diff options
| author | mark <mark@138bc75d-0d04-0410-961f-82ee72b054a4> | 2006-08-14 23:12:35 +0000 |
|---|---|---|
| committer | mark <mark@138bc75d-0d04-0410-961f-82ee72b054a4> | 2006-08-14 23:12:35 +0000 |
| commit | ffde862e033a0825e1e9972a89c0f1f80b261a8e (patch) | |
| tree | 97037d2c09c8384d80531f67ec36a01205df6bdb /libjava/classpath/gnu/javax/crypto/key/dh | |
| parent | b415ff10527e977c3758234fd930e2c027bfa17d (diff) | |
| download | ppe42-gcc-ffde862e033a0825e1e9972a89c0f1f80b261a8e.tar.gz ppe42-gcc-ffde862e033a0825e1e9972a89c0f1f80b261a8e.zip | |
2006-08-14 Mark Wielaard <mark@klomp.org>
Imported GNU Classpath 0.92
* HACKING: Add more importing hints. Update automake version
requirement.
* configure.ac (gconf-peer): New enable AC argument.
Add --disable-gconf-peer and --enable-default-preferences-peer
to classpath configure when gconf is disabled.
* scripts/makemake.tcl: Set gnu/java/util/prefs/gconf and
gnu/java/awt/dnd/peer/gtk to bc. Classify
gnu/java/security/Configuration.java as generated source file.
* gnu/java/lang/management/VMGarbageCollectorMXBeanImpl.java,
gnu/java/lang/management/VMMemoryPoolMXBeanImpl.java,
gnu/java/lang/management/VMClassLoadingMXBeanImpl.java,
gnu/java/lang/management/VMRuntimeMXBeanImpl.java,
gnu/java/lang/management/VMMemoryManagerMXBeanImpl.java,
gnu/java/lang/management/VMThreadMXBeanImpl.java,
gnu/java/lang/management/VMMemoryMXBeanImpl.java,
gnu/java/lang/management/VMCompilationMXBeanImpl.java: New VM stub
classes.
* java/lang/management/VMManagementFactory.java: Likewise.
* java/net/VMURLConnection.java: Likewise.
* gnu/java/nio/VMChannel.java: Likewise.
* java/lang/Thread.java (getState): Add stub implementation.
* java/lang/Class.java (isEnum): Likewise.
* java/lang/Class.h (isEnum): Likewise.
* gnu/awt/xlib/XToolkit.java (getClasspathTextLayoutPeer): Removed.
* javax/naming/spi/NamingManager.java: New override for StackWalker
functionality.
* configure, sources.am, Makefile.in, gcj/Makefile.in,
include/Makefile.in, testsuite/Makefile.in: Regenerated.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@116139 138bc75d-0d04-0410-961f-82ee72b054a4
Diffstat (limited to 'libjava/classpath/gnu/javax/crypto/key/dh')
14 files changed, 448 insertions, 705 deletions
diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java index 34fb007066b..98ea4765375 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairPKCS8Codec.java @@ -98,6 +98,13 @@ public class DHKeyPairPKCS8Codec * q INTEGER -- factor of p-1 * } * </pre> + * <p> + * <b>IMPORTANT</b>: with RI's {@link javax.crypto.spec.DHGenParameterSpec} + * and {@link javax.crypto.spec.DHParameterSpec} classes, we may end up with + * Diffie-Hellman keys that have a <code>null</code> for the <code>q</code> + * parameter. RFC-2631 DOES NOT allow for an <i>optional</i> value for that + * parameter, hence we replace such null values with <code>0</code>, and do + * the reverse in the corresponding decode method. * * @return the DER encoded form of the ASN.1 representation of the * <i>PrivateKeyInfo</i> field in an X.509 certificate. @@ -117,6 +124,8 @@ public class DHKeyPairPKCS8Codec BigInteger p = pk.getParams().getP(); BigInteger g = pk.getParams().getG(); BigInteger q = pk.getQ(); + if (q == null) + q = BigInteger.ZERO; BigInteger x = pk.getX(); ArrayList params = new ArrayList(3); @@ -212,6 +221,8 @@ public class DHKeyPairPKCS8Codec val = der.read(); DerUtil.checkIsBigInteger(val, "Wrong Q field"); q = (BigInteger) val.getValue(); + if (q.compareTo(BigInteger.ZERO) == 0) + q = null; val = der.read(); byte[] xBytes = (byte[]) val.getValue(); diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java index c0ff82bea52..aefcd5ff4fb 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairRawCodec.java @@ -47,62 +47,49 @@ import java.security.PrivateKey; import java.security.PublicKey; /** - * <p>An object that implements the {@link IKeyPairCodec} operations for the - * <i>Raw</i> format to use with Diffie-Hellman keypairs.</p> + * An object that implements the {@link IKeyPairCodec} operations for the + * <i>Raw</i> format to use with Diffie-Hellman keypairs. */ -public class DHKeyPairRawCodec implements IKeyPairCodec +public class DHKeyPairRawCodec + implements IKeyPairCodec { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - - // implicit 0-arguments ctor - - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // gnu.crypto.keys.IKeyPairCodec interface implementation ------------------- - public int getFormatID() { return RAW_FORMAT; } /** - * <p>Returns the encoded form of the designated Diffie-Hellman public key - * according to the <i>Raw</i> format supported by this library.</p> - * - * <p>The <i>Raw</i> format for a DH public key, in this implementation, is - * a byte sequence consisting of the following:</p> - * + * Returns the encoded form of the designated Diffie-Hellman public key + * according to the <i>Raw</i> format supported by this library. + * <p> + * The <i>Raw</i> format for a DH public key, in this implementation, is a + * byte sequence consisting of the following: * <ol> - * <li>4-byte magic consisting of the value of the literal - * {@link Registry#MAGIC_RAW_DH_PUBLIC_KEY},<li> - * <li>1-byte version consisting of the constant: 0x01,</li> - * <li>4-byte count of following bytes representing the DH parameter - * <code>q</code> in internet order,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DH parameter <code>q</code>,</li> - * <li>4-byte count of following bytes representing the DH parameter - * <code>p</code> in internet order,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DH parameter <code>p</code>,</li> - * <li>4-byte count of following bytes representing the DH parameter - * <code>g</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DH parameter <code>g</code>,</li> - * <li>4-byte count of following bytes representing the DH parameter - * <code>y</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DH parameter <code>y</code>,</li> + * <li>4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DH_PUBLIC_KEY},</li> + * <li>1-byte version consisting of the constant: 0x01,</li> + * <li>4-byte count of following bytes representing the DH parameter + * <code>q</code> in internet order,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DH parameter <code>q</code>, + * </li> + * <li>4-byte count of following bytes representing the DH parameter + * <code>p</code> in internet order,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DH parameter <code>p</code>, + * </li> + * <li>4-byte count of following bytes representing the DH parameter + * <code>g</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DH parameter <code>g</code>, + * </li> + * <li>4-byte count of following bytes representing the DH parameter + * <code>y</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DH parameter <code>y</code>, + * </li> * </ol> - * + * * @param key the key to encode. * @return the <i>Raw</i> format encoding of the designated key. * @throws IllegalArgumentException if the designated key is not a DH one. @@ -110,59 +97,49 @@ public class DHKeyPairRawCodec implements IKeyPairCodec */ public byte[] encodePublicKey(PublicKey key) { - if (!(key instanceof GnuDHPublicKey)) - { - throw new IllegalArgumentException("key"); - } - + if (! (key instanceof GnuDHPublicKey)) + throw new IllegalArgumentException("key"); GnuDHPublicKey dhKey = (GnuDHPublicKey) key; ByteArrayOutputStream baos = new ByteArrayOutputStream(); - // magic baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[0]); baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[1]); baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[2]); baos.write(Registry.MAGIC_RAW_DH_PUBLIC_KEY[3]); - // version baos.write(0x01); - // q byte[] buffer = dhKey.getQ().toByteArray(); int length = buffer.length; - baos.write(length >>> 24); + baos.write( length >>> 24); baos.write((length >>> 16) & 0xFF); - baos.write((length >>> 8) & 0xFF); - baos.write(length & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); baos.write(buffer, 0, length); - // p buffer = dhKey.getParams().getP().toByteArray(); length = buffer.length; - baos.write(length >>> 24); + baos.write( length >>> 24); baos.write((length >>> 16) & 0xFF); - baos.write((length >>> 8) & 0xFF); - baos.write(length & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); baos.write(buffer, 0, length); - // g buffer = dhKey.getParams().getG().toByteArray(); length = buffer.length; - baos.write(length >>> 24); + baos.write( length >>> 24); baos.write((length >>> 16) & 0xFF); - baos.write((length >>> 8) & 0xFF); - baos.write(length & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); baos.write(buffer, 0, length); - // y buffer = dhKey.getY().toByteArray(); length = buffer.length; - baos.write(length >>> 24); + baos.write( length >>> 24); baos.write((length >>> 16) & 0xFF); - baos.write((length >>> 8) & 0xFF); - baos.write(length & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); baos.write(buffer, 0, length); - return baos.toByteArray(); } @@ -173,83 +150,84 @@ public class DHKeyPairRawCodec implements IKeyPairCodec || k[1] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[1] || k[2] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[2] || k[3] != Registry.MAGIC_RAW_DH_PUBLIC_KEY[3]) - { - throw new IllegalArgumentException("magic"); - } - + throw new IllegalArgumentException("magic"); // version if (k[4] != 0x01) - { - throw new IllegalArgumentException("version"); - } + throw new IllegalArgumentException("version"); int i = 5; int l; byte[] buffer; - // q - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger q = new BigInteger(1, buffer); - // p - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger p = new BigInteger(1, buffer); - // g - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger g = new BigInteger(1, buffer); - // y - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger y = new BigInteger(1, buffer); - return new GnuDHPublicKey(q, p, g, y); } /** - * <p>Returns the encoded form of the designated Diffie-Hellman private key - * according to the <i>Raw</i> format supported by this library.</p> - * - * <p>The <i>Raw</i> format for a DH private key, in this implementation, is - * a byte sequence consisting of the following:</p> - * + * Returns the encoded form of the designated Diffie-Hellman private key + * according to the <i>Raw</i> format supported by this library. + * <p> + * The <i>Raw</i> format for a DH private key, in this implementation, is a + * byte sequence consisting of the following: * <ol> - * <li>4-byte magic consisting of the value of the literal - * {@link Registry#MAGIC_RAW_DH_PRIVATE_KEY},<li> - * <li>1-byte version consisting of the constant: 0x01,</li> - * <li>4-byte count of following bytes representing the DH parameter - * <code>q</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DH parameter <code>q</code>,</li> - * <li>4-byte count of following bytes representing the DH parameter - * <code>p</code> in internet order,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DH parameter <code>p</code>,</li> - * <li>4-byte count of following bytes representing the DH parameter - * <code>g</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DH parameter <code>g</code>,</li> - * <li>4-byte count of following bytes representing the DH parameter - * <code>x</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DH parameter <code>x</code>,</li> + * <li>4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DH_PRIVATE_KEY},</li> + * <li>1-byte version consisting of the constant: 0x01,</li> + * <li>4-byte count of following bytes representing the DH parameter + * <code>q</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DH parameter <code>q</code>, + * </li> + * <li>4-byte count of following bytes representing the DH parameter + * <code>p</code> in internet order,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DH parameter <code>p</code>, + * </li> + * <li>4-byte count of following bytes representing the DH parameter + * <code>g</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DH parameter <code>g</code>, + * </li> + * <li>4-byte count of following bytes representing the DH parameter + * <code>x</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DH parameter <code>x</code>, + * </li> * </ol> - * + * * @param key the key to encode. * @return the <i>Raw</i> format encoding of the designated key. * @throws IllegalArgumentException if the designated key is not a DH one. @@ -257,59 +235,49 @@ public class DHKeyPairRawCodec implements IKeyPairCodec */ public byte[] encodePrivateKey(PrivateKey key) { - if (!(key instanceof GnuDHPrivateKey)) - { - throw new IllegalArgumentException("key"); - } - + if (! (key instanceof GnuDHPrivateKey)) + throw new IllegalArgumentException("key"); GnuDHPrivateKey dhKey = (GnuDHPrivateKey) key; ByteArrayOutputStream baos = new ByteArrayOutputStream(); - // magic baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[0]); baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[1]); baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[2]); baos.write(Registry.MAGIC_RAW_DH_PRIVATE_KEY[3]); - // version baos.write(0x01); - // q byte[] buffer = dhKey.getQ().toByteArray(); int length = buffer.length; - baos.write(length >>> 24); + baos.write( length >>> 24); baos.write((length >>> 16) & 0xFF); - baos.write((length >>> 8) & 0xFF); - baos.write(length & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); baos.write(buffer, 0, length); - // p buffer = dhKey.getParams().getP().toByteArray(); length = buffer.length; - baos.write(length >>> 24); + baos.write( length >>> 24); baos.write((length >>> 16) & 0xFF); - baos.write((length >>> 8) & 0xFF); - baos.write(length & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); baos.write(buffer, 0, length); - // g buffer = dhKey.getParams().getG().toByteArray(); length = buffer.length; - baos.write(length >>> 24); + baos.write( length >>> 24); baos.write((length >>> 16) & 0xFF); - baos.write((length >>> 8) & 0xFF); - baos.write(length & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); baos.write(buffer, 0, length); - // x buffer = dhKey.getX().toByteArray(); length = buffer.length; - baos.write(length >>> 24); + baos.write( length >>> 24); baos.write((length >>> 16) & 0xFF); - baos.write((length >>> 8) & 0xFF); - baos.write(length & 0xFF); + baos.write((length >>> 8) & 0xFF); + baos.write( length & 0xFF); baos.write(buffer, 0, length); - return baos.toByteArray(); } @@ -320,51 +288,49 @@ public class DHKeyPairRawCodec implements IKeyPairCodec || k[1] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[1] || k[2] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[2] || k[3] != Registry.MAGIC_RAW_DH_PRIVATE_KEY[3]) - { - throw new IllegalArgumentException("magic"); - } - + throw new IllegalArgumentException("magic"); // version if (k[4] != 0x01) - { - throw new IllegalArgumentException("version"); - } + throw new IllegalArgumentException("version"); int i = 5; int l; byte[] buffer; - // q - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger q = new BigInteger(1, buffer); - // p - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger p = new BigInteger(1, buffer); - // g - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger g = new BigInteger(1, buffer); - // x - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger x = new BigInteger(1, buffer); - return new GnuDHPrivateKey(q, p, g, x); } } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java index 7e8688bd3a4..5da396a1da6 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DHKeyPairX509Codec.java @@ -97,6 +97,13 @@ public class DHKeyPairX509Codec * <pre> * DHPublicKey ::= INTEGER -- public key, y = g^x mod p * </pre> + * <p> + * <b>IMPORTANT</b>: with RI's {@link javax.crypto.spec.DHGenParameterSpec} + * and {@link javax.crypto.spec.DHParameterSpec} classes, we may end up with + * Diffie-Hellman keys that have a <code>null</code> for the <code>q</code> + * parameter. RFC-2631 DOES NOT allow for an <i>optional</i> value for that + * parameter, hence we replace such null values with <code>0</code>, and do + * the reverse in the corresponding decode method. * * @param key the {@link PublicKey} instance to encode. MUST be an instance of * {@link GnuDHPublicKey}. @@ -117,6 +124,8 @@ public class DHKeyPairX509Codec BigInteger p = dhKey.getParams().getP(); BigInteger g = dhKey.getParams().getG(); BigInteger q = dhKey.getQ(); + if (q == null) + q = BigInteger.ZERO; BigInteger y = dhKey.getY(); DERValue derP = new DERValue(DER.INTEGER, p); @@ -212,6 +221,8 @@ public class DHKeyPairX509Codec val = der.read(); DerUtil.checkIsBigInteger(val, "Wrong Q field"); q = (BigInteger) val.getValue(); + if (q.compareTo(BigInteger.ZERO) == 0) + q = null; val = der.read(); if (! (val.getValue() instanceof BitString)) diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java index 5b1caa7d1b5..2443950549a 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanKeyAgreement.java @@ -49,78 +49,63 @@ import java.math.BigInteger; import javax.crypto.interfaces.DHPrivateKey; /** - * <p>The basic version of the Diffie-Hellman key agreement is described in the - * Handbook of Applied Cryptography [HAC] as follows:</p> + * The basic version of the Diffie-Hellman key agreement is described in the + * Handbook of Applied Cryptography [HAC] as follows: * <ul> - * <li>An appropriate prime p and generator g of Z<sub>p</sub><sup>*</sup> - * (2 <= g <= p-2) are selected and published.</li> - * <li>A and B each send the other one message over an open channel; as a - * result, they both can then compute a shared secret key K which they can - * use to protect their future communication.</li> - * <li>A chooses a random secret x, 1 <= x <= p-2, and sends B message - * (1) which is g^x mod p.</li> - * <li>B chooses a random secret y, 1 <= y <= p-2, and sends A message - * (2) which is g^y mod p.</li> - * <li>B receives message (1) and computes the shared key as K = (g^x)^y mod - * p.</li> - * <li>A receives message (2) and computes the shared key as K = (g^y)^x mod - * p.</li> + * <li>An appropriate prime p and generator g of Z<sub>p</sub><sup>*</sup> + * (2 <= g <= p-2) are selected and published.</li> + * <li>A and B each send the other one message over an open channel; as a + * result, they both can then compute a shared secret key K which they can use + * to protect their future communication.</li> + * <li>A chooses a random secret x, 1 <= x <= p-2, and sends B message + * (1) which is g^x mod p.</li> + * <li>B chooses a random secret y, 1 <= y <= p-2, and sends A message + * (2) which is g^y mod p.</li> + * <li>B receives message (1) and computes the shared key as K = (g^x)^y mod p. + * </li> + * <li>A receives message (2) and computes the shared key as K = (g^y)^x mod p. + * </li> * </ul> - * - * <p>RFC-2631 describes a <i>Static-Static Mode</i> of operations with - * Diffie-Hellman keypairs as follows:</p> + * <p> + * RFC-2631 describes a <i>Static-Static Mode</i> of operations with + * Diffie-Hellman keypairs as follows: * <pre> - * "In Static-Static mode, both the sender and the recipient have a - static (and certified) key pair. Since the sender's and recipient's - keys are therefore the same for each message, ZZ will be the same for - each message. Thus, partyAInfo MUST be used (and different for each - message) in order to ensure that different messages use different - KEKs. Implementations MAY implement Static-Static mode." + * "In Static-Static mode, both the sender and the recipient have a + * static (and certified) key pair. Since the sender's and recipient's + * keys are therefore the same for each message, ZZ will be the same for + * each message. Thus, partyAInfo MUST be used (and different for each + * message) in order to ensure that different messages use different + * KEKs. Implementations MAY implement Static-Static mode." * </pre> - * - * <p>Reference:</p> + * + * <p> + * Reference: * <ol> - * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key - * Agreement Method</a><br> - * Eric Rescorla.</li> - * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of - * Applied Cryptography.<br> - * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br> - * Menezes, A., van Oorschot, P. and S. Vanstone.</li> + * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key + * Agreement Method</a><br> + * Eric Rescorla.</li> + * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of + * Applied Cryptography.<br> + * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br> + * Menezes, A., van Oorschot, P. and S. Vanstone.</li> * </ol> */ -public abstract class DiffieHellmanKeyAgreement extends BaseKeyAgreementParty +public abstract class DiffieHellmanKeyAgreement + extends BaseKeyAgreementParty { - - // Constants and variables - // ------------------------------------------------------------------------- - public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.dh.ka.prng"; - - public static final String KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY = "gnu.crypto.dh.ka.owner.private.key"; - + public static final String KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY = + "gnu.crypto.dh.ka.owner.private.key"; /** The key agreement party's private key. */ protected DHPrivateKey ownerKey; - /** The shared secret key. */ protected BigInteger ZZ; - // Constructor(s) - // ------------------------------------------------------------------------- - protected DiffieHellmanKeyAgreement() { super(Registry.DH_KA); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // implementation of common abstract methods in BaseKeyAGreementParty ------ - protected byte[] engineSharedSecret() throws KeyAgreementException { return Util.trim(ZZ); diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java index 4a3664d6a8d..ab1023ad3b5 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanReceiver.java @@ -51,50 +51,30 @@ import java.util.Map; import javax.crypto.interfaces.DHPrivateKey; /** - * <p>This implementation is the receiver's part of the basic version of the - * Diffie-Hellman key agreement exchange (B in [HAC]).</p> - * + * This implementation is the receiver's part of the basic version of the + * Diffie-Hellman key agreement exchange (B in [HAC]). + * * @see DiffieHellmanKeyAgreement */ -public class DiffieHellmanReceiver extends DiffieHellmanKeyAgreement +public class DiffieHellmanReceiver + extends DiffieHellmanKeyAgreement { - - // Constants and variables - // ------------------------------------------------------------------------- - private BigInteger y; // the receiver's random secret - // Constructor(s) - // ------------------------------------------------------------------------- - // default 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // implementation of abstract methods in base class ------------------------ - protected void engineInit(Map attributes) throws KeyAgreementException { Object random = attributes.get(SOURCE_OF_RANDOMNESS); rnd = null; irnd = null; if (random instanceof SecureRandom) - { - rnd = (SecureRandom) random; - } + rnd = (SecureRandom) random; else if (random instanceof IRandom) - { - irnd = (IRandom) random; - } + irnd = (IRandom) random; ownerKey = (DHPrivateKey) attributes.get(KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY); if (ownerKey == null) - { - throw new KeyAgreementException("missing owner's private key"); - } + throw new KeyAgreementException("missing owner's private key"); } protected OutgoingMessage engineProcessMessage(IncomingMessage in) @@ -109,20 +89,14 @@ public class DiffieHellmanReceiver extends DiffieHellmanKeyAgreement } } - // own methods ------------------------------------------------------------- - private OutgoingMessage computeSharedSecret(IncomingMessage in) throws KeyAgreementException { BigInteger m1 = in.readMPI(); if (m1 == null) - { - throw new KeyAgreementException("missing message (1)"); - } - + throw new KeyAgreementException("missing message (1)"); BigInteger p = ownerKey.getParams().getP(); BigInteger g = ownerKey.getParams().getG(); - // B chooses a random integer y, 1 <= y <= p-2 // rfc-2631 restricts y to only be in [2, p-1] BigInteger p_minus_2 = p.subtract(TWO); @@ -132,16 +106,12 @@ public class DiffieHellmanReceiver extends DiffieHellmanKeyAgreement nextRandomBytes(xBytes); y = new BigInteger(1, xBytes); } - while (!(y.compareTo(TWO) >= 0 && y.compareTo(p_minus_2) <= 0)); - + while (! (y.compareTo(TWO) >= 0 && y.compareTo(p_minus_2) <= 0)); ZZ = m1.modPow(y, p); // ZZ = (yb ^ xa) mod p - complete = true; - // B sends A the message: g^y mod p OutgoingMessage result = new OutgoingMessage(); result.writeMPI(g.modPow(y, p)); // message (2) - return result; } } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java index 0be82bfb492..52a030d678c 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/DiffieHellmanSender.java @@ -51,50 +51,30 @@ import java.util.Map; import javax.crypto.interfaces.DHPrivateKey; /** - * <p>This implementation is the sender's part of the basic version of the - * Diffie-Hellman key agreement exchange (A in [HAC]).</p> - * + * This implementation is the sender's part of the basic version of the + * Diffie-Hellman key agreement exchange (A in [HAC]). + * * @see DiffieHellmanKeyAgreement */ -public class DiffieHellmanSender extends DiffieHellmanKeyAgreement +public class DiffieHellmanSender + extends DiffieHellmanKeyAgreement { - - // Constants and variables - // ------------------------------------------------------------------------- - private BigInteger x; // the sender's random secret - // Constructor(s) - // ------------------------------------------------------------------------- - // default 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // implementation of abstract methods in base class ------------------------ - protected void engineInit(Map attributes) throws KeyAgreementException { Object random = attributes.get(SOURCE_OF_RANDOMNESS); rnd = null; irnd = null; if (random instanceof SecureRandom) - { - rnd = (SecureRandom) random; - } + rnd = (SecureRandom) random; else if (random instanceof IRandom) - { - irnd = (IRandom) random; - } + irnd = (IRandom) random; ownerKey = (DHPrivateKey) attributes.get(KA_DIFFIE_HELLMAN_OWNER_PRIVATE_KEY); if (ownerKey == null) - { - throw new KeyAgreementException("missing owner's private key"); - } + throw new KeyAgreementException("missing owner's private key"); } protected OutgoingMessage engineProcessMessage(IncomingMessage in) @@ -111,14 +91,11 @@ public class DiffieHellmanSender extends DiffieHellmanKeyAgreement } } - // own methods ------------------------------------------------------------- - private OutgoingMessage sendRandomSecret(IncomingMessage in) throws KeyAgreementException { BigInteger p = ownerKey.getParams().getP(); BigInteger g = ownerKey.getParams().getG(); - // A chooses a random integer x, 1 <= x <= p-2 // rfc-2631 restricts x to only be in [2, p-1] BigInteger p_minus_2 = p.subtract(TWO); @@ -128,12 +105,10 @@ public class DiffieHellmanSender extends DiffieHellmanKeyAgreement nextRandomBytes(xBytes); x = new BigInteger(1, xBytes); } - while (!(x.compareTo(TWO) >= 0 && x.compareTo(p_minus_2) <= 0)); - + while (! (x.compareTo(TWO) >= 0 && x.compareTo(p_minus_2) <= 0)); // A sends B the message: g^x mod p OutgoingMessage result = new OutgoingMessage(); result.writeMPI(g.modPow(x, p)); - return result; } @@ -142,13 +117,9 @@ public class DiffieHellmanSender extends DiffieHellmanKeyAgreement { BigInteger m1 = in.readMPI(); if (m1 == null) - { - throw new KeyAgreementException("missing message (2)"); - } - + throw new KeyAgreementException("missing message (2)"); BigInteger p = ownerKey.getParams().getP(); - ZZ = m1.modPow(x, p); // ZZ = (yb ^ xa) mod p - + ZZ = m1.modPow(x, p); // ZZ = (yb ^ xa) mod p complete = true; return null; } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java index 1c4e11ce26b..967eda3f508 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalKeyAgreement.java @@ -47,77 +47,62 @@ import gnu.javax.crypto.key.KeyAgreementException; import java.math.BigInteger; /** - * <p>The ElGamal key agreement, also known as the half-certified Diffie-Hellman + * The ElGamal key agreement, also known as the half-certified Diffie-Hellman * key agreement, is described in the Handbook of Applied Cryptography [HAC] as - * follows:</p> + * follows: * <ul> - * <li>A sends to B a single message allowing one-pass key agreement.</li> - * <li>A obtains an authentic copy of B's public key (p, g, yb), where - * yb = g**xb.</li> - * <li>A chooses a random integer x, 1 <= x <= p-2, and sends B the - * message g**x. A computes the shared secret key K as yb**x.</li> - * <li>B computes the same key K on receipt of the previous message as - * (g**x)**xb.</li> + * <li>A sends to B a single message allowing one-pass key agreement.</li> + * <li>A obtains an authentic copy of B's public key (p, g, yb), where yb = + * g**xb.</li> + * <li>A chooses a random integer x, 1 <= x <= p-2, and sends B the + * message g**x. A computes the shared secret key K as yb**x.</li> + * <li>B computes the same key K on receipt of the previous message as + * (g**x)**xb.</li> * </ul> - * - * <p>RFC-2631 describes an <i>Ephemeral-Static Mode</i> of operations with - * Diffie-Hellman keypairs as follows:</p> + * <p> + * RFC-2631 describes an <i>Ephemeral-Static Mode</i> of operations with + * Diffie-Hellman keypairs as follows: * <pre> - * "In Ephemeral-Static mode, the recipient has a static (and certified) - * key pair, but the sender generates a new key pair for each message - * and sends it using the originatorKey production. If the sender's key - * is freshly generated for each message, the shared secret ZZ will be - * similarly different for each message and partyAInfo MAY be omitted, - * since it serves merely to decouple multiple KEKs generated by the - * same set of pairwise keys. If, however, the same ephemeral sender key - * is used for multiple messages (e.g. it is cached as a performance - * optimization) then a separate partyAInfo MUST be used for each - * message. All implementations of this standard MUST implement - * Ephemeral-Static mode." + * "In Ephemeral-Static mode, the recipient has a static (and certified) + * key pair, but the sender generates a new key pair for each message + * and sends it using the originatorKey production. If the sender's key + * is freshly generated for each message, the shared secret ZZ will be + * similarly different for each message and partyAInfo MAY be omitted, + * since it serves merely to decouple multiple KEKs generated by the + * same set of pairwise keys. If, however, the same ephemeral sender key + * is used for multiple messages (e.g. it is cached as a performance + * optimization) then a separate partyAInfo MUST be used for each + * message. All implementations of this standard MUST implement + * Ephemeral-Static mode." * </pre> - * - * <p>Reference:</p> + * <p> + * Reference: * <ol> - * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key - * Agreement Method</a><br> - * Eric Rescorla.</li> - * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of - * Applied Cryptography.<br> - * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br> - * Menezes, A., van Oorschot, P. and S. Vanstone.</li> + * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key + * Agreement Method</a><br> + * Eric Rescorla.</li> + * <li><a href="http://www.cacr.math.uwaterloo.ca/hac">[HAC]</a>: Handbook of + * Applied Cryptography.<br> + * CRC Press, Inc. ISBN 0-8493-8523-7, 1997<br> + * Menezes, A., van Oorschot, P. and S. Vanstone.</li> * </ol> */ -public abstract class ElGamalKeyAgreement extends BaseKeyAgreementParty +public abstract class ElGamalKeyAgreement + extends BaseKeyAgreementParty { - - // Constants and variables - // ------------------------------------------------------------------------- - public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.elgamal.ka.prng"; - - public static final String KA_ELGAMAL_RECIPIENT_PRIVATE_KEY = "gnu.crypto.elgamal.ka.recipient.private.key"; - - public static final String KA_ELGAMAL_RECIPIENT_PUBLIC_KEY = "gnu.crypto.elgamal.ka.recipient.public.key"; - + public static final String KA_ELGAMAL_RECIPIENT_PRIVATE_KEY = + "gnu.crypto.elgamal.ka.recipient.private.key"; + public static final String KA_ELGAMAL_RECIPIENT_PUBLIC_KEY = + "gnu.crypto.elgamal.ka.recipient.public.key"; /** The shared secret key. */ protected BigInteger ZZ; - // Constructor(s) - // ------------------------------------------------------------------------- - protected ElGamalKeyAgreement() { super(Registry.ELGAMAL_KA); } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // implementation of common abstract methods in BaseKeyAGreementParty ------ - protected byte[] engineSharedSecret() throws KeyAgreementException { return Util.trim(ZZ); diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java index 24776cba174..bf9b4fb1f0f 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalReceiver.java @@ -49,33 +49,19 @@ import java.util.Map; import javax.crypto.interfaces.DHPrivateKey; /** - * <p>This implementation is the receiver's part of the ElGamal key agreement - * exchange (B in [HAC]).</p> - * + * This implementation is the receiver's part of the ElGamal key agreement + * exchange (B in [HAC]). + * * @see ElGamalKeyAgreement */ -public class ElGamalReceiver extends ElGamalKeyAgreement +public class ElGamalReceiver + extends ElGamalKeyAgreement { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The recipient's private key. */ private DHPrivateKey B; - // Constructor(s) - // ------------------------------------------------------------------------- - // default 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // implementation of abstract methods in base class ------------------------ - protected void engineInit(Map attributes) throws KeyAgreementException { rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); @@ -83,9 +69,7 @@ public class ElGamalReceiver extends ElGamalKeyAgreement // a keypair and publishes its public key B = (DHPrivateKey) attributes.get(KA_ELGAMAL_RECIPIENT_PRIVATE_KEY); if (B == null) - { - throw new KeyAgreementException("missing recipient private key"); - } + throw new KeyAgreementException("missing recipient private key"); } protected OutgoingMessage engineProcessMessage(IncomingMessage in) @@ -100,8 +84,6 @@ public class ElGamalReceiver extends ElGamalKeyAgreement } } - // own methods ------------------------------------------------------------- - private OutgoingMessage computeSharedSecret(IncomingMessage in) throws KeyAgreementException { @@ -109,12 +91,8 @@ public class ElGamalReceiver extends ElGamalKeyAgreement // K = (g^x)^xb mod p BigInteger m1 = in.readMPI(); if (m1 == null) - { - throw new KeyAgreementException("missing message (1)"); - } - + throw new KeyAgreementException("missing message (1)"); ZZ = m1.modPow(B.getX(), B.getParams().getP()); // ZZ = (ya ^ xb) mod p - complete = true; return null; } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java index a2de80a6766..cdd1ef0dac0 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/ElGamalSender.java @@ -49,33 +49,19 @@ import java.util.Map; import javax.crypto.interfaces.DHPublicKey; /** - * <p>This implementation is the sender's part of the ElGamal key agreement - * exchange (A in [HAC]).</p> - * + * This implementation is the sender's part of the ElGamal key agreement + * exchange (A in [HAC]). + * * @see ElGamalKeyAgreement */ -public class ElGamalSender extends ElGamalKeyAgreement +public class ElGamalSender + extends ElGamalKeyAgreement { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The recipient's public key. */ private DHPublicKey B; - // Constructor(s) - // ------------------------------------------------------------------------- - // default 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // implementation of abstract methods in base class ------------------------ - protected void engineInit(Map attributes) throws KeyAgreementException { rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); @@ -83,9 +69,7 @@ public class ElGamalSender extends ElGamalKeyAgreement // a keypair and publishes its public key B = (DHPublicKey) attributes.get(KA_ELGAMAL_RECIPIENT_PUBLIC_KEY); if (B == null) - { - throw new KeyAgreementException("missing recipient public key"); - } + throw new KeyAgreementException("missing recipient public key"); } protected OutgoingMessage engineProcessMessage(IncomingMessage in) @@ -100,15 +84,12 @@ public class ElGamalSender extends ElGamalKeyAgreement } } - // own methods ------------------------------------------------------------- - private OutgoingMessage computeSharedSecret(IncomingMessage in) throws KeyAgreementException { BigInteger p = B.getParams().getP(); BigInteger g = B.getParams().getG(); BigInteger yb = B.getY(); - // A chooses a random integer x, 1 <= x <= p-2 // rfc-2631 restricts x to only be in [2, p-1] BigInteger p_minus_2 = p.subtract(TWO); @@ -120,14 +101,11 @@ public class ElGamalSender extends ElGamalKeyAgreement x = new BigInteger(1, xBytes); } while (x.compareTo(TWO) >= 0 && x.compareTo(p_minus_2) <= 0); - // A sends B the message: g^x mod p OutgoingMessage result = new OutgoingMessage(); result.writeMPI(g.modPow(x, p)); - // A computes the key as K = (yb)^x mod p ZZ = yb.modPow(x, p); // ZZ = (yb ^ xa) mod p - complete = true; return result; } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java index f1e42d93a3e..1066830c322 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKey.java @@ -39,55 +39,50 @@ exception statement from your version. */ package gnu.javax.crypto.key.dh; import gnu.java.security.Registry; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.util.FormatUtil; import java.math.BigInteger; +import java.security.AccessController; import java.security.Key; import javax.crypto.interfaces.DHKey; import javax.crypto.spec.DHParameterSpec; /** - * <p>A base asbtract class for both public and private Diffie-Hellman keys. It - * encapsulates the two DH numbers: <code>p</code>, and <code>g</code>.</p> - * - * <p>According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>. + * A base asbtract class for both public and private Diffie-Hellman keys. It + * encapsulates the two DH numbers: <code>p</code>, and <code>g</code>. + * <p> + * According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>. * The format used in this implementation is called <i>Raw</i>, and basically * consists of the raw byte sequences of algorithm parameters. The exact order - * of the byte sequences and the implementation details are given in each of - * the relevant <code>getEncoded()</code> methods of each of the private and - * public keys.</p> - * - * <p>Reference:</p> + * of the byte sequences and the implementation details are given in each of the + * relevant <code>getEncoded()</code> methods of each of the private and + * public keys. + * <p> + * Reference: * <ol> - * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key - * Agreement Method</a><br> - * Eric Rescorla.</li> + * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key + * Agreement Method</a><br> + * Eric Rescorla.</li> * </ol> */ -public abstract class GnuDHKey implements Key, DHKey +public abstract class GnuDHKey + implements Key, DHKey { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The public prime q. A prime divisor of p-1. */ protected BigInteger q; - /** The public prime p. */ protected BigInteger p; - /** The generator g. */ protected BigInteger g; - /** - * Identifier of the default encoding format to use when externalizing the - * key material. + * Identifier of the default encoding format to use when externalizing the key + * material. */ protected final int defaultFormat; - - // Constructor(s) - // ------------------------------------------------------------------------- + /** String representation of this key. Cached for speed. */ + private transient String str; /** * Trivial protected constructor. @@ -109,28 +104,13 @@ public abstract class GnuDHKey implements Key, DHKey this.g = g; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // javax.crypto.interfaces.DHKey interface implementation ------------------ - public DHParameterSpec getParams() { if (q == null) - { - return new DHParameterSpec(p, g); - } - else - { - return new DHParameterSpec(p, g, q.bitLength()); - } + return new DHParameterSpec(p, g); + return new DHParameterSpec(p, g, q.bitLength()); } - // java.security.Key interface implementation ------------------------------ - public String getAlgorithm() { return Registry.DH_KPG; @@ -147,38 +127,48 @@ public abstract class GnuDHKey implements Key, DHKey return FormatUtil.getEncodingShortName(defaultFormat); } - // Other instance methods -------------------------------------------------- - public BigInteger getQ() { return q; } /** - * <p>Returns <code>true</code> if the designated object is an instance of - * {@link DHKey} and has the same Diffie-Hellman parameter values as this - * one.</p> - * + * Returns <code>true</code> if the designated object is an instance of + * {@link DHKey} and has the same Diffie-Hellman parameter values as this one. + * * @param obj the other non-null DH key to compare to. - * @return <code>true</code> if the designated object is of the same type and - * value as this one. + * @return <code>true</code> if the designated object is of the same type + * and value as this one. */ public boolean equals(Object obj) { if (obj == null) - { - return false; - } - if (!(obj instanceof DHKey)) - { - return false; - } + return false; + if (! (obj instanceof DHKey)) + return false; DHKey that = (DHKey) obj; return p.equals(that.getParams().getP()) && g.equals(that.getParams().getG()); } - // abstract methods to be implemented by subclasses ------------------------ + public String toString() + { + if (str == null) + { + String ls = (String) AccessController.doPrivileged + (new GetPropertyAction("line.separator")); + StringBuilder sb = new StringBuilder(ls) + .append("defaultFormat=").append(defaultFormat).append(",").append(ls); + if (q == null) + sb.append("q=null,"); + else + sb.append("q=0x").append(q.toString(16)).append(","); + sb.append(ls).append("p=0x").append(p.toString(16)).append(",").append(ls) + .append("g=0x").append(g.toString(16)); + str = sb.toString(); + } + return str; + } public abstract byte[] getEncoded(int format); } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java index 5626a2979a8..13cfd9014a9 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHKeyPairGenerator.java @@ -38,132 +38,84 @@ exception statement from your version. */ package gnu.javax.crypto.key.dh; +import gnu.java.security.Configuration; import gnu.java.security.Registry; import gnu.java.security.hash.Sha160; import gnu.java.security.key.IKeyPairGenerator; import gnu.java.security.util.PRNG; -import java.io.PrintWriter; import java.math.BigInteger; import java.security.KeyPair; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom; import java.util.Map; +import java.util.logging.Logger; import javax.crypto.spec.DHGenParameterSpec; import javax.crypto.spec.DHParameterSpec; /** - * <p>An implementation of a Diffie-Hellman keypair generator.</p> - * - * <p>Reference:</p> + * An implementation of a Diffie-Hellman keypair generator. + * <p> + * Reference: * <ol> - * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key - * Agreement Method</a><br> - * Eric Rescorla.</li> + * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key + * Agreement Method</a><br> + * Eric Rescorla.</li> * </ol> */ -public class GnuDHKeyPairGenerator implements IKeyPairGenerator +public class GnuDHKeyPairGenerator + implements IKeyPairGenerator { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "dh"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 5; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- - + private static final Logger log = Logger.getLogger(GnuDHKeyPairGenerator.class.getName()); /** * Property name of an optional {@link SecureRandom} instance to use. The * default is to use a classloader singleton from {@link PRNG}. */ public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.dh.prng"; - /** * Property name of an optional {@link DHGenParameterSpec} or * {@link DHParameterSpec} instance to use for this generator. */ public static final String DH_PARAMETERS = "gnu.crypto.dh.params"; - /** Property name of the size in bits (Integer) of the public prime (p). */ public static final String PRIME_SIZE = "gnu.crypto.dh.L"; - /** Property name of the size in bits (Integer) of the private exponent (x). */ public static final String EXPONENT_SIZE = "gnu.crypto.dh.m"; - /** * Property name of the preferred encoding format to use when externalizing * generated instance of key-pairs from this generator. The property is taken * to be an {@link Integer} that encapsulates an encoding format identifier. */ public static final String PREFERRED_ENCODING_FORMAT = "gnu.crypto.dh.encoding"; - /** Default value for the size in bits of the public prime (p). */ - // private static final int DEFAULT_PRIME_SIZE = 1024; public static final int DEFAULT_PRIME_SIZE = 512; - /** Default value for the size in bits of the private exponent (x). */ public static final int DEFAULT_EXPONENT_SIZE = 160; - /** Default encoding format to use when none was specified. */ private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID; - /** The SHA instance to use. */ private Sha160 sha = new Sha160(); - /** The optional {@link SecureRandom} instance to use. */ private SecureRandom rnd = null; - /** The desired size in bits of the public prime (p). */ private int l; - /** The desired size in bits of the private exponent (x). */ private int m; - private BigInteger seed; - private BigInteger counter; - private BigInteger q; - private BigInteger p; - private BigInteger j; - private BigInteger g; - /** Our default source of randomness. */ private PRNG prng = null; - /** Preferred encoding format of generated keys. */ private int preferredFormat; - // Constructor(s) - // ------------------------------------------------------------------------- - // default 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // gnu.crypto.keys.IKeyPairGenerator interface implementation --------------- - public String name() { return Registry.DH_KPG; @@ -173,11 +125,9 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator { // do we have a SecureRandom, or should we use our own? rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); - // are we given a set of Diffie-Hellman generation parameters or we shall // use our own? Object params = attributes.get(DH_PARAMETERS); - // find out the desired sizes if (params instanceof DHGenParameterSpec) { @@ -195,7 +145,6 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator g = jceSpec.getG(); l = p.bitLength(); m = jceSpec.getL(); - // If no exponent size was given, generate an exponent as // large as the prime. if (m == 0) @@ -208,21 +157,12 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator bi = (Integer) attributes.get(EXPONENT_SIZE); m = (bi == null ? DEFAULT_EXPONENT_SIZE : bi.intValue()); } - - // if ((L % 256) != 0 || L < 1024) { if ((l % 256) != 0 || l < DEFAULT_PRIME_SIZE) - { - throw new IllegalArgumentException("invalid modulus size"); - } + throw new IllegalArgumentException("invalid modulus size"); if ((m % 8) != 0 || m < DEFAULT_EXPONENT_SIZE) - { - throw new IllegalArgumentException("invalid exponent size"); - } + throw new IllegalArgumentException("invalid exponent size"); if (m > l) - { - throw new IllegalArgumentException("exponent size > modulus size"); - } - + throw new IllegalArgumentException("exponent size > modulus size"); // what is the preferred encoding format Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT @@ -240,22 +180,20 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator p = params[RFC2631.DH_PARAMS_P]; j = params[RFC2631.DH_PARAMS_J]; g = params[RFC2631.DH_PARAMS_G]; - if (DEBUG && debuglevel > 0) + if (Configuration.DEBUG) { - debug("seed: 0x" + seed.toString(16)); - debug("counter: " + counter.intValue()); - debug("q: 0x" + q.toString(16)); - debug("p: 0x" + p.toString(16)); - debug("j: 0x" + j.toString(16)); - debug("g: 0x" + g.toString(16)); + log.fine("seed: 0x" + seed.toString(16)); + log.fine("counter: " + counter.intValue()); + log.fine("q: 0x" + q.toString(16)); + log.fine("p: 0x" + p.toString(16)); + log.fine("j: 0x" + j.toString(16)); + log.fine("g: 0x" + g.toString(16)); } } - // generate a private number x of length m such as: 1 < x < q - 1 BigInteger q_minus_1 = null; if (q != null) q_minus_1 = q.subtract(BigInteger.ONE); - // We already check if m is modulo 8 in `setup.' This could just // be m >>> 3. byte[] mag = new byte[(m + 7) / 8]; @@ -266,31 +204,23 @@ public class GnuDHKeyPairGenerator implements IKeyPairGenerator x = new BigInteger(1, mag); if (x.bitLength() == m && x.compareTo(BigInteger.ONE) > 0 && (q_minus_1 == null || x.compareTo(q_minus_1) < 0)) - { - break; - } + break; } BigInteger y = g.modPow(x, p); - PrivateKey secK = new GnuDHPrivateKey(preferredFormat, q, p, g, x); PublicKey pubK = new GnuDHPublicKey(preferredFormat, q, p, g, y); - return new KeyPair(pubK, secK); } - // other methods ----------------------------------------------------------- - /** - * <p>Fills the designated byte array with random data.</p> - * + * Fills the designated byte array with random data. + * * @param buffer the byte array to fill with random data. */ private void nextRandomBytes(byte[] buffer) { if (rnd != null) - { - rnd.nextBytes(buffer); - } + rnd.nextBytes(buffer); else getDefaultPRNG().nextBytes(buffer); } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java index 0e71623b9f7..d8150dcdf02 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPrivateKey.java @@ -38,34 +38,34 @@ exception statement from your version. */ package gnu.javax.crypto.key.dh; +import gnu.java.security.Configuration; import gnu.java.security.Registry; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.key.IKeyPairCodec; import java.math.BigInteger; +import java.security.AccessController; import javax.crypto.interfaces.DHPrivateKey; /** - * <p>An implementation of the Diffie-Hellman private key.</p> - * - * <p>Reference:</p> + * An implementation of the Diffie-Hellman private key. + * <p> + * Reference: * <ol> - * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key - * Agreement Method</a><br> - * Eric Rescorla.</li> + * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key + * Agreement Method</a><br> + * Eric Rescorla.</li> * </ol> */ -public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey +public class GnuDHPrivateKey + extends GnuDHKey + implements DHPrivateKey { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The private exponent. */ private final BigInteger x; - - // Constructor(s) - // ------------------------------------------------------------------------- + /** String representation of this key. Cached for speed. */ + private transient String str; /** * Convenience constructor. Calls the constructor with five arguments passing @@ -92,31 +92,27 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey * @param g the generator of the group. * @param x the private value x. */ - public GnuDHPrivateKey(int preferredFormat, - BigInteger q, BigInteger p, BigInteger g, BigInteger x) + public GnuDHPrivateKey(int preferredFormat, BigInteger q, BigInteger p, + BigInteger g, BigInteger x) { super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID : preferredFormat, q, p, g); - this.x = x; } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>A class method that takes the output of the <code>encodePrivateKey()</code> + * A class method that takes the output of the <code>encodePrivateKey()</code> * method of a DH keypair codec object (an instance implementing * {@link IKeyPairCodec} for DH keys, and re-constructs an instance of this - * object.</p> - * + * object. + * * @param k the contents of a previously encoded instance of this object. - * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, - * in <code>k</code>, to represent a valid encoding of an instance of - * this object. - * @exception IllegalArgumentException if the byte sequence does not - * represent a valid encoding of an instance of this object. + * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, in + * <code>k</code>, to represent a valid encoding of an + * instance of this object. + * @exception IllegalArgumentException if the byte sequence does not represent + * a valid encoding of an instance of this object. */ public static GnuDHPrivateKey valueOf(byte[] k) { @@ -129,32 +125,24 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey catch (IllegalArgumentException ignored) { } - // try PKCS#8 codec return (GnuDHPrivateKey) new DHKeyPairPKCS8Codec().decodePrivateKey(k); } - // Instance methods - // ------------------------------------------------------------------------- - - // javax.crypto.interfaces.DHPrivateKey interface implementation ----------- - public BigInteger getX() { return x; } - // other methods ----------------------------------------------------------- - /** - * <p>Returns the encoded form of this private key according to the - * designated format.</p> - * + * Returns the encoded form of this private key according to the designated + * format. + * * @param format the desired format identifier of the resulting encoding. * @return the byte sequence encoding this key according to the designated - * format. + * format. * @exception IllegalArgumentException if the format is not supported. - * @see gnu.crypto.key.dh.DHKeyPairRawCodec + * @see DHKeyPairRawCodec */ public byte[] getEncoded(int format) { @@ -193,4 +181,20 @@ public class GnuDHPrivateKey extends GnuDHKey implements DHPrivateKey DHPrivateKey that = (DHPrivateKey) obj; return super.equals(that) && x.equals(that.getX()); } + + public String toString() + { + if (str == null) + { + String ls = (String) AccessController.doPrivileged + (new GetPropertyAction("line.separator")); + str = new StringBuilder(this.getClass().getName()).append("(") + .append(super.toString()).append(",").append(ls) + .append("x=0x").append(Configuration.DEBUG ? x.toString(16) + : "**...*").append(ls) + .append(")") + .toString(); + } + return str; + } } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java index 56516c9d0ea..5fb31f38364 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/GnuDHPublicKey.java @@ -39,32 +39,31 @@ exception statement from your version. */ package gnu.javax.crypto.key.dh; import gnu.java.security.Registry; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.key.IKeyPairCodec; import java.math.BigInteger; +import java.security.AccessController; import javax.crypto.interfaces.DHPublicKey; /** - * <p>An implementation of the Diffie-Hellman public key.</p> - * - * <p>Reference:</p> + * An implementation of the Diffie-Hellman public key. + * <p> + * Reference: * <ol> - * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key - * Agreement Method</a><br> - * Eric Rescorla.</li> + * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key + * Agreement Method</a><br> + * Eric Rescorla.</li> * </ol> */ -public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey +public class GnuDHPublicKey + extends GnuDHKey + implements DHPublicKey { - - // Constants and variables - // ------------------------------------------------------------------------- - private BigInteger y; - - // Constructor(s) - // ------------------------------------------------------------------------- + /** String representation of this key. Cached for speed. */ + private transient String str; /** * Convenience constructor. Calls the constructor with five arguments passing @@ -91,31 +90,27 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey * @param g the generator of the group. * @param y the public value y. */ - public GnuDHPublicKey(int preferredFormat, - BigInteger q, BigInteger p, BigInteger g, BigInteger y) + public GnuDHPublicKey(int preferredFormat, BigInteger q, BigInteger p, + BigInteger g, BigInteger y) { super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID : preferredFormat, q, p, g); - this.y = y; } - // Class methods - // ------------------------------------------------------------------------- - /** - * <p>A class method that takes the output of the <code>encodePublicKey()</code> + * A class method that takes the output of the <code>encodePublicKey()</code> * method of a DH keypair codec object (an instance implementing * {@link IKeyPairCodec} for DSS keys, and re-constructs an instance of this - * object.</p> - * - * @param k the contents of a previously encoded instance of this object. - * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, - * in <code>k</code>, to represent a valid encoding of an instance of this * object. - * @exception IllegalArgumentException if the byte sequence does not - * represent a valid encoding of an instance of this object. + * + * @param k the contents of a previously encoded instance of this object. + * @exception ArrayIndexOutOfBoundsException if there is not enough bytes, in + * <code>k</code>, to represent a valid encoding of an + * instance of this object. + * @exception IllegalArgumentException if the byte sequence does not represent + * a valid encoding of an instance of this object. */ public static GnuDHPublicKey valueOf(byte[] k) { @@ -128,30 +123,22 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey catch (IllegalArgumentException ignored) { } - // try X.509 codec return (GnuDHPublicKey) new DHKeyPairX509Codec().decodePublicKey(k); } - // Instance methods - // ------------------------------------------------------------------------- - - // javax.crypto.interfaces.DHPublicKey interface implementation ------------ - public BigInteger getY() { return y; } - // other methods ----------------------------------------------------------- - /** - * <p>Returns the encoded form of this public key according to the designated - * format.</p> - * + * Returns the encoded form of this public key according to the designated + * format. + * * @param format the desired format identifier of the resulting encoding. * @return the byte sequence encoding this key according to the designated - * format. + * format. * @exception IllegalArgumentException if the format is not supported. */ public byte[] getEncoded(int format) @@ -191,4 +178,19 @@ public class GnuDHPublicKey extends GnuDHKey implements DHPublicKey DHPublicKey that = (DHPublicKey) obj; return super.equals(that) && y.equals(that.getY()); } + + public String toString() + { + if (str == null) + { + String ls = (String) AccessController.doPrivileged + (new GetPropertyAction("line.separator")); + str = new StringBuilder(this.getClass().getName()).append("(") + .append(super.toString()).append(",").append(ls) + .append("y=0x").append(y.toString(16)).append(ls) + .append(")") + .toString(); + } + return str; + } } diff --git a/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java b/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java index d6e30b4bc52..673e44864b5 100644 --- a/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java +++ b/libjava/classpath/gnu/javax/crypto/key/dh/RFC2631.java @@ -40,60 +40,41 @@ package gnu.javax.crypto.key.dh; import gnu.java.security.hash.Sha160; import gnu.java.security.util.PRNG; -import gnu.java.security.util.Prime2; import java.math.BigInteger; import java.security.SecureRandom; /** - * <p>An implementation of the Diffie-Hellman parameter generation as defined in - * RFC-2631.</p> - * - * <p>Reference:</p> + * An implementation of the Diffie-Hellman parameter generation as defined in + * RFC-2631. + * <p> + * Reference: * <ol> - * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key - * Agreement Method</a><br> - * Eric Rescorla.</li> + * <li><a href="http://www.ietf.org/rfc/rfc2631.txt">Diffie-Hellman Key + * Agreement Method</a><br> + * Eric Rescorla.</li> * </ol> */ public class RFC2631 { - - // Constants and variables - // ------------------------------------------------------------------------- - public static final int DH_PARAMS_SEED = 0; - public static final int DH_PARAMS_COUNTER = 1; - public static final int DH_PARAMS_Q = 2; - public static final int DH_PARAMS_P = 3; - public static final int DH_PARAMS_J = 4; - public static final int DH_PARAMS_G = 5; - private static final BigInteger TWO = BigInteger.valueOf(2L); - /** The SHA instance to use. */ private Sha160 sha = new Sha160(); - /** Length of private modulus and of q. */ private int m; - /** Length of public modulus p. */ private int L; - /** The optional {@link SecureRandom} instance to use. */ private SecureRandom rnd = null; - /** Our default source of randomness. */ private PRNG prng = null; - // Constructor(s) - // ------------------------------------------------------------------------- - public RFC2631(int m, int L, SecureRandom rnd) { super(); @@ -103,12 +84,6 @@ public class RFC2631 this.rnd = rnd; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - public BigInteger[] generateParameters() { int i, j, counter; @@ -127,15 +102,16 @@ public class RFC2631 { step4: while (true) { - // 4. Select an arbitrary bit string SEED such that length of SEED >= m + // 4. Select an arbitrary bit string SEED such that length of + // SEED >= m nextRandomBytes(seedBytes); SEED = new BigInteger(1, seedBytes).setBit(m - 1).setBit(0); // 5. Set U = 0 U = BigInteger.ZERO; // 6. For i = 0 to m' - 1 - // U = U + (SHA1[SEED + i] XOR SHA1[(SEED + m' + i)) * 2^(160 * i) - // Note that for m=160, this reduces to the algorithm of [FIPS-186] - // U = SHA1[SEED] XOR SHA1[(SEED+1) mod 2^160 ]. + // U = U + (SHA1[SEED + i] XOR SHA1[(SEED + m' + i)) * 2^(160 * i) + // Note that for m=160, this reduces to the algorithm of FIPS-186 + // U = SHA1[SEED] XOR SHA1[(SEED+1) mod 2^160 ]. for (i = 0; i < m_; i++) { u1 = SEED.add(BigInteger.valueOf(i)).toByteArray(); @@ -145,31 +121,27 @@ public class RFC2631 sha.update(u2, 0, u2.length); u2 = sha.digest(); for (j = 0; j < u1.length; j++) - { - u1[j] ^= u2[j]; - } + u1[j] ^= u2[j]; U = U.add(new BigInteger(1, u1).multiply(TWO.pow(160 * i))); } // 5. Form q from U by computing U mod (2^m) and setting the most - // significant bit (the 2^(m-1) bit) and the least significant bit to - // 1. In terms of boolean operations, q = U OR 2^(m-1) OR 1. Note - // that 2^(m-1) < q < 2^m + // significant bit (the 2^(m-1) bit) and the least significant + // bit to 1. In terms of boolean operations, q = U OR 2^(m-1) OR + // 1. Note that 2^(m-1) < q < 2^m q = U.setBit(m - 1).setBit(0); // 6. Use a robust primality algorithm to test whether q is prime. // 7. If q is not prime then go to 4. - if (Prime2.isProbablePrime(q)) - { - break step4; - } + if (q.isProbablePrime(80)) + break step4; } // 8. Let counter = 0 counter = 0; step9: while (true) { // 9. Set R = seed + 2*m' + (L' * counter) - R = SEED.add(BigInteger.valueOf(2 * m_)).add( - BigInteger.valueOf(L_ - * counter)); + R = SEED + .add(BigInteger.valueOf(2 * m_)) + .add(BigInteger.valueOf(L_ * counter)); // 10. Set V = 0 V = BigInteger.ZERO; // 12. For i = 0 to L'-1 do: V = V + SHA1(R + i) * 2^(160 * i) @@ -187,10 +159,10 @@ public class RFC2631 X = W.setBit(L - 1); // 15. Set p = X - (X mod (2*q)) + 1 p = X.add(BigInteger.ONE).subtract(X.mod(TWO.multiply(q))); - // 16. If p > 2^(L-1) use a robust primality test to test whether p is - // prime. Else go to 18. - //17. If p is prime output p, q, seed, counter and stop. - if (Prime2.isProbablePrime(p)) + // 16. If p > 2^(L-1) use a robust primality test to test whether p + // is prime. Else go to 18. + // 17. If p is prime output p, q, seed, counter and stop. + if (p.isProbablePrime(80)) { break algorithm; } @@ -199,12 +171,9 @@ public class RFC2631 // 19. If counter < (4096 * N) then go to 8. // 20. Output "failure" if (counter >= 4096 * N_) - { - continue algorithm; - } + continue algorithm; } } - // compute g. from FIPS-186, Appendix 4: // 1. Generate p and q as specified in Appendix 2. // 2. Let e = (p - 1) / q @@ -219,28 +188,21 @@ public class RFC2631 // 4. Set g = h**e mod p g = h.modPow(e, p); // 5. If g = 1, go to step 3 - if (!g.equals(BigInteger.ONE)) - { - break; - } + if (! g.equals(BigInteger.ONE)) + break; } - return new BigInteger[] { SEED, BigInteger.valueOf(counter), q, p, e, g }; } - // helper methods ---------------------------------------------------------- - /** - * <p>Fills the designated byte array with random data.</p> + * Fills the designated byte array with random data. * * @param buffer the byte array to fill with random data. */ private void nextRandomBytes(byte[] buffer) { if (rnd != null) - { - rnd.nextBytes(buffer); - } + rnd.nextBytes(buffer); else getDefaultPRNG().nextBytes(buffer); } |
