don't depend on BouncyCastle library directly

huiguangjun · huiguangjun · commit 909fbf06bc11 · 2020-04-22T20:47:15.000+08:00
diff --git a/src/main/java/com/aliyun/oss/crypto/CryptoRuntime.java b/src/main/java/com/aliyun/oss/crypto/CryptoRuntime.java
@@ -19,8 +19,14 @@
 
 package com.aliyun.oss.crypto;
 
+import com.aliyun.oss.common.utils.BinaryUtil;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.math.BigInteger;
 import java.security.Provider;
 import java.security.Security;
+import java.security.spec.RSAPrivateKeySpec;
 
 public class CryptoRuntime {
     static final String BOUNCY_CASTLE_PROVIDER = "BC";
@@ -41,6 +47,27 @@ public static void enableBouncyCastle() {
         }
     }
 
+    public static RSAPrivateKeySpec convertPemPKCS1ToPrivateKey(byte[] buffer)
+    {
+        try {
+            Class<?> clz = Class.forName("org.bouncycastle.asn1.pkcs.RSAPrivateKey");
+            Method method = clz.getMethod("getInstance", new Class[] { Object.class});
+            Object obj = method.invoke(null, new Object[] {buffer});
+
+            clz = Class.forName("org.bouncycastle.asn1.pkcs.RSAPrivateKey");
+            method = clz.getMethod("getModulus", null);
+            BigInteger modulus = (BigInteger) method.invoke(obj, null);
+
+            method = clz.getMethod("getPrivateExponent", null);
+            BigInteger exponent = (BigInteger) method.invoke(obj, null);
+
+            return new RSAPrivateKeySpec(modulus,exponent);
+
+        } catch (Exception e) {
+            throw new UnsupportedOperationException("convertPemPKCS1ToPrivateKey fail.");
+        }
+    }
+
     private static synchronized boolean isBouncyCastleAvailable() {
         return Security.getProvider(BOUNCY_CASTLE_PROVIDER) != null;
     }
diff --git a/src/main/java/com/aliyun/oss/crypto/SimpleRSAEncryptionMaterials.java b/src/main/java/com/aliyun/oss/crypto/SimpleRSAEncryptionMaterials.java
@@ -204,13 +204,12 @@ public static RSAPrivateKey getPrivateKeyFromPemPKCS1(final String privateKeyStr
             CryptoRuntime.enableBouncyCastle();
 
             byte[] buffer = BinaryUtil.fromBase64String(adjustStr);
-            org.bouncycastle.asn1.pkcs.RSAPrivateKey asn1PrivKey = org.bouncycastle.asn1.pkcs.RSAPrivateKey
-                    .getInstance(buffer);
-            RSAPrivateKeySpec keySpec = new RSAPrivateKeySpec(asn1PrivKey.getModulus(),
-                    asn1PrivKey.getPrivateExponent());
+            RSAPrivateKeySpec keySpec = CryptoRuntime.convertPemPKCS1ToPrivateKey(buffer);
+
             KeyFactory keyFactory = KeyFactory.getInstance("RSA");
 
             return (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
+
         } catch (Exception e) {
             throw new ClientException("get private key from PKCS1 pem String error." + e.getMessage(), e);
         }
diff --git a/src/test/java/com/aliyun/oss/crypto/ContentCryptoMaterialTest.java b/src/test/java/com/aliyun/oss/crypto/ContentCryptoMaterialTest.java
@@ -20,7 +20,6 @@
 package com.aliyun.oss.crypto;
 
 import junit.framework.Assert;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.junit.Test;
 
 import java.security.SecureRandom;
diff --git a/src/test/java/com/aliyun/oss/crypto/CryptoConfigurationTest.java b/src/test/java/com/aliyun/oss/crypto/CryptoConfigurationTest.java
@@ -19,8 +19,10 @@
 
 package com.aliyun.oss.crypto;
 
+
+import java.security.Provider;
 import java.security.SecureRandom;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
 import org.junit.Test;
 import junit.framework.Assert;
 
@@ -37,7 +39,7 @@ public void testConstruction() {
                 ContentCryptoMode.AES_CTR_MODE,
                 CryptoStorageMethod.ObjectMetadata,
                 new SecureRandom(),
-                new BouncyCastleProvider());
+                getBouncyCastleProvider());
 
         Assert.assertEquals(ContentCryptoMode.AES_CTR_MODE, cryptoConfig.getContentCryptoMode());
         Assert.assertEquals(CryptoStorageMethod.ObjectMetadata, cryptoConfig.getStorageMethod());
@@ -63,11 +65,21 @@ public void testProvider() {
         CryptoConfiguration cryptoConfig = new CryptoConfiguration();
         Assert.assertNull(cryptoConfig.getContentCryptoProvider());
 
-        cryptoConfig = new CryptoConfiguration().withContentCryptoProvider(new BouncyCastleProvider());
+        cryptoConfig = new CryptoConfiguration().withContentCryptoProvider(getBouncyCastleProvider());
         Assert.assertEquals("BC", cryptoConfig.getContentCryptoProvider().getName());
 
         cryptoConfig = new CryptoConfiguration();
-        cryptoConfig.setContentCryptoProvider(new BouncyCastleProvider());
+        cryptoConfig.setContentCryptoProvider(getBouncyCastleProvider());
         Assert.assertEquals("BC", cryptoConfig.getContentCryptoProvider().getName());
     }
+
+    public static Provider getBouncyCastleProvider()
+    {
+        try {
+            Class<?> clz = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
+            return (Provider)clz.newInstance();
+        } catch (Exception e) {
+            return null;
+        }
+    }
 }
diff --git a/src/test/java/com/aliyun/oss/crypto/RSAEncryptionUnitTest.java b/src/test/java/com/aliyun/oss/crypto/RSAEncryptionUnitTest.java
@@ -21,11 +21,12 @@
 
 import java.security.KeyPair;
 import java.security.PrivateKey;
+import java.security.Provider;
 import java.security.PublicKey;
 import java.security.interfaces.RSAPrivateKey;
 import java.security.interfaces.RSAPublicKey;
 import javax.crypto.Cipher;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
 import org.junit.Test;
 import junit.framework.Assert;
 
@@ -139,7 +140,7 @@ private byte[] encrypt(PublicKey publicKey, byte[] plainData) throws Exception {
             throw new Exception("public key is null.");
         }
 
-        Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", new BouncyCastleProvider());
+        Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", getBouncyCastleProvider());
         cipher.init(Cipher.ENCRYPT_MODE, publicKey);
         byte[] output = cipher.doFinal(plainData);
         return output;
@@ -150,9 +151,19 @@ private byte[] decrypt(PrivateKey privateKey, byte[] cipherData) throws Exceptio
             throw new Exception("private key is null.");
         }
         Cipher cipher = null;
-        cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", new BouncyCastleProvider());
+        cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding", getBouncyCastleProvider());
         cipher.init(Cipher.DECRYPT_MODE, privateKey);
         byte[] output = cipher.doFinal(cipherData);
         return output;
     }
+
+    public static Provider getBouncyCastleProvider()
+    {
+        try {
+            Class<?> clz = Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
+            return (Provider)clz.newInstance();
+        } catch (Exception e) {
+            return null;
+        }
+    }
 }
