Switch TLS Channel ID API from ECPrivateKey to PrivateKey.

This is to accept both the "transparent" and "opaque" ECC private
keys. "Transparent" keys provide structured access to their key
material -- these are instances of ECPrivateKey. "Opaque" private
keys are not required to provide structured (or even any) access to
their key material -- these are instances of PrivateKey.

Change-Id: I3fdc4c46675bde48c72424f1cc8f59c3d6b89f0e

3 files changed, 8 insertions, 9 deletions

diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
index 7e669f8..8320ff6 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/NativeCrypto.java
@@ -23,12 +23,12 @@ import java.net.SocketTimeoutException;
 import java.nio.ByteOrder;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
 import java.security.SignatureException;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
-import java.security.interfaces.ECPrivateKey;
 import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.HashMap;
@@ -761,7 +761,7 @@ public final class NativeCrypto {
     public static native void SSL_use_PKCS8_PrivateKey_for_tls_channel_id(
             long ssl, byte[] pkcs8EncodedPrivateKey) throws SSLException;
 
-    public static void SSL_set1_tls_channel_id(long ssl, ECPrivateKey privateKey)
+    public static void SSL_set1_tls_channel_id(long ssl, PrivateKey privateKey)
             throws SSLException {
         if (privateKey == null) {
             throw new NullPointerException("privateKey == null");
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
index 777c5b3..21f6127 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSocketImpl.java
@@ -30,7 +30,6 @@ import java.security.SecureRandom;
 import java.security.cert.CertificateEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
-import java.security.interfaces.ECPrivateKey;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashSet;
@@ -79,7 +78,7 @@ public class OpenSSLSocketImpl
     /** Whether the TLS Channel ID extension is enabled. This field is server-side only. */
     private boolean channelIdEnabled;
     /** Private key for the TLS Channel ID extension. This field is client-side only. */
-    private ECPrivateKey channelIdPrivateKey;
+    private PrivateKey channelIdPrivateKey;
     private OpenSSLSessionImpl sslSession;
     private final Socket socket;
     private boolean autoClose;
@@ -858,13 +857,13 @@ public class OpenSSLSocketImpl
      * <p>This method needs to be invoked before the handshake starts.
      *
      * @param privateKey private key (enables TLS Channel ID) or {@code null} for no key (disables
-     *        TLS Channel ID). The private key is an Elliptic Curve (EC) key based on the NIST
+     *        TLS Channel ID). The private key must be an Elliptic Curve (EC) key based on the NIST
      *        P-256 curve (aka SECG secp256r1 or ANSI X9.62 prime256v1).
      *
      * @throws IllegalStateException if this is a server socket or if the handshake has already
      *         started.
      */
-    public void setChannelIdPrivateKey(ECPrivateKey privateKey) {
+    public void setChannelIdPrivateKey(PrivateKey privateKey) {
         if (!getUseClientMode()) {
             throw new IllegalStateException("Server mode");
         }
diff --git a/luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java b/luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
index fba683b..f456f3e 100644
--- a/luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
+++ b/luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
@@ -29,10 +29,10 @@ import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.KeyStore;
 import java.security.KeyStore.PrivateKeyEntry;
+import java.security.PrivateKey;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.DSAPublicKey;
-import java.security.interfaces.ECPrivateKey;
 import java.security.interfaces.ECPublicKey;
 import java.security.interfaces.RSAPrivateCrtKey;
 import java.security.interfaces.RSAPublicKey;
@@ -72,7 +72,7 @@ public class NativeCryptoTest extends TestCase {
     private static byte[] CLIENT_PRIVATE_KEY;
     private static byte[][] CLIENT_CERTIFICATES;
     private static byte[][] CA_PRINCIPALS;
-    private static ECPrivateKey CHANNEL_ID_PRIVATE_KEY;
+    private static PrivateKey CHANNEL_ID_PRIVATE_KEY;
     private static byte[] CHANNEL_ID;
 
     @Override
@@ -613,7 +613,7 @@ public class NativeCryptoTest extends TestCase {
     private static final boolean DEBUG = false;
 
     public static class Hooks {
-        private ECPrivateKey channelIdPrivateKey;
+        private PrivateKey channelIdPrivateKey;
 
         public long getContext() throws SSLException {
             return NativeCrypto.SSL_CTX_new();