From 2baf51bf642d6808e9b938700944f4cfd9938400 Mon Sep 17 00:00:00 2001
From: Jeroen van Erp <jeroen@hierynomus.com>
Date: Tue, 2 Jun 2020 23:40:08 +0200
Subject: [PATCH] Replace BC ASN.1 dependency with asn-one library

---
 build.gradle                                  |  1 +
 .../schmizz/sshj/signature/SignatureDSA.java  | 22 ++++++++++++-------
 .../sshj/signature/SignatureECDSA.java        | 22 ++++++++++---------
 3 files changed, 27 insertions(+), 18 deletions(-)

diff --git a/build.gradle b/build.gradle
index d7a596165..2d1d17f64 100644
--- a/build.gradle
+++ b/build.gradle
@@ -48,6 +48,7 @@ dependencies {
   implementation "org.bouncycastle:bcprov-jdk15on:$bouncycastleVersion"
   implementation "org.bouncycastle:bcpkix-jdk15on:$bouncycastleVersion"
   implementation "com.jcraft:jzlib:1.1.3"
+  implementation "com.hierynomus:asn-one:0.4.0"
 
   implementation "net.i2p.crypto:eddsa:0.3.0"
 
diff --git a/src/main/java/net/schmizz/sshj/signature/SignatureDSA.java b/src/main/java/net/schmizz/sshj/signature/SignatureDSA.java
index 7179f8ccb..5efb2e79d 100644
--- a/src/main/java/net/schmizz/sshj/signature/SignatureDSA.java
+++ b/src/main/java/net/schmizz/sshj/signature/SignatureDSA.java
@@ -15,15 +15,20 @@
  */
 package net.schmizz.sshj.signature;
 
+import com.hierynomus.asn1.encodingrules.der.DEREncoder;
+import com.hierynomus.asn1.types.ASN1Object;
+import com.hierynomus.asn1.types.constructed.ASN1Sequence;
+import com.hierynomus.asn1.types.primitive.ASN1Integer;
 import net.schmizz.sshj.common.KeyType;
 import net.schmizz.sshj.common.SSHRuntimeException;
-import org.bouncycastle.asn1.*;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.math.BigInteger;
 import java.security.SignatureException;
+import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.List;
 
 /**
  * DSA {@link Signature}
@@ -97,18 +102,19 @@ public boolean verify(byte[] sig) {
      * Encodes the signature as a DER sequence (ASN.1 format).
      */
     private byte[] asnEncode(byte[] sigBlob) throws IOException {
-        byte[] r = new BigInteger(1, Arrays.copyOfRange(sigBlob, 0, 20)).toByteArray();
-        byte[] s = new BigInteger(1, Arrays.copyOfRange(sigBlob, 20, 40)).toByteArray();
+        BigInteger r = new BigInteger(1, Arrays.copyOfRange(sigBlob, 0, 20));
+        BigInteger s = new BigInteger(1, Arrays.copyOfRange(sigBlob, 20, 40));
 
-        ASN1EncodableVector vector = new ASN1EncodableVector();
-        vector.add(new ASN1Integer(r));
+        List<ASN1Object> vector = new ArrayList<ASN1Object>();
+        vector.add(new com.hierynomus.asn1.types.primitive.ASN1Integer(r));
         vector.add(new ASN1Integer(s));
 
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
-        ASN1OutputStream asnOS = new ASN1OutputStream(baos);
+        com.hierynomus.asn1.ASN1OutputStream asn1OutputStream = new com.hierynomus.asn1.ASN1OutputStream(new DEREncoder(), baos);
+
+        asn1OutputStream.writeObject(new ASN1Sequence(vector));
+        asn1OutputStream.flush();
 
-        asnOS.writeObject(new DERSequence(vector));
-        asnOS.flush();
 
         return baos.toByteArray();
     }
diff --git a/src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java b/src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java
index 792836109..51a7ed880 100644
--- a/src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java
+++ b/src/main/java/net/schmizz/sshj/signature/SignatureECDSA.java
@@ -15,18 +15,20 @@
  */
 package net.schmizz.sshj.signature;
 
+import com.hierynomus.asn1.encodingrules.der.DEREncoder;
+import com.hierynomus.asn1.types.ASN1Object;
+import com.hierynomus.asn1.types.constructed.ASN1Sequence;
+import com.hierynomus.asn1.types.primitive.ASN1Integer;
 import net.schmizz.sshj.common.Buffer;
 import net.schmizz.sshj.common.KeyType;
 import net.schmizz.sshj.common.SSHRuntimeException;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.DERSequence;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.math.BigInteger;
 import java.security.SignatureException;
+import java.util.ArrayList;
+import java.util.List;
 
 /** ECDSA {@link Signature} */
 public class SignatureECDSA extends AbstractSignature {
@@ -122,18 +124,18 @@ public boolean verify(byte[] sig) {
      */
     private byte[] asnEncode(byte[] sigBlob) throws IOException {
         Buffer.PlainBuffer sigbuf = new Buffer.PlainBuffer(sigBlob);
-        byte[] r = sigbuf.readBytes();
-        byte[] s = sigbuf.readBytes();
+        BigInteger r = sigbuf.readMPInt();
+        BigInteger s = sigbuf.readMPInt();
 
-        ASN1EncodableVector vector = new ASN1EncodableVector();
+        List<ASN1Object> vector = new ArrayList<ASN1Object>();
         vector.add(new ASN1Integer(r));
         vector.add(new ASN1Integer(s));
 
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
-        ASN1OutputStream asnOS = new ASN1OutputStream(baos);
+        com.hierynomus.asn1.ASN1OutputStream asn1OutputStream = new com.hierynomus.asn1.ASN1OutputStream(new DEREncoder(), baos);
 
-        asnOS.writeObject(new DERSequence(vector));
-        asnOS.flush();
+        asn1OutputStream.writeObject(new ASN1Sequence(vector));
+        asn1OutputStream.flush();
 
         return baos.toByteArray();
     }