bcgit
diff --git a/‎bc-build.properties‎
Lines changed: 3 additions & 3 deletions b/‎bc-build.properties‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/asn1/BEROctetString.java‎
Lines changed: 47 additions & 3 deletions b/‎core/src/main/java/org/bouncycastle/asn1/BEROctetString.java‎
Lines changed: 47 additions & 3 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/asn1/DEROctetString.java‎
Lines changed: 44 additions & 0 deletions b/‎core/src/main/java/org/bouncycastle/asn1/DEROctetString.java‎
Lines changed: 44 additions & 0 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java‎
Lines changed: 47 additions & 19 deletions b/‎core/src/main/java/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java‎
Lines changed: 47 additions & 19 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/asn1/x9/KeySpecificInfo.java‎
Lines changed: 43 additions & 24 deletions b/‎core/src/main/java/org/bouncycastle/asn1/x9/KeySpecificInfo.java‎
Lines changed: 43 additions & 24 deletions
@@ -3,9 +3,9 @@
 # intended to hold user-specific settings that are *not* committed to 
 # the repository.
 
-release.suffix: 1.83
-release.name: 1.83
-release.version: 1.83
+release.suffix: 1.84-SNAPSHOT
+release.name: 1.84-SNAPSHOT
+release.version: 1.83.99
 release.debug: false
 
 mail.jar.home: ./libs/javax.mail-1.4.7.jar
 
@@ -2,6 +2,8 @@
 
 import java.io.IOException;
 
+import org.bouncycastle.util.Arrays;
+
 /**
  * ASN.1 OctetStrings, with indefinite length rules, and <i>constructed form</i> support.
  * <p>
@@ -19,10 +21,37 @@
 public class BEROctetString
     extends ASN1OctetString
 {
-    private static final int DEFAULT_SEGMENT_LIMIT = 1000;
+    public static final BEROctetString EMPTY = new BEROctetString(EMPTY_OCTETS);
 
-    private final int segmentLimit;
-    private final ASN1OctetString[] elements;
+    public static BEROctetString fromContents(byte[] contents)
+    {
+        if (contents == null)
+        {
+            throw new NullPointerException("'contents' cannot be null");
+        }
+
+        return internalFromContents(contents);
+    }
+
+    public static BEROctetString fromContentsOptional(byte[] contents)
+    {
+        return contents == null ? null : internalFromContents(contents);
+    }
+
+    public static BEROctetString withContents(byte[] contents)
+    {
+        if (contents == null)
+        {
+            throw new NullPointerException("'contents' cannot be null");
+        }
+
+        return internalWithContents(contents);
+    }
+
+    public static BEROctetString withContentsOptional(byte[] contents)
+    {
+        return contents == null ? null : internalWithContents(contents);
+    }
 
     /**
      * Convert a vector of octet strings into a single byte string
@@ -58,6 +87,21 @@ static byte[] flattenOctetStrings(ASN1OctetString[] octetStrings)
         }
     }
 
+    static BEROctetString internalFromContents(byte[] contents)
+    {
+        return contents.length < 1 ? EMPTY : new BEROctetString(Arrays.clone(contents));
+    }
+
+    static BEROctetString internalWithContents(byte[] contents)
+    {
+        return contents.length < 1 ? EMPTY : new BEROctetString(contents);
+    }
+
+    private static final int DEFAULT_SEGMENT_LIMIT = 1000;
+
+    private final int segmentLimit;
+    private final ASN1OctetString[] elements;
+
     /**
      * Create an OCTET-STRING object from a byte[]
      * @param string the octets making up the octet string.
 
@@ -2,12 +2,56 @@
 
 import java.io.IOException;
 
+import org.bouncycastle.util.Arrays;
+
 /**
  * Carrier class for a DER encoding OCTET STRING
  */
 public class DEROctetString
     extends ASN1OctetString
 {
+    public static final DEROctetString EMPTY = new DEROctetString(EMPTY_OCTETS);
+
+    public static DEROctetString fromContents(byte[] contents)
+    {
+        if (contents == null)
+        {
+            throw new NullPointerException("'contents' cannot be null");
+        }
+
+        return internalFromContents(contents);
+    }
+
+    public static DEROctetString fromContentsOptional(byte[] contents)
+    {
+        return contents == null ? null : internalFromContents(contents);
+    }
+
+    public static DEROctetString withContents(byte[] contents)
+    {
+        if (contents == null)
+        {
+            throw new NullPointerException("'contents' cannot be null");
+        }
+
+        return internalWithContents(contents);
+    }
+
+    public static DEROctetString withContentsOptional(byte[] contents)
+    {
+        return contents == null ? null : internalWithContents(contents);
+    }
+
+    static DEROctetString internalFromContents(byte[] contents)
+    {
+        return contents.length < 1 ? EMPTY : new DEROctetString(Arrays.clone(contents));
+    }
+
+    static DEROctetString internalWithContents(byte[] contents)
+    {
+        return contents.length < 1 ? EMPTY : new DEROctetString(contents);
+    }
+
     /**
      * Base constructor.
      *
 
@@ -15,8 +15,9 @@
  */
 public interface SECObjectIdentifiers
 {
-    /** Base OID: 1.3.132.0 */
-    static final ASN1ObjectIdentifier ellipticCurve = new ASN1ObjectIdentifier("1.3.132.0");
+    static final ASN1ObjectIdentifier certicom = new ASN1ObjectIdentifier("1.3.132");
+
+    static final ASN1ObjectIdentifier ellipticCurve = certicom.branch("0");
 
     /**  sect163k1 OID: 1.3.132.0.1 */
     static final ASN1ObjectIdentifier sect163k1 = ellipticCurve.branch("1");
@@ -86,25 +87,52 @@ public interface SECObjectIdentifiers
     /**  secp256r1 OID: 1.3.132.0.prime256v1 */
     static final ASN1ObjectIdentifier secp256r1 = X9ObjectIdentifiers.prime256v1;
 
-    static final ASN1ObjectIdentifier secg_scheme = new ASN1ObjectIdentifier("1.3.132.1");
+    static final ASN1ObjectIdentifier secg_scheme = certicom.branch("1");
+
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_recommendedKDF = secg_scheme.branch("1");
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_specifiedKDF = secg_scheme.branch("2");
+    static final ASN1ObjectIdentifier mqvSinglePass_recommendedKDF = secg_scheme.branch("3");
+    static final ASN1ObjectIdentifier mqvSinglePass_specifiedKDF = secg_scheme.branch("4");
+    static final ASN1ObjectIdentifier mqvFull_recommendedKDF = secg_scheme.branch("5");
+    static final ASN1ObjectIdentifier mqvFull_specifiedKDF = secg_scheme.branch("6");
+    static final ASN1ObjectIdentifier ecies_recommendedParameters = secg_scheme.branch("7");
+    static final ASN1ObjectIdentifier ecies_specifiedParameters = secg_scheme.branch("8");
+
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_kdf_schemes = secg_scheme.branch("11");
+
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha224kdf_scheme = dhSinglePass_stdDH_kdf_schemes.branch("0");
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha256kdf_scheme = dhSinglePass_stdDH_kdf_schemes.branch("1");
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha384kdf_scheme = dhSinglePass_stdDH_kdf_schemes.branch("2");
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha512kdf_scheme = dhSinglePass_stdDH_kdf_schemes.branch("3");
+
+    static final ASN1ObjectIdentifier ecdh = secg_scheme.branch("12");
+    static final ASN1ObjectIdentifier ecmqv = secg_scheme.branch("13");
+
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_kdf_schemes = secg_scheme.branch("14");
+
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha224kdf_scheme = dhSinglePass_cofactorDH_kdf_schemes.branch("0");
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha256kdf_scheme = dhSinglePass_cofactorDH_kdf_schemes.branch("1");
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha384kdf_scheme = dhSinglePass_cofactorDH_kdf_schemes.branch("2");
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha512kdf_scheme = dhSinglePass_cofactorDH_kdf_schemes.branch("3");
+
+    static final ASN1ObjectIdentifier mqvSinglePass_kdf_schemes = secg_scheme.branch("15");
+
+    static final ASN1ObjectIdentifier mqvSinglePass_sha224kdf_scheme = mqvSinglePass_kdf_schemes.branch("0");
+    static final ASN1ObjectIdentifier mqvSinglePass_sha256kdf_scheme = mqvSinglePass_kdf_schemes.branch("1");
+    static final ASN1ObjectIdentifier mqvSinglePass_sha384kdf_scheme = mqvSinglePass_kdf_schemes.branch("2");
+    static final ASN1ObjectIdentifier mqvSinglePass_sha512kdf_scheme = mqvSinglePass_kdf_schemes.branch("3");
 
-    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha224kdf_scheme = secg_scheme.branch("11.0");
-    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha256kdf_scheme = secg_scheme.branch("11.1");
-    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha384kdf_scheme = secg_scheme.branch("11.2");
-    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha512kdf_scheme = secg_scheme.branch("11.3");
+    static final ASN1ObjectIdentifier mqvFull_kdf_schemes = secg_scheme.branch("16");
 
-    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha224kdf_scheme = secg_scheme.branch("14.0");
-    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha256kdf_scheme = secg_scheme.branch("14.1");
-    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha384kdf_scheme = secg_scheme.branch("14.2");
-    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha512kdf_scheme = secg_scheme.branch("14.3");
+    static final ASN1ObjectIdentifier mqvFull_sha224kdf_scheme = mqvFull_kdf_schemes.branch("0");
+    static final ASN1ObjectIdentifier mqvFull_sha256kdf_scheme = mqvFull_kdf_schemes.branch("1");
+    static final ASN1ObjectIdentifier mqvFull_sha384kdf_scheme = mqvFull_kdf_schemes.branch("2");
+    static final ASN1ObjectIdentifier mqvFull_sha512kdf_scheme = mqvFull_kdf_schemes.branch("3");
 
-    static final ASN1ObjectIdentifier mqvSinglePass_sha224kdf_scheme = secg_scheme.branch("15.0");
-    static final ASN1ObjectIdentifier mqvSinglePass_sha256kdf_scheme = secg_scheme.branch("15.1");
-    static final ASN1ObjectIdentifier mqvSinglePass_sha384kdf_scheme = secg_scheme.branch("15.2");
-    static final ASN1ObjectIdentifier mqvSinglePass_sha512kdf_scheme = secg_scheme.branch("15.3");
+    static final ASN1ObjectIdentifier kdf_algorithms = secg_scheme.branch("17");
 
-    static final ASN1ObjectIdentifier mqvFull_sha224kdf_scheme = secg_scheme.branch("16.0");
-    static final ASN1ObjectIdentifier mqvFull_sha256kdf_scheme = secg_scheme.branch("16.1");
-    static final ASN1ObjectIdentifier mqvFull_sha384kdf_scheme = secg_scheme.branch("16.2");
-    static final ASN1ObjectIdentifier mqvFull_sha512kdf_scheme = secg_scheme.branch("16.3");
+    static final ASN1ObjectIdentifier x9_63_kdf = kdf_algorithms.branch("0");
+    static final ASN1ObjectIdentifier nist_concatenation_kdf = kdf_algorithms.branch("1");
+    static final ASN1ObjectIdentifier tls_kdf = kdf_algorithms.branch("2");
+    static final ASN1ObjectIdentifier ikev2_kdf = kdf_algorithms.branch("3");
 }
@@ -1,12 +1,11 @@
 package org.bouncycastle.asn1.x9;
 
-import java.util.Enumeration;
-
 import org.bouncycastle.asn1.ASN1Object;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.ASN1OctetString;
 import org.bouncycastle.asn1.ASN1Primitive;
 import org.bouncycastle.asn1.ASN1Sequence;
+import org.bouncycastle.asn1.ASN1TaggedObject;
 import org.bouncycastle.asn1.DERSequence;
 
 /**
@@ -22,23 +21,6 @@
 public class KeySpecificInfo
     extends ASN1Object
 {
-    private ASN1ObjectIdentifier algorithm;
-    private ASN1OctetString      counter;
-
-    /**
-     * Base constructor.
-     *
-     * @param algorithm  algorithm identifier for the CEK.
-     * @param counter initial counter value for key derivation.
-     */
-    public KeySpecificInfo(
-        ASN1ObjectIdentifier algorithm,
-        ASN1OctetString      counter)
-    {
-        this.algorithm = algorithm;
-        this.counter = counter;
-    }
-
     /**
      * Return a KeySpecificInfo object from the passed in object.
      *
@@ -59,13 +41,50 @@ else if (obj != null)
         return null;
     }
 
-    private KeySpecificInfo(
-        ASN1Sequence  seq)
+    public static KeySpecificInfo getInstance(ASN1TaggedObject taggedObject, boolean declaredExplicit)
+    {
+        return new KeySpecificInfo(ASN1Sequence.getInstance(taggedObject, declaredExplicit));
+    }
+
+    public static KeySpecificInfo getTagged(ASN1TaggedObject taggedObject, boolean declaredExplicit)
+    {
+        return new KeySpecificInfo(ASN1Sequence.getTagged(taggedObject, declaredExplicit));
+    }
+
+    private final ASN1ObjectIdentifier algorithm;
+    private final ASN1OctetString counter;
+
+    private KeySpecificInfo(ASN1Sequence  seq)
     {
-        Enumeration e = seq.getObjects();
+        int count = seq.size();
+        if (count != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + count);
+        }
+
+        this.algorithm = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+        this.counter = ASN1OctetString.getInstance(seq.getObjectAt(1));
+    }
 
-        algorithm = (ASN1ObjectIdentifier)e.nextElement();
-        counter = (ASN1OctetString)e.nextElement();
+    /**
+     * Base constructor.
+     *
+     * @param algorithm  algorithm identifier for the CEK.
+     * @param counter initial counter value for key derivation.
+     */
+    public KeySpecificInfo(ASN1ObjectIdentifier algorithm, ASN1OctetString counter)
+    {
+        if (algorithm == null)
+        {
+            throw new NullPointerException("'algorithm' cannot be null");
+        }
+        if (counter == null)
+        {
+            throw new NullPointerException("'counter' cannot be null");
+        }
+
+        this.algorithm = algorithm;
+        this.counter = counter;
     }
 
     /**