeyCipher extends JceKeyCipher { final String hashUnknownCase = matcher.group(1); if (hashUnknownCase != null) { // OAEP mode a.k.a PKCS #1v2 - final String hash = hashUnknownCase.toUpperCase(); + final String hash = hashUnknownCase.toUpperCase(Locale.ROOT); transformation_ = "RSA/ECB/OAEPPadding"; final MGF1ParameterSpec mgf1Spec; diff --git a/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java b/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java index fc2fe8149..b505c29ea 100644 --- a/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java +++ b/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java @@ -28,6 +28,7 @@ import java.util.ArrayList; import java.util.Collection; import java.util.List; +import java.util.Locale; import java.util.Map; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; @@ -59,7 +60,7 @@ public static JceMasterKey getInstance( final String provider, final String keyId, final String wrappingAlgorithm) { - switch (wrappingAlgorithm.toUpperCase()) { + switch (wrappingAlgorithm.toUpperCase(Locale.ROOT)) { case "AES/GCM/NOPADDING": return new JceMasterKey(provider, keyId, JceKeyCipher.aesGcm(key)); default: @@ -82,7 +83,7 @@ public static JceMasterKey getInstance( final String provider, final String keyId, final String wrappingAlgorithm) { - if (wrappingAlgorithm.toUpperCase().startsWith("RSA/ECB/")) { + if (wrappingAlgorithm.toUpperCase(Locale.ROOT).startsWith("RSA/ECB/")) { return new JceMasterKey( provider, keyId, JceKeyCipher.rsa(wrappingKey, unwrappingKey, wrappingAlgorithm)); } diff --git a/src/main/java/com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java b/src/main/java/com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java index 57f44aae9..a2bf8725c 100644 --- a/src/main/java/com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java +++ b/src/main/java/com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java @@ -36,6 +36,7 @@ import java.util.Collection; import java.util.Collections; import java.util.List; +import java.util.Locale; import java.util.Map; /** @@ -79,7 +80,7 @@ public KeyStoreProvider( wrappingAlgorithm_ = wrappingAlgorithm; aliasNames_ = Arrays.asList(aliasNames); providerName_ = providerName; - keyAlgorithm_ = wrappingAlgorithm.split("/", 2)[0].toUpperCase(); + keyAlgorithm_ = wrappingAlgorithm.split("/", 2)[0].toUpperCase(Locale.ROOT); } /** diff --git a/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java b/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java index a89cde8ed..04927fde2 100644 --- a/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java +++ b/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java @@ -27,6 +27,7 @@ import java.util.Collections; import java.util.HashMap; import java.util.List; +import java.util.Locale; import java.util.Map; import java.util.concurrent.Callable; import java.util.function.Supplier; @@ -223,7 +224,7 @@ private static TestCase parseTest( transformation += "PKCS1Padding"; } else if ("oaep-mgf1".equals(padding)) { final String hashName = - ((String) mkEntry.get("padding-hash")).replace("sha", "sha-").toUpperCase(); + ((String) mkEntry.get("padding-hash")).replace("sha", "sha-").toUpperCase(Locale.ROOT); transformation += "OAEPWith" + hashName + "AndMGF1Padding"; } else { throw new IllegalArgumentException("Unsupported padding:" + padding); @@ -327,7 +328,7 @@ private static TestCase parseTest( transformation += "PKCS1Padding"; } else if ("oaep-mgf1".equals(padding)) { final String hashName = - ((String) mkEntry.get("padding-hash")).replace("sha", "sha-").toUpperCase(); + ((String) mkEntry.get("padding-hash")).replace("sha", "sha-").toUpperCase(Locale.ROOT); transformation += "OAEPWith" + hashName + "AndMGF1Padding"; } else { throw new IllegalArgumentException("Unsupported padding:" + padding); @@ -432,7 +433,7 @@ private static Map parseKeyManifest(final Map name, keyId, keyType, - new SecretKeySpec(Base64.decode(material), algorithm.toUpperCase())); + new SecretKeySpec(Base64.decode(material), algorithm.toUpperCase(Locale.ROOT))); break; case "private": kf = KeyFactory.getInstance(algorithm); diff --git a/src/test/java/com/amazonaws/encryptionsdk/XCompatDecryptTest.java b/src/test/java/com/amazonaws/encryptionsdk/XCompatDecryptTest.java index 84d4df574..35d7729ad 100644 --- a/src/test/java/com/amazonaws/encryptionsdk/XCompatDecryptTest.java +++ b/src/test/java/com/amazonaws/encryptionsdk/XCompatDecryptTest.java @@ -23,6 +23,7 @@ import java.util.Collections; import java.util.HashMap; import java.util.List; +import java.util.Locale; import java.util.Map; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.lang3.StringUtils; @@ -143,7 +144,7 @@ public static Collection data() throws Exception { + "." + paddingHash; String encAlg = (String) aMasterKey.get("encryption_algorithm"); - switch (encAlg.toUpperCase()) { + switch (encAlg.toUpperCase(Locale.ROOT)) { case "RSA": String cipherBase = "RSA/ECB/"; String cipherName; @@ -176,7 +177,7 @@ public static Collection data() throws Exception { break; default: throw new IllegalArgumentException( - "Unknown encryption algorithm: " + encAlg.toUpperCase()); + "Unknown encryption algorithm: " + encAlg.toUpperCase(Locale.ROOT)); } } } From a68be7b4ec7d8a9b0df69252499ef645c0edbbdc Mon Sep 17 00:00:00 2001 From: texastony <5892063+texastony@users.noreply.github.com> Date: Tue, 12 Dec 2023 09:57:13 -0800 Subject: [PATCH 2/2] chore: format --- .../com/amazonaws/encryptionsdk/TestVectorRunner.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java b/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java index ac69128fc..d32d84dc4 100644 --- a/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java +++ b/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java @@ -334,7 +334,9 @@ private static TestCase parseTest( transformation += "PKCS1Padding"; } else if ("oaep-mgf1".equals(padding)) { final String hashName = - ((String) mkEntry.get("padding-hash")).replace("sha", "sha-").toUpperCase(Locale.ROOT); + ((String) mkEntry.get("padding-hash")) + .replace("sha", "sha-") + .toUpperCase(Locale.ROOT); transformation += "OAEPWith" + hashName + "AndMGF1Padding"; } else { throw new IllegalArgumentException("Unsupported padding:" + padding); @@ -439,7 +441,9 @@ private static TestCase parseTest( transformation += "PKCS1Padding"; } else if ("oaep-mgf1".equals(padding)) { final String hashName = - ((String) mkEntry.get("padding-hash")).replace("sha", "sha-").toUpperCase(Locale.ROOT); + ((String) mkEntry.get("padding-hash")) + .replace("sha", "sha-") + .toUpperCase(Locale.ROOT); transformation += "OAEPWith" + hashName + "AndMGF1Padding"; } else { throw new IllegalArgumentException("Unsupported padding:" + padding);