tt/P124525118: Add alias for RSA/ECB/OAEPWithSHA-1AndMGF1Padding

We add this alias to better support [open-source projects using non-JCA-standard algorithm names][1]. [1]: https://github.com/search?q=RSA%2FECB%2FOAEPWithSHA1AndMGF1Padding&type=code
corretto · Apr 4, 2024 · 735df54 · 735df54
1 parent 4ec7ff6
commit 735df54
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 3 deletions.
diff --git a/src/com/amazon/corretto/crypto/provider/AmazonCorrettoCryptoProvider.java b/src/com/amazon/corretto/crypto/provider/AmazonCorrettoCryptoProvider.java
@@ -95,6 +95,7 @@ private void buildServiceMap() {
     addService("Cipher", "RSA/ECB/Pkcs1Padding", "RsaCipher$Pkcs1");
     addService("Cipher", "RSA/ECB/OAEPPadding", "RsaCipher$OAEP");
     addService("Cipher", "RSA/ECB/OAEPWithSHA-1AndMGF1Padding", "RsaCipher$OAEPSha1");
+    addService("Cipher", "RSA/ECB/OAEPWithSHA1AndMGF1Padding", "RsaCipher$OAEPSha1");
 
     for (String hash : new String[] {"MD5", "SHA1", "SHA256", "SHA384", "SHA512"}) {
       addService("Mac", "Hmac" + hash, "EvpHmac$" + hash);

diff --git a/tst/com/amazon/corretto/crypto/provider/test/RsaCipherTest.java b/tst/com/amazon/corretto/crypto/provider/test/RsaCipherTest.java
@@ -66,6 +66,8 @@
 @ResourceLock(value = TestUtil.RESOURCE_GLOBAL, mode = ResourceAccessMode.READ)
 public class RsaCipherTest {
   private static final String OAEP_SHA1_PADDING = "RSA/ECB/OAEPWithSHA-1AndMGF1Padding";
+  // Some non-JCA-standard aliases are allowed for compatibility
+  private static final String OAEP_SHA1_PADDING_ALT1 = "RSA/ECB/OAEPWithSHA1AndMGF1Padding";
   private static final String OAEP_PADDING = "RSA/ECB/OAEPPadding";
   private static final String PKCS1_PADDING = "RSA/ECB/Pkcs1Padding";
   private static final String NO_PADDING = "RSA/ECB/NoPadding";
@@ -94,7 +96,8 @@ public class RsaCipherTest {
   }
 
   public static List<String> paddingParams() {
-    return Arrays.asList(OAEP_PADDING, OAEP_SHA1_PADDING, PKCS1_PADDING, NO_PADDING);
+    return Arrays.asList(
+        OAEP_PADDING, OAEP_SHA1_PADDING, OAEP_SHA1_PADDING_ALT1, PKCS1_PADDING, NO_PADDING);
   }
 
   public static List<String> messageDigestParams() {
@@ -106,7 +109,8 @@ public static List<String> messageDigestParams() {
           Object o = f.get(null); // static field, so null "instance"
           Method m = MGF1ParameterSpec.class.getDeclaredMethod("getDigestAlgorithm");
           String digest = (String) m.invoke(o);
-          // NOTE: AWS-LC doesn't support SHA-512/224 or SHA3
+          // NOTE: AWS-LC doesn't support SHA-512/224 or SHA3 in a recent FIPS
+          //       version, but does support them as of non-FIPS v1.17.0
           if ("SHA-512/224".equals(digest) || !digest.startsWith("SHA-")) {
             continue;
           }
@@ -734,7 +738,8 @@ public void testSetOaepParamsOnNonOaepPadding(final String padding)
   // Inspect each field, as for some reason the OAEPParameterSpec.equals method seems
   // to compare object hash code instead of individual members.
   private static void assertOAEPParamSpecsEqual(OAEPParameterSpec a, OAEPParameterSpec b) {
-    assertEquals(a.getDigestAlgorithm(), b.getDigestAlgorithm());
+    assertEquals(
+        a.getDigestAlgorithm().replaceAll("-", ""), b.getDigestAlgorithm().replaceAll("-", ""));
     assertEquals(a.getMGFAlgorithm(), b.getMGFAlgorithm());
     assertEquals(a.getMGFParameters(), b.getMGFParameters());
     assertEquals(a.getPSource().getAlgorithm(), b.getPSource().getAlgorithm());
@@ -1084,6 +1089,7 @@ private static int getPaddingSize(final String padding, final OAEPParameterSpec
           return 11;
         case OAEP_PADDING:
         case OAEP_SHA1_PADDING:
+        case OAEP_SHA1_PADDING_ALT1:
           return 42;
         default:
           throw new IllegalArgumentException("Bad padding: " + padding);