Refactor ECDHKEKGenerator

Author: peterdettman

core/src/main/java/org/bouncycastle/crypto/agreement/kdf/ECDHKEKGenerator.java

@@ -2,9 +2,10 @@
 
 import java.io.IOException;
 
-import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1Encoding;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.DERNull;
 import org.bouncycastle.asn1.DEROctetString;
 import org.bouncycastle.asn1.DERSequence;
@@ -58,16 +59,18 @@ public int generateBytes(byte[] out, int outOff, int len)
             throw new DataLengthException("output buffer too small");
         }
 
-        // TODO Create an ASN.1 class for this (RFC3278)
-        // ECC-CMS-SharedInfo
-        ASN1EncodableVector v = new ASN1EncodableVector();
+        AlgorithmIdentifier keyInfo = new AlgorithmIdentifier(algorithm, DERNull.INSTANCE);
+        ASN1OctetString suppPubInfo = DEROctetString.withContents(Pack.intToBigEndian(keySize));
 
-        v.add(new AlgorithmIdentifier(algorithm, DERNull.INSTANCE));
-        v.add(new DERTaggedObject(true, 2, new DEROctetString(Pack.intToBigEndian(keySize))));
+        // TODO org.bouncycastle.asn1.cms.ecc.ECCCMSSharedInfo exists, but is located in the 'util' jar.
+        // TODO Should the optional DHKDFParameters.getExtraInfo be used for ECCCMSSharedInfo.entityUInfo?
+        ASN1Sequence eccCMSSharedInfo = new DERSequence(keyInfo, new DERTaggedObject(2, suppPubInfo));
 
         try
         {
-            kdf.init(new KDFParameters(z, new DERSequence(v).getEncoded(ASN1Encoding.DER)));
+            byte[] iv = eccCMSSharedInfo.getEncoded(ASN1Encoding.DER);
+
+            kdf.init(new KDFParameters(z, iv));
         }
         catch (IOException e)
         {

core/src/test/java/org/bouncycastle/crypto/test/DHKEKGeneratorTest.java

@@ -1,5 +1,7 @@
 package org.bouncycastle.crypto.test;
 
+import java.security.SecureRandom;
+
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.crypto.DerivationFunction;
@@ -16,6 +18,8 @@
 public class DHKEKGeneratorTest
     extends SimpleTest
 {
+    private static final SecureRandom RANDOM = new SecureRandom();
+
     private byte[] seed1 = Hex.decode("000102030405060708090a0b0c0d0e0f10111213");
     private ASN1ObjectIdentifier alg1 = PKCSObjectIdentifiers.id_alg_CMS3DESwrap;
     private byte[] result1 = Hex.decode("a09661392376f7044d9052a397883246b67f5f1ef63eb5fb");
@@ -45,7 +49,8 @@ private void checkMask(
         DerivationParameters params,
         byte[]             result)
     {
-        byte[]             data = new byte[result.length];
+        byte[] data = new byte[result.length];
+        RANDOM.nextBytes(data);
 
         kdf.init(params);
 

core/src/test/java/org/bouncycastle/crypto/test/ECDHKEKGeneratorTest.java

@@ -1,5 +1,7 @@
 package org.bouncycastle.crypto.test;
 
+import java.security.SecureRandom;
+
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -17,6 +19,8 @@
 public class ECDHKEKGeneratorTest
     extends SimpleTest
 {
+    private static final SecureRandom RANDOM = new SecureRandom();
+
     private byte[] seed1 = Hex.decode("db4a8daba1f98791d54e940175dd1a5f3a0826a1066aa9b668d4dc1e1e0790158dcad1533c03b44214d1b61fefa8b579");
     private ASN1ObjectIdentifier alg1 = NISTObjectIdentifiers.id_aes256_wrap;
     private byte[] result1 = Hex.decode("8ecc6d85caf25eaba823a7d620d4ab0d33e4c645f2");
@@ -46,7 +50,8 @@ private void checkMask(
         DerivationParameters params,
         byte[]             result)
     {
-        byte[]             data = new byte[result.length];
+        byte[] data = new byte[result.length];
+        RANDOM.nextBytes(data);
 
         kdf.init(params);