diff --git a/jdk/src/java.base/share/classes/java/security/DrbgParameters.java b/jdk/src/java.base/share/classes/java/security/DrbgParameters.java index f30c80da2e3..50fa82e0313 100644 --- a/jdk/src/java.base/share/classes/java/security/DrbgParameters.java +++ b/jdk/src/java.base/share/classes/java/security/DrbgParameters.java @@ -196,10 +196,9 @@ import java.util.Objects; * of the JDK reference implementation. *

* This implementation supports the Hash_DRBG and HMAC_DRBG mechanisms with - * DRBG algorithm SHA-1, SHA-224, SHA-512/224, SHA-256, SHA-512/256, - * SHA-384 and SHA-512, and CTR_DRBG (both using derivation function and - * not using derivation function) with DRBG algorithm 3KeyTDEA - * (also known as DESede in JCE), AES-128, AES-192 and AES-256. + * DRBG algorithm SHA-224, SHA-512/224, SHA-256, SHA-512/256, SHA-384 and + * SHA-512, and CTR_DRBG (both using derivation function and not using + * derivation function) with DRBG algorithm AES-128, AES-192 and AES-256. *

* The mechanism name and DRBG algorithm name are determined by the * {@linkplain Security#getProperty(String) security property} diff --git a/jdk/src/java.base/share/classes/sun/security/provider/AbstractDrbg.java b/jdk/src/java.base/share/classes/sun/security/provider/AbstractDrbg.java index 15254237a18..8106ceaf644 100644 --- a/jdk/src/java.base/share/classes/sun/security/provider/AbstractDrbg.java +++ b/jdk/src/java.base/share/classes/sun/security/provider/AbstractDrbg.java @@ -267,10 +267,9 @@ public abstract class AbstractDrbg extends SecureRandomSpi { * {@code DEFAULT_STRENGTH} is 128) for HashDRBG: *

      * requested             effective
-     * (SHA-1, -1)           (SHA-1,128)
-     * (SHA-1, 112)          (SHA-1,112)
-     * (SHA-1, 192)          IAE
+     * (SHA-224, 256)        IAE
      * (SHA-256, -1)         (SHA-256,128)
+     * (SHA-256, 112)        (SHA-256,112)
      * (SHA-256, 128)        (SHA-256,128)
      * (SHA-3, -1)           IAE
      * (null, -1)            (SHA-256,128)
diff --git a/jdk/src/java.base/share/classes/sun/security/provider/AbstractHashDrbg.java b/jdk/src/java.base/share/classes/sun/security/provider/AbstractHashDrbg.java
index 75edd923aca..73d40b777da 100644
--- a/jdk/src/java.base/share/classes/sun/security/provider/AbstractHashDrbg.java
+++ b/jdk/src/java.base/share/classes/sun/security/provider/AbstractHashDrbg.java
@@ -39,8 +39,6 @@ public abstract class AbstractHashDrbg extends AbstractDrbg {
 
     private static int alg2strength(String algorithm) {
         switch (algorithm.toUpperCase(Locale.ROOT)) {
-            case "SHA-1":
-                return 128;
             case "SHA-224":
             case "SHA-512/224":
                 return 192;
@@ -82,10 +80,6 @@ public abstract class AbstractHashDrbg extends AbstractDrbg {
             this.securityStrength = tryStrength;
         }
         switch (algorithm.toUpperCase(Locale.ROOT)) {
-            case "SHA-1":
-                this.seedLen = 440 / 8;
-                this.outLen = 160 / 8;
-                break;
             case "SHA-224":
             case "SHA-512/224":
                 this.seedLen = 440 / 8;
diff --git a/jdk/src/java.base/share/classes/sun/security/provider/CtrDrbg.java b/jdk/src/java.base/share/classes/sun/security/provider/CtrDrbg.java
index 6039db704bf..4182383e6da 100644
--- a/jdk/src/java.base/share/classes/sun/security/provider/CtrDrbg.java
+++ b/jdk/src/java.base/share/classes/sun/security/provider/CtrDrbg.java
@@ -27,7 +27,6 @@ package sun.security.provider;
 
 import javax.crypto.Cipher;
 import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 import java.io.IOException;
 import java.security.*;
@@ -68,11 +67,6 @@ public class CtrDrbg extends AbstractDrbg {
 
     private static int alg2strength(String algorithm) {
         switch (algorithm.toUpperCase(Locale.ROOT)) {
-            case "TDEA":
-            case "3KEYTDEA":
-            case "3 KEY TDEA":
-            case "DESEDE":
-                return 112;
             case "AES-128":
                 return 128;
             case "AES-192":
@@ -120,16 +114,6 @@ public class CtrDrbg extends AbstractDrbg {
             this.securityStrength = tryStrength;
         }
         switch (algorithm.toUpperCase(Locale.ROOT)) {
-            case "TDEA":
-            case "3KEYTDEA":
-            case "3 KEY TDEA":
-            case "DESEDE":
-                algorithm = "DESede";
-                this.keyAlg = "DESede";
-                this.cipherAlg = "DESede/ECB/NoPadding";
-                this.blockLen = 64 / 8;
-                this.keyLen = 168 / 8;
-                break;
             case "AES-128":
             case "AES-192":
             case "AES-256":
@@ -224,7 +208,7 @@ public class CtrDrbg extends AbstractDrbg {
                 // Step 2.1. Increment
                 addOne(v, ctrLen);
                 // Step 2.2. Block_Encrypt
-                cipher.init(Cipher.ENCRYPT_MODE, getKey(keyAlg, k));
+                cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(k, keyAlg));
                 // Step 2.3. Encrypt into right position, no need to cat
                 cipher.doFinal(v, 0, blockLen, temp, i * blockLen);
             }
@@ -316,7 +300,7 @@ public class CtrDrbg extends AbstractDrbg {
 
         for (int i = 0; i * blockLen < seedLen; i++) {
             try {
-                cipher.init(Cipher.ENCRYPT_MODE, getKey(keyAlg, k));
+                cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(k, keyAlg));
                 int tailLen = temp.length - blockLen*i;
                 if (tailLen > blockLen) {
                     tailLen = blockLen;
@@ -340,7 +324,7 @@ public class CtrDrbg extends AbstractDrbg {
                 inputBlock[j] ^= chain[j];
             }
             try {
-                cipher.init(Cipher.ENCRYPT_MODE, getKey(keyAlg, k));
+                cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(k, keyAlg));
                 chain = cipher.doFinal(inputBlock);
             } catch (GeneralSecurityException e) {
                 throw new InternalError(e);
@@ -456,7 +440,7 @@ public class CtrDrbg extends AbstractDrbg {
             addOne(v, ctrLen);
             try {
                 // Step 4.2. Encrypt
-                cipher.init(Cipher.ENCRYPT_MODE, getKey(keyAlg, k));
+                cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(k, keyAlg));
                 byte[] out = cipher.doFinal(v);
 
                 // Step 4.3 and 5. Cat bytes and leftmost
@@ -479,43 +463,6 @@ public class CtrDrbg extends AbstractDrbg {
         // Step 8. Return
     }
 
-    private static void des7to8(
-            byte[] key56, int off56, byte[] key64, int off64) {
-        key64[off64 + 0] = (byte)
-                (key56[off56 + 0] & 0xFE); // << 0
-        key64[off64 + 1] = (byte)
-                ((key56[off56 + 0] << 7) | ((key56[off56 + 1] & 0xFF) >>> 1));
-        key64[off64 + 2] = (byte)
-                ((key56[off56 + 1] << 6) | ((key56[off56 + 2] & 0xFF) >>> 2));
-        key64[off64 + 3] = (byte)
-                ((key56[off56 + 2] << 5) | ((key56[off56 + 3] & 0xFF) >>> 3));
-        key64[off64 + 4] = (byte)
-                ((key56[off56 + 3] << 4) | ((key56[off56 + 4] & 0xFF) >>> 4));
-        key64[off64 + 5] = (byte)
-                ((key56[off56 + 4] << 3) | ((key56[off56 + 5] & 0xFF) >>> 5));
-        key64[off64 + 6] = (byte)
-                ((key56[off56 + 5] << 2) | ((key56[off56 + 6] & 0xFF) >>> 6));
-        key64[off64 + 7] = (byte)
-                (key56[off56 + 6] << 1);
-
-        for (int i = 0; i < 8; i++) {
-            // if even # bits, make uneven, XOR with 1 (uneven & 1)
-            // for uneven # bits, make even, XOR with 0 (even & 1)
-            key64[off64 + i] ^= Integer.bitCount(key64[off64 + i] ^ 1) & 1;
-        }
-    }
-
-    private static SecretKey getKey(String keyAlg, byte[] k) {
-        if (keyAlg.equals("DESede")) {
-            byte[] k2 = new byte[24];
-            des7to8(k, 0, k2, 0);
-            des7to8(k, 7, k2, 8);
-            des7to8(k, 14, k2, 16);
-            k = k2;
-        }
-        return new SecretKeySpec(k, keyAlg);
-    }
-
     private void readObject(java.io.ObjectInputStream s)
             throws IOException, ClassNotFoundException {
         s.defaultReadObject ();
diff --git a/jdk/src/java.base/share/conf/security/java.security b/jdk/src/java.base/share/conf/security/java.security
index 5e6afc59363..6fa0d301d33 100644
--- a/jdk/src/java.base/share/conf/security/java.security
+++ b/jdk/src/java.base/share/conf/security/java.security
@@ -206,16 +206,15 @@ securerandom.strongAlgorithms=NativePRNGBlocking:SUN,DRBG:SUN
 #     "Hash_DRBG" | "HMAC_DRBG" | "CTR_DRBG"
 #
 #   // The DRBG algorithm name. The "SHA-***" names are for Hash_DRBG and
-#   // HMAC_DRBG, default "SHA-256". "3KeyTDEA" and "AES-***" names are for
-#   // CTR_DRBG, default "AES-128" when using the limited cryptographic
-#   // or "AES-256" when using the unlimited.
+#   // HMAC_DRBG, default "SHA-256". The "AES-***" names are for CTR_DRBG,
+#   // default "AES-128" when using the limited cryptographic or "AES-256"
+#   // when using the unlimited.
 #   algorithm_name:
-#     "SHA-1" | "SHA-224" | "SHA-512/224" | "SHA-256" |
+#     "SHA-224" | "SHA-512/224" | "SHA-256" |
 #     "SHA-512/256" | "SHA-384" | "SHA-512" |
-#     "3KeyTDEA" | "AES-128" | "AES-192" | "AES-256"
+#     "AES-128" | "AES-192" | "AES-256"
 #
-#   // Security strength requested. Default "128", or "112"
-#   // if mech_name is CTR_DRBG and algorithm_name is "3KeyTDEA"
+#   // Security strength requested. Default "128"
 #   strength:
 #     "112" | "128" | "192" | "256"
 #
@@ -234,7 +233,7 @@ securerandom.strongAlgorithms=NativePRNGBlocking:SUN,DRBG:SUN
 #     "use_df" | "no_df"
 #
 # Examples,
-#   securerandom.drbg.config=Hash_DRBG,SHA-1,112,none
+#   securerandom.drbg.config=Hash_DRBG,SHA-224,112,none
 #   securerandom.drbg.config=CTR_DRBG,AES-256,192,pr_and_reseed,use_df
 #
 # The default value is an empty string, which is equivalent to
diff --git a/jdk/test/sun/security/provider/SecureRandom/DRBGAlg.java b/jdk/test/sun/security/provider/SecureRandom/DRBGAlg.java
index 31a308a0f5e..8c37fd4dbfa 100644
--- a/jdk/test/sun/security/provider/SecureRandom/DRBGAlg.java
+++ b/jdk/test/sun/security/provider/SecureRandom/DRBGAlg.java
@@ -47,7 +47,6 @@ public class DRBGAlg {
 
         check(null, "Hash_DRBG", "SHA-256", "reseed_only", ",128");
         check("", "Hash_DRBG", "SHA-256", "reseed_only", ",128");
-        check("sha-1", "Hash_DRBG", "SHA-1", "reseed_only", ",128");
         check("sha-256", "Hash_DRBG", "SHA-256", "reseed_only", ",128");
         check("SHA-3");
         check("hash_drbg", "Hash_DRBG", "SHA-256", "reseed_only", ",128");
@@ -61,20 +60,20 @@ public class DRBGAlg {
                 "Hash_DRBG", "SHA-512", "pr_and_reseed", ",192");
 
         check("Hash_DRBG,Hmac_DRBG");
-        check("SHA-1,SHA-256");
+        check("SHA-224,SHA-256");
         check("128,256");
         check("none,reseed_only");
         check("use_df,no_df");
-        check("Hash_DRBG,,SHA-1");
+        check("Hash_DRBG,,SHA-256");
 
         check(null, DrbgParameters.instantiation(112, PR_AND_RESEED, null),
                 "Hash_DRBG", "SHA-256", "pr_and_reseed", ",112");
         check(null, DrbgParameters.instantiation(256, PR_AND_RESEED, null),
                 "Hash_DRBG", "SHA-256", "pr_and_reseed", ",256");
         check(null, DrbgParameters.instantiation(384, PR_AND_RESEED, null));
-        check("sha-1", DrbgParameters.instantiation(112, PR_AND_RESEED, null),
-                "Hash_DRBG", "SHA-1", "pr_and_reseed", ",112");
-        check("sha-1", DrbgParameters.instantiation(192, PR_AND_RESEED, null));
+        check("sha-224", DrbgParameters.instantiation(112, PR_AND_RESEED, null),
+                "Hash_DRBG", "SHA-224", "pr_and_reseed", ",112");
+        check("sha-224", DrbgParameters.instantiation(256, PR_AND_RESEED, null));
         check("hash_drbg,sha-512,Pr_and_Reseed,192",
                 DrbgParameters.instantiation(112, NONE, null),
                 "Hash_DRBG", "SHA-512", "reseed_only", ",112");
@@ -86,23 +85,23 @@ public class DRBGAlg {
                 DrbgParameters.instantiation(192, PR_AND_RESEED, null),
                 "Hash_DRBG", "SHA-256", "pr_and_reseed", ",192");
 
-        check("hash_drbg,sha-1", new MoreDrbgParameters(
+        check("hash_drbg,sha-224", new MoreDrbgParameters(
                     null, null, "sha-512", null, false,
                     DrbgParameters.instantiation(-1, NONE, null)),
                 "Hash_DRBG", "SHA-512");
-        check("hash_drbg,sha-1", new MoreDrbgParameters(
+        check("hash_drbg,sha-224", new MoreDrbgParameters(
                     null, null, null, null, false,
                     DrbgParameters.instantiation(-1, NONE, null)),
-                "Hash_DRBG", "SHA-1");
+                "Hash_DRBG", "SHA-224");
         check("hash_drbg", new MoreDrbgParameters(
                     null, "hmac_drbg", null, null, false,
                     DrbgParameters.instantiation(-1, NONE, null)),
                 "HMAC_DRBG", "SHA-256");
 
-        check("hash_drbg,sha-1", new MoreDrbgParameters(
+        check("hash_drbg,sha-224", new MoreDrbgParameters(
                     null, null, "sha-3", null, false,
                     DrbgParameters.instantiation(-1, NONE, null)));
-        check("hash_drbg,sha-1", new MoreDrbgParameters(
+        check("hash_drbg,sha-224", new MoreDrbgParameters(
                     null, "Unknown_DRBG", null, null, false,
                     DrbgParameters.instantiation(-1, NONE, null)));
     }
diff --git a/jdk/test/sun/security/provider/SecureRandom/DrbgCavp.java b/jdk/test/sun/security/provider/SecureRandom/DrbgCavp.java
index 51dba4b23d9..9e67848772b 100644
--- a/jdk/test/sun/security/provider/SecureRandom/DrbgCavp.java
+++ b/jdk/test/sun/security/provider/SecureRandom/DrbgCavp.java
@@ -278,10 +278,13 @@ public class DrbgCavp {
                                                     ps)),
                                     "SUN");
                         } catch (NoSuchAlgorithmException iae) {
+                            // We don't support SHA-1 and 3KeyTDEA. AES-192 or
                             // AES-256 might not be available. This is OK.
-                            if ((algorithm.equals("AES-192")
+                            if (algorithm.equals("SHA-1") ||
+                                    algorithm.equals("3KeyTDEA") ||
+                                    ((algorithm.equals("AES-192")
                                     || algorithm.equals("AES-256"))
-                                    && AES_LIMIT == 128) {
+                                    && AES_LIMIT == 128)) {
                                 hd = null;
                             } else {
                                 throw iae;