diff --git a/src/main/java/com/amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java b/src/main/java/com/amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java index 233cffe37..49c8684dd 100644 --- a/src/main/java/com/amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java +++ b/src/main/java/com/amazonaws/encryptionsdk/internal/RsaJceKeyCipher.java @@ -19,6 +19,7 @@ import java.security.PublicKey; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.MGF1ParameterSpec; +import java.util.Locale; import java.util.Map; import java.util.logging.Logger; import java.util.regex.Matcher; @@ -49,7 +50,7 @@ class RsaJceKeyCipher extends JceKeyCipher { final String hashUnknownCase = matcher.group(1); if (hashUnknownCase != null) { // OAEP mode a.k.a PKCS #1v2 - final String hash = hashUnknownCase.toUpperCase(); + final String hash = hashUnknownCase.toUpperCase(Locale.ROOT); transformation_ = "RSA/ECB/OAEPPadding"; final MGF1ParameterSpec mgf1Spec; diff --git a/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java b/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java index fc2fe8149..b505c29ea 100644 --- a/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java +++ b/src/main/java/com/amazonaws/encryptionsdk/jce/JceMasterKey.java @@ -28,6 +28,7 @@ import java.util.ArrayList; import java.util.Collection; import java.util.List; +import java.util.Locale; import java.util.Map; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; @@ -59,7 +60,7 @@ public static JceMasterKey getInstance( final String provider, final String keyId, final String wrappingAlgorithm) { - switch (wrappingAlgorithm.toUpperCase()) { + switch (wrappingAlgorithm.toUpperCase(Locale.ROOT)) { case "AES/GCM/NOPADDING": return new JceMasterKey(provider, keyId, JceKeyCipher.aesGcm(key)); default: @@ -82,7 +83,7 @@ public static JceMasterKey getInstance( final String provider, final String keyId, final String wrappingAlgorithm) { - if (wrappingAlgorithm.toUpperCase().startsWith("RSA/ECB/")) { + if (wrappingAlgorithm.toUpperCase(Locale.ROOT).startsWith("RSA/ECB/")) { return new JceMasterKey( provider, keyId, JceKeyCipher.rsa(wrappingKey, unwrappingKey, wrappingAlgorithm)); } diff --git a/src/main/java/com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java b/src/main/java/com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java index 57f44aae9..a2bf8725c 100644 --- a/src/main/java/com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java +++ b/src/main/java/com/amazonaws/encryptionsdk/jce/KeyStoreProvider.java @@ -36,6 +36,7 @@ import java.util.Collection; import java.util.Collections; import java.util.List; +import java.util.Locale; import java.util.Map; /** @@ -79,7 +80,7 @@ public KeyStoreProvider( wrappingAlgorithm_ = wrappingAlgorithm; aliasNames_ = Arrays.asList(aliasNames); providerName_ = providerName; - keyAlgorithm_ = wrappingAlgorithm.split("/", 2)[0].toUpperCase(); + keyAlgorithm_ = wrappingAlgorithm.split("/", 2)[0].toUpperCase(Locale.ROOT); } /** diff --git a/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java b/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java index 8e27eb60d..d32d84dc4 100644 --- a/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java +++ b/src/test/java/com/amazonaws/encryptionsdk/TestVectorRunner.java @@ -34,6 +34,7 @@ import java.util.Collections; import java.util.HashMap; import java.util.List; +import java.util.Locale; import java.util.Map; import java.util.concurrent.Callable; import java.util.function.Supplier; @@ -333,7 +334,9 @@ private static TestCase parseTest( transformation += "PKCS1Padding"; } else if ("oaep-mgf1".equals(padding)) { final String hashName = - ((String) mkEntry.get("padding-hash")).replace("sha", "sha-").toUpperCase(); + ((String) mkEntry.get("padding-hash")) + .replace("sha", "sha-") + .toUpperCase(Locale.ROOT); transformation += "OAEPWith" + hashName + "AndMGF1Padding"; } else { throw new IllegalArgumentException("Unsupported padding:" + padding); @@ -438,7 +441,9 @@ private static TestCase parseTest( transformation += "PKCS1Padding"; } else if ("oaep-mgf1".equals(padding)) { final String hashName = - ((String) mkEntry.get("padding-hash")).replace("sha", "sha-").toUpperCase(); + ((String) mkEntry.get("padding-hash")) + .replace("sha", "sha-") + .toUpperCase(Locale.ROOT); transformation += "OAEPWith" + hashName + "AndMGF1Padding"; } else { throw new IllegalArgumentException("Unsupported padding:" + padding); @@ -544,7 +549,7 @@ private static Map parseKeyManifest(final Map name, keyId, keyType, - new SecretKeySpec(Base64.decode(material), algorithm.toUpperCase())); + new SecretKeySpec(Base64.decode(material), algorithm.toUpperCase(Locale.ROOT))); break; case "private": kf = KeyFactory.getInstance(algorithm); diff --git a/src/test/java/com/amazonaws/encryptionsdk/XCompatDecryptTest.java b/src/test/java/com/amazonaws/encryptionsdk/XCompatDecryptTest.java index 84d4df574..35d7729ad 100644 --- a/src/test/java/com/amazonaws/encryptionsdk/XCompatDecryptTest.java +++ b/src/test/java/com/amazonaws/encryptionsdk/XCompatDecryptTest.java @@ -23,6 +23,7 @@ import java.util.Collections; import java.util.HashMap; import java.util.List; +import java.util.Locale; import java.util.Map; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.lang3.StringUtils; @@ -143,7 +144,7 @@ public static Collection data() throws Exception { + "." + paddingHash; String encAlg = (String) aMasterKey.get("encryption_algorithm"); - switch (encAlg.toUpperCase()) { + switch (encAlg.toUpperCase(Locale.ROOT)) { case "RSA": String cipherBase = "RSA/ECB/"; String cipherName; @@ -176,7 +177,7 @@ public static Collection data() throws Exception { break; default: throw new IllegalArgumentException( - "Unknown encryption algorithm: " + encAlg.toUpperCase()); + "Unknown encryption algorithm: " + encAlg.toUpperCase(Locale.ROOT)); } } }