diff options
Diffstat (limited to 'libjava/classpath/gnu/java/security/key/dss')
8 files changed, 446 insertions, 567 deletions
diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java index 40aaea89352..657de8dd02d 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKey.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKey.java @@ -38,74 +38,77 @@ exception statement from your version. */ package gnu.java.security.key.dss; -import gnu.classpath.SystemProperties; import gnu.java.security.Registry; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.util.FormatUtil; import java.math.BigInteger; +import java.security.AccessController; import java.security.Key; import java.security.interfaces.DSAKey; import java.security.interfaces.DSAParams; import java.security.spec.DSAParameterSpec; /** - * <p>A base asbtract class for both public and private DSS (Digital Signature + * A base asbtract class for both public and private DSS (Digital Signature * Standard) keys. It encapsulates the three DSS numbers: <code>p</code>, - * <code>q</code> and <code>g</code>.</p> - * - * <p>According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>. + * <code>q</code> and <code>g</code>. + * <p> + * According to the JDK, cryptographic <i>Keys</i> all have a <i>format</i>. * The format used in this implementation is called <i>Raw</i>, and basically * consists of the raw byte sequences of algorithm parameters. The exact order - * of the byte sequences and the implementation details are given in each of - * the relevant <code>getEncoded()</code> methods of each of the private and - * public keys.</p> - * + * of the byte sequences and the implementation details are given in each of the + * relevant <code>getEncoded()</code> methods of each of the private and + * public keys. + * <p> + * <b>IMPORTANT</b>: Under certain circumstances (e.g. in an X.509 certificate + * with inherited AlgorithmIdentifier's parameters of a SubjectPublicKeyInfo + * element) these three MPIs may be <code>null</code>. + * * @see DSSPrivateKey#getEncoded * @see DSSPublicKey#getEncoded */ -public abstract class DSSKey implements Key, DSAKey +public abstract class DSSKey + implements Key, DSAKey { - // Constants and variables - // ------------------------------------------------------------------------- - /** - * A prime modulus, where <code>2<sup>L-1</sup> < p < 2<sup>L</sup></code> - * for <code>512 <= L <= 1024</code> and <code>L</code> a multiple of + * A prime modulus, where + * <code>2<sup>L-1</sup> < p < 2<sup>L</sup></code> for + * <code>512 <= L <= 1024</code> and <code>L</code> a multiple of * <code>64</code>. */ protected final BigInteger p; /** - * A prime divisor of <code>p - 1</code>, where <code>2<sup>159</sup> < q + * A prime divisor of <code>p - 1</code>, where + * <code>2<sup>159</sup> < q * < 2<sup>160</sup></code>. */ protected final BigInteger q; /** - * <code>g = h<sup>(p-1)</sup>/q mod p</code>, where <code>h</code> is any - * integer with <code>1 < h < p - 1</code> such that <code>h<sup> - * (p-1)</sup>/q mod p > 1</code> (<code>g</code> has order <code>q mod p + * <code>g = h<sup>(p-1)</sup>/q mod p</code>, where <code>h</code> is + * any integer with <code>1 < h < p - 1</code> such that <code>h<sup> + * (p-1)</sup>/q mod p > 1</code> (<code>g</code> + * has order <code>q mod p * </code>). */ protected final BigInteger g; /** - * Identifier of the default encoding format to use when externalizing the - * key material. + * Identifier of the default encoding format to use when externalizing the key + * material. */ protected final int defaultFormat; /** String representation of this key. Cached for speed. */ private transient String str; - // Constructor(s) - // ------------------------------------------------------------------------- - /** * Trivial protected constructor. * * @param defaultFormat the identifier of the encoding format to use by - * default when externalizing the key. + * default when externalizing the key. * @param p the DSS parameter <code>p</code>. * @param q the DSS parameter <code>q</code>. * @param g the DSS parameter <code>g</code>. @@ -121,21 +124,11 @@ public abstract class DSSKey implements Key, DSAKey this.g = g; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // java.security.interfaces.DSAKey interface implementation ---------------- - public DSAParams getParams() { return new DSAParameterSpec(p, q, g); } - // java.security.Key interface implementation ------------------------------ - public String getAlgorithm() { return Registry.DSS_KPG; @@ -152,27 +145,31 @@ public abstract class DSSKey implements Key, DSAKey return FormatUtil.getEncodingShortName(defaultFormat); } - // Other instance methods -------------------------------------------------- - /** - * <p>Returns <code>true</code> if the designated object is an instance of + * Returns <code>true</code> if the designated object is an instance of * {@link DSAKey} and has the same DSS (Digital Signature Standard) parameter - * values as this one.</p> - * + * values as this one. + * <p> + * Always returns <code>false</code> if the MPIs of this key are + * <i>inherited</i>. This may be the case when the key is re-constructed from + * an X.509 certificate with absent or NULL AlgorithmIdentifier's parameters + * field. + * * @param obj the other non-null DSS key to compare to. - * @return <code>true</code> if the designated object is of the same type and - * value as this one. + * @return <code>true</code> if the designated object is of the same type + * and value as this one. */ public boolean equals(Object obj) { + if (hasInheritedParameters()) + return false; + if (obj == null) - { - return false; - } - if (!(obj instanceof DSAKey)) - { - return false; - } + return false; + + if (! (obj instanceof DSAKey)) + return false; + DSAKey that = (DSAKey) obj; return p.equals(that.getParams().getP()) && q.equals(that.getParams().getQ()) @@ -183,19 +180,32 @@ public abstract class DSSKey implements Key, DSAKey { if (str == null) { - String ls = SystemProperties.getProperty("line.separator"); - str = new StringBuilder().append(ls) - .append("defaultFormat=").append(defaultFormat).append(",").append(ls) - .append("p=0x").append(p.toString(16)).append(",").append(ls) - .append("q=0x").append(q.toString(16)).append(",").append(ls) - .append("g=0x").append(g.toString(16)) - .toString(); + String ls = (String) AccessController.doPrivileged(new GetPropertyAction("line.separator")); + StringBuilder sb = new StringBuilder(ls) + .append("defaultFormat=").append(defaultFormat).append(",") + .append(ls); + if (hasInheritedParameters()) + sb.append("p=inherited,").append(ls) + .append("q=inherited,").append(ls) + .append("g=inherited"); + else + sb.append("p=0x").append(p.toString(16)).append(",").append(ls) + .append("q=0x").append(q.toString(16)).append(",").append(ls) + .append("g=0x").append(g.toString(16)); + str = sb.toString(); } - return str; } - // abstract methods to be implemented by subclasses ------------------------ - public abstract byte[] getEncoded(int format); + + /** + * @return <code>true</code> if <code>p</code>, <code>q</code> and + * <code>g</code> are all <code>null</code>. Returns + * <code>false</code> otherwise. + */ + public boolean hasInheritedParameters() + { + return p == null && q == null && g == null; + } } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java index 5aa746147eb..1bad0b62ed6 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairGenerator.java @@ -38,12 +38,12 @@ exception statement from your version. */ package gnu.java.security.key.dss; +import gnu.java.security.Configuration; import gnu.java.security.Registry; import gnu.java.security.hash.Sha160; import gnu.java.security.key.IKeyPairGenerator; import gnu.java.security.util.PRNG; -import java.io.PrintWriter; import java.math.BigInteger; import java.security.KeyPair; import java.security.PrivateKey; @@ -51,76 +51,57 @@ import java.security.PublicKey; import java.security.SecureRandom; import java.security.spec.DSAParameterSpec; import java.util.Map; +import java.util.logging.Logger; /** - * <p>A key-pair generator for asymetric keys to use in conjunction with the DSS - * (Digital Signature Standard).</p> - * - * References:<br> + * A key-pair generator for asymetric keys to use in conjunction with the DSS + * (Digital Signature Standard). + * <p> + * References: + * <p> * <a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature - * Standard (DSS)</a>, Federal Information Processing Standards Publication 186. - * National Institute of Standards and Technology. + * Standard (DSS)</a>, Federal Information Processing Standards Publication + * 186. National Institute of Standards and Technology. */ -public class DSSKeyPairGenerator implements IKeyPairGenerator +public class DSSKeyPairGenerator + implements IKeyPairGenerator { - - // Debugging methods and variables - // ------------------------------------------------------------------------- - - private static final String NAME = "dss"; - - private static final boolean DEBUG = false; - - private static final int debuglevel = 5; - - private static final PrintWriter err = new PrintWriter(System.out, true); - - private static void debug(String s) - { - err.println(">>> " + NAME + ": " + s); - } - - // Constants and variables - // ------------------------------------------------------------------------- + private static final Logger log = Logger.getLogger(DSSKeyPairGenerator.class.getName()); /** The BigInteger constant 2. */ - private static final BigInteger TWO = new BigInteger("2"); + private static final BigInteger TWO = BigInteger.valueOf(2L); /** Property name of the length (Integer) of the modulus (p) of a DSS key. */ public static final String MODULUS_LENGTH = "gnu.crypto.dss.L"; /** * Property name of the Boolean indicating wether or not to use default pre- - * computed values of <code>p</code>, <code>q</code> and <code>g</code> for - * a given modulus length. The ultimate behaviour of this generator with + * computed values of <code>p</code>, <code>q</code> and <code>g</code> + * for a given modulus length. The ultimate behaviour of this generator with * regard to using pre-computed parameter sets will depend on the value of * this property and of the following one {@link #STRICT_DEFAULTS}: - * * <ol> - * <li>If this property is {@link Boolean#FALSE} then this generator - * will accept being setup for generating parameters for any modulus length - * provided the modulus length is between <code>512</code> and - * <code>1024</code>, and is of the form <code>512 + 64 * n</code>. In - * addition, a new paramter set will always be generated; i.e. no pre- - * computed values are used.</li> - * - * <li>If this property is {@link Boolean#TRUE} and the value of - * {@link #STRICT_DEFAULTS} is also {@link Boolean#TRUE} then this generator - * will only accept being setup for generating parameters for modulus - * lengths of <code>512</code>, <code>768</code> and <code>1024</code>. Any - * other value, of the modulus length, even if between <code>512</code> and - * <code>1024</code>, and of the form <code>512 + 64 * n</code>, will cause - * an {@link IllegalArgumentException} to be thrown. When those modulus - * length (<code>512</code>, <code>768</code>, and <code>1024</code>) are - * specified, the paramter set is always the same.</li> - * - * <li>Finally, if this property is {@link Boolean#TRUE} and the value of - * {@link #STRICT_DEFAULTS} is {@link Boolean#FALSE} then this generator - * will behave as in point 1 above, except that it will use pre-computed - * values when possible; i.e. the modulus length is one of <code>512</code>, - * <code>768</code>, or <code>1024</code>.</li> + * <li>If this property is {@link Boolean#FALSE} then this generator will + * accept being setup for generating parameters for any modulus length + * provided the modulus length is between <code>512</code> and + * <code>1024</code>, and is of the form <code>512 + 64 * n</code>. In + * addition, a new paramter set will always be generated; i.e. no pre- + * computed values are used.</li> + * <li>If this property is {@link Boolean#TRUE} and the value of + * {@link #STRICT_DEFAULTS} is also {@link Boolean#TRUE} then this generator + * will only accept being setup for generating parameters for modulus lengths + * of <code>512</code>, <code>768</code> and <code>1024</code>. Any + * other value, of the modulus length, even if between <code>512</code> and + * <code>1024</code>, and of the form <code>512 + 64 * n</code>, will + * cause an {@link IllegalArgumentException} to be thrown. When those modulus + * length (<code>512</code>, <code>768</code>, and <code>1024</code>) + * are specified, the paramter set is always the same.</li> + * <li>Finally, if this property is {@link Boolean#TRUE} and the value of + * {@link #STRICT_DEFAULTS} is {@link Boolean#FALSE} then this generator will + * behave as in point 1 above, except that it will use pre-computed values + * when possible; i.e. the modulus length is one of <code>512</code>, + * <code>768</code>, or <code>1024</code>.</li> * </ol> - * * The default value of this property is {@link Boolean#TRUE}. */ public static final String USE_DEFAULTS = "gnu.crypto.dss.use.defaults"; @@ -145,8 +126,8 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator /** * Property name of an optional {@link DSAParameterSpec} instance to use for - * this generator's <code>p</code>, <code>q</code>, and <code>g</code> values. - * The default is to generate these values or use pre-computed ones, + * this generator's <code>p</code>, <code>q</code>, and <code>g</code> + * values. The default is to generate these values or use pre-computed ones, * depending on the value of the <code>USE_DEFAULTS</code> attribute. */ public static final String DSS_PARAMETERS = "gnu.crypto.dss.params"; @@ -165,55 +146,41 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator private static final int DEFAULT_ENCODING_FORMAT = Registry.RAW_ENCODING_ID; /** Initial SHS context. */ - private static final int[] T_SHS = new int[] { 0x67452301, 0xEFCDAB89, - 0x98BADCFE, 0x10325476, - 0xC3D2E1F0 }; + private static final int[] T_SHS = new int[] { + 0x67452301, 0xEFCDAB89, 0x98BADCFE, 0x10325476, 0xC3D2E1F0 + }; // from jdk1.3.1/docs/guide/security/CryptoSpec.html#AppB public static final DSAParameterSpec KEY_PARAMS_512 = new DSAParameterSpec( - new BigInteger( - "fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae" - + "01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", - 16), - new BigInteger( - "962eddcc369cba8ebb260ee6b6a126d9346e38c5", - 16), - new BigInteger( - "678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e" - + "35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", - 16)); - + new BigInteger( + "fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae" + + "01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", 16), + new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16), + new BigInteger( + "678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e" + + "35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", 16)); public static final DSAParameterSpec KEY_PARAMS_768 = new DSAParameterSpec( - new BigInteger( - "e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d8901419" - + "22d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d77" - + "7d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", - 16), - new BigInteger( - "9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", - 16), - new BigInteger( - "30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4" - + "dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d8" - + "3c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", - 16)); - + new BigInteger( + "e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d8901419" + + "22d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d77" + + "7d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", 16), + new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", 16), + new BigInteger( + "30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4" + + "dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d8" + + "3c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", 16)); public static final DSAParameterSpec KEY_PARAMS_1024 = new DSAParameterSpec( - new BigInteger( - "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669" - + "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7" - + "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb" - + "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", - 16), - new BigInteger( - "9760508f15230bccb292b982a2eb840bf0581cf5", - 16), - new BigInteger( - "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267" - + "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1" - + "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b" - + "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", - 16)); + new BigInteger( + "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669" + + "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7" + + "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb" + + "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16), + new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16), + new BigInteger( + "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267" + + "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1" + + "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b" + + "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16)); private static final BigInteger TWO_POW_160 = TWO.pow(160); @@ -243,31 +210,18 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator /** Preferred encoding format of generated keys. */ private int preferredFormat; - // Constructor(s) - // ------------------------------------------------------------------------- - - // implicit 0-arguments constructor - - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // gnu.crypto.key.IKeyPairGenerator interface implementation --------------- - public String name() { return Registry.DSS_KPG; } /** - * <p>Configures this instance.</p> - * + * Configures this instance. + * * @param attributes the map of name/value pairs to use. - * @exception IllegalArgumentException if the designated MODULUS_LENGTH - * value is not greater than 512, less than 1024 and not of the form - * <code>512 + 64j</code>. + * @exception IllegalArgumentException if the designated MODULUS_LENGTH value + * is not greater than 512, less than 1024 and not of the form + * <code>512 + 64j</code>. */ public void setup(Map attributes) { @@ -280,9 +234,7 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator // should we use the default pre-computed params? Boolean useDefaults = (Boolean) attributes.get(USE_DEFAULTS); if (useDefaults == null) - { - useDefaults = Boolean.TRUE; - } + useDefaults = Boolean.TRUE; Boolean strictDefaults = (Boolean) attributes.get(STRICT_DEFAULTS); if (strictDefaults == null) @@ -334,16 +286,12 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator q = null; g = null; } - // do we have a SecureRandom, or should we use our own? rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); - // what is the preferred encoding format Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); - preferredFormat = formatID == null - ? DEFAULT_ENCODING_FORMAT - : formatID.intValue(); - + preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT + : formatID.intValue(); // set the seed-key byte[] kb = new byte[20]; // we need 160 bits of randomness nextRandomBytes(kb); @@ -361,76 +309,65 @@ public class DSSKeyPairGenerator implements IKeyPairGenerator p = params[FIPS186.DSA_PARAMS_P]; e = params[FIPS186.DSA_PARAMS_E]; g = params[FIPS186.DSA_PARAMS_G]; - if (DEBUG && debuglevel > 0) + if (Configuration.DEBUG) { - debug("seed: " + seed.toString(16)); - debug("counter: " + counter.intValue()); - debug("q: " + q.toString(16)); - debug("p: " + p.toString(16)); - debug("e: " + e.toString(16)); - debug("g: " + g.toString(16)); + log.fine("seed: " + seed.toString(16)); + log.fine("counter: " + counter.intValue()); + log.fine("q: " + q.toString(16)); + log.fine("p: " + p.toString(16)); + log.fine("e: " + e.toString(16)); + log.fine("g: " + g.toString(16)); } } - BigInteger x = nextX(); BigInteger y = g.modPow(x, p); - PublicKey pubK = new DSSPublicKey(preferredFormat, p, q, g, y); PrivateKey secK = new DSSPrivateKey(preferredFormat, p, q, g, x); - return new KeyPair(pubK, secK); } - // Other instance methods -------------------------------------------------- - /** - * <p>This method applies the following algorithm described in 3.1 of - * FIPS-186:</p> - * + * This method applies the following algorithm described in 3.1 of FIPS-186: * <ol> - * <li>XSEED = optional user input.</li> - * <li>XVAL = (XKEY + XSEED) mod 2<sup>b</sup>.</li> - * <li>x = G(t, XVAL) mod q.</li> - * <li>XKEY = (1 + XKEY + x) mod 2<sup>b</sup>.</li> + * <li>XSEED = optional user input.</li> + * <li>XVAL = (XKEY + XSEED) mod 2<sup>b</sup>.</li> + * <li>x = G(t, XVAL) mod q.</li> + * <li>XKEY = (1 + XKEY + x) mod 2<sup>b</sup>.</li> * </ol> - * - * <p>Where <code>b</code> is the length of a secret b-bit seed-key (XKEY).</p> - * - * <p>Note that in this implementation, XSEED, the optional user input, is - * always zero.</p> + * <p> + * Where <code>b</code> is the length of a secret b-bit seed-key (XKEY). + * <p> + * Note that in this implementation, XSEED, the optional user input, is always + * zero. */ private synchronized BigInteger nextX() { byte[] xk = XKEY.toByteArray(); byte[] in = new byte[64]; // 512-bit block for SHS System.arraycopy(xk, 0, in, 0, xk.length); - int[] H = Sha160.G(T_SHS[0], T_SHS[1], T_SHS[2], T_SHS[3], T_SHS[4], in, 0); byte[] h = new byte[20]; for (int i = 0, j = 0; i < 5; i++) { - h[j++] = (byte) (H[i] >>> 24); - h[j++] = (byte) (H[i] >>> 16); - h[j++] = (byte) (H[i] >>> 8); + h[j++] = (byte)(H[i] >>> 24); + h[j++] = (byte)(H[i] >>> 16); + h[j++] = (byte)(H[i] >>> 8); h[j++] = (byte) H[i]; } BigInteger result = new BigInteger(1, h).mod(q); XKEY = XKEY.add(result).add(BigInteger.ONE).mod(TWO_POW_160); - return result; } /** - * <p>Fills the designated byte array with random data.</p> - * + * Fills the designated byte array with random data. + * * @param buffer the byte array to fill with random data. */ private void nextRandomBytes(byte[] buffer) { if (rnd != null) - { - rnd.nextBytes(buffer); - } + rnd.nextBytes(buffer); else getDefaultPRNG().nextBytes(buffer); } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java index 3a115b96378..06b8e849a50 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairPKCS8Codec.java @@ -38,6 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.dss; +import gnu.java.security.Configuration; import gnu.java.security.OID; import gnu.java.security.Registry; import gnu.java.security.der.DER; @@ -158,11 +159,10 @@ public class DSSKeyPairPKCS8Codec } catch (IOException e) { - InvalidParameterException y = new InvalidParameterException(); + InvalidParameterException y = new InvalidParameterException(e.getMessage()); y.initCause(e); throw y; } - return result; } @@ -184,8 +184,8 @@ public class DSSKeyPairPKCS8Codec */ public PrivateKey decodePrivateKey(byte[] input) { - log.entering("DSSKeyPairPKCS8Codec", "decodePrivateKey"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "decodePrivateKey"); if (input == null) throw new InvalidParameterException("Input bytes MUST NOT be null"); @@ -226,9 +226,11 @@ public class DSSKeyPairPKCS8Codec g = (BigInteger) val.getValue(); val = der.read(); - log.finest("val = " + val); + if (Configuration.DEBUG) + log.fine("val = " + val); byte[] xBytes = (byte[]) val.getValue(); - log.finest(Util.dumpString(xBytes, "xBytes: ")); + if (Configuration.DEBUG) + log.fine(Util.dumpString(xBytes, "xBytes: ")); DERReader der2 = new DERReader(xBytes); val = der2.read(); DerUtil.checkIsBigInteger(val, "Wrong X field"); @@ -236,12 +238,12 @@ public class DSSKeyPairPKCS8Codec } catch (IOException e) { - InvalidParameterException y = new InvalidParameterException(); + InvalidParameterException y = new InvalidParameterException(e.getMessage()); y.initCause(e); throw y; } - - log.exiting("DSSKeyPairPKCS8Codec", "decodePrivateKey"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "decodePrivateKey"); return new DSSPrivateKey(Registry.PKCS8_ENCODING_ID, p, q, g, x); } } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java index 7c5491d6f37..b1135b75f1f 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairRawCodec.java @@ -47,91 +47,72 @@ import java.security.PrivateKey; import java.security.PublicKey; /** - * <p>An object that implements the {@link IKeyPairCodec} operations for the - * <i>Raw</i> format to use with DSS keypairs.</p> + * An object that implements the {@link IKeyPairCodec} operations for the + * <i>Raw</i> format to use with DSS keypairs. */ -public class DSSKeyPairRawCodec implements IKeyPairCodec +public class DSSKeyPairRawCodec + implements IKeyPairCodec { - - // Constants and variables - // ------------------------------------------------------------------------- - - // Constructor(s) - // ------------------------------------------------------------------------- - // implicit 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // gnu.crypto.keys.IKeyPairCodec interface implementation ------------------ - public int getFormatID() { return RAW_FORMAT; } /** - * <p>Returns the encoded form of the designated DSS (Digital Signature - * Standard) public key according to the <i>Raw</i> format supported by - * this library.</p> - * - * <p>The <i>Raw</i> format for a DSA public key, in this implementation, is - * a byte sequence consisting of the following:</p> + * Returns the encoded form of the designated DSS (Digital Signature Standard) + * public key according to the <i>Raw</i> format supported by this library. + * <p> + * The <i>Raw</i> format for a DSA public key, in this implementation, is a + * byte sequence consisting of the following: * <ol> - * <li>4-byte magic consisting of the value of the literal - * {@link Registry#MAGIC_RAW_DSS_PUBLIC_KEY},<li> - * <li>1-byte version consisting of the constant: 0x01,</li> - * <li>4-byte count of following bytes representing the DSA parameter - * <code>p</code> in internet order,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DSA parameter - * <code>p</code>,</li> - * <li>4-byte count of following bytes representing the DSA parameter - * <code>q</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DSA parameter - * <code>q</code>,</li> - * <li>4-byte count of following bytes representing the DSA parameter - * <code>g</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DSA parameter - * <code>g</code>,</li> - * <li>4-byte count of following bytes representing the DSA parameter - * <code>y</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DSA parameter - * <code>y</code>,</li> + * <li>4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DSS_PUBLIC_KEY}, + * <li> + * <li>1-byte version consisting of the constant: 0x01,</li> + * <li>4-byte count of following bytes representing the DSA parameter + * <code>p</code> in internet order,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DSA parameter <code>p</code>, + * </li> + * <li>4-byte count of following bytes representing the DSA parameter + * <code>q</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DSA parameter <code>q</code>, + * </li> + * <li>4-byte count of following bytes representing the DSA parameter + * <code>g</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DSA parameter <code>g</code>, + * </li> + * <li>4-byte count of following bytes representing the DSA parameter + * <code>y</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DSA parameter <code>y</code>, + * </li> * </ol> - * + * * @param key the key to encode. * @return the <i>Raw</i> format encoding of the designated key. * @throws IllegalArgumentException if the designated key is not a DSS - * (Digital Signature Standard) one. + * (Digital Signature Standard) one. * @see Registry#MAGIC_RAW_DSS_PUBLIC_KEY */ public byte[] encodePublicKey(PublicKey key) { - if (!(key instanceof DSSPublicKey)) - { - throw new IllegalArgumentException("key"); - } + if (! (key instanceof DSSPublicKey)) + throw new IllegalArgumentException("key"); DSSPublicKey dssKey = (DSSPublicKey) key; ByteArrayOutputStream baos = new ByteArrayOutputStream(); - // magic baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[0]); baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[1]); baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[2]); baos.write(Registry.MAGIC_RAW_DSS_PUBLIC_KEY[3]); - // version baos.write(0x01); - // p byte[] buffer = dssKey.getParams().getP().toByteArray(); int length = buffer.length; @@ -140,7 +121,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec baos.write((length >>> 8) & 0xFF); baos.write(length & 0xFF); baos.write(buffer, 0, length); - // q buffer = dssKey.getParams().getQ().toByteArray(); length = buffer.length; @@ -149,7 +129,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec baos.write((length >>> 8) & 0xFF); baos.write(length & 0xFF); baos.write(buffer, 0, length); - // g buffer = dssKey.getParams().getG().toByteArray(); length = buffer.length; @@ -158,7 +137,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec baos.write((length >>> 8) & 0xFF); baos.write(length & 0xFF); baos.write(buffer, 0, length); - // y buffer = dssKey.getY().toByteArray(); length = buffer.length; @@ -167,7 +145,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec baos.write((length >>> 8) & 0xFF); baos.write(length & 0xFF); baos.write(buffer, 0, length); - return baos.toByteArray(); } @@ -178,112 +155,106 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec || k[1] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[1] || k[2] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[2] || k[3] != Registry.MAGIC_RAW_DSS_PUBLIC_KEY[3]) - { - throw new IllegalArgumentException("magic"); - } + throw new IllegalArgumentException("magic"); // version if (k[4] != 0x01) - { - throw new IllegalArgumentException("version"); - } - int i = 5; + throw new IllegalArgumentException("version"); + int i = 5; int l; byte[] buffer; - // p - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger p = new BigInteger(1, buffer); - // q - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger q = new BigInteger(1, buffer); - // g - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger g = new BigInteger(1, buffer); - // y - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger y = new BigInteger(1, buffer); - return new DSSPublicKey(p, q, g, y); } /** - * <p>Returns the encoded form of the designated DSS (Digital Signature - * Standard) private key according to the <i>Raw</i> format supported by - * this library.</p> - * - * <p>The <i>Raw</i> format for a DSA private key, in this implementation, is - * a byte sequence consisting of the following:</p> + * Returns the encoded form of the designated DSS (Digital Signature Standard) + * private key according to the <i>Raw</i> format supported by this library. + * <p> + * The <i>Raw</i> format for a DSA private key, in this implementation, is a + * byte sequence consisting of the following: * <ol> - * <li>4-byte magic consisting of the value of the literal - * {@link Registry#MAGIC_RAW_DSS_PRIVATE_KEY},<li> - * <li>1-byte version consisting of the constant: 0x01,</li> - * <li>4-byte count of following bytes representing the DSA parameter - * <code>p</code> in internet order,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DSA parameter - * <code>p</code>,</li> - * <li>4-byte count of following bytes representing the DSA parameter - * <code>q</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DSA parameter - * <code>q</code>,</li> - * <li>4-byte count of following bytes representing the DSA parameter - * <code>g</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DSA parameter - * <code>g</code>,</li> - * <li>4-byte count of following bytes representing the DSA parameter - * <code>x</code>,</li> - * <li>n-bytes representation of a {@link BigInteger} obtained by invoking - * the <code>toByteArray()</code> method on the DSA parameter - * <code>x</code>,</li> + * <li>4-byte magic consisting of the value of the literal + * {@link Registry#MAGIC_RAW_DSS_PRIVATE_KEY}, + * <li> + * <li>1-byte version consisting of the constant: 0x01,</li> + * <li>4-byte count of following bytes representing the DSA parameter + * <code>p</code> in internet order,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DSA parameter <code>p</code>, + * </li> + * <li>4-byte count of following bytes representing the DSA parameter + * <code>q</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DSA parameter <code>q</code>, + * </li> + * <li>4-byte count of following bytes representing the DSA parameter + * <code>g</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DSA parameter <code>g</code>, + * </li> + * <li>4-byte count of following bytes representing the DSA parameter + * <code>x</code>,</li> + * <li>n-bytes representation of a {@link BigInteger} obtained by invoking + * the <code>toByteArray()</code> method on the DSA parameter <code>x</code>, + * </li> * </ol> - * + * * @param key the key to encode. * @return the <i>Raw</i> format encoding of the designated key. * @throws IllegalArgumentException if the designated key is not a DSS - * (Digital Signature Standard) one. + * (Digital Signature Standard) one. */ public byte[] encodePrivateKey(PrivateKey key) { - if (!(key instanceof DSSPrivateKey)) - { - throw new IllegalArgumentException("key"); - } + if (! (key instanceof DSSPrivateKey)) + throw new IllegalArgumentException("key"); DSSPrivateKey dssKey = (DSSPrivateKey) key; ByteArrayOutputStream baos = new ByteArrayOutputStream(); - // magic baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[0]); baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[1]); baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[2]); baos.write(Registry.MAGIC_RAW_DSS_PRIVATE_KEY[3]); - // version baos.write(0x01); - // p byte[] buffer = dssKey.getParams().getP().toByteArray(); int length = buffer.length; @@ -292,7 +263,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec baos.write((length >>> 8) & 0xFF); baos.write(length & 0xFF); baos.write(buffer, 0, length); - // q buffer = dssKey.getParams().getQ().toByteArray(); length = buffer.length; @@ -301,7 +271,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec baos.write((length >>> 8) & 0xFF); baos.write(length & 0xFF); baos.write(buffer, 0, length); - // g buffer = dssKey.getParams().getG().toByteArray(); length = buffer.length; @@ -310,7 +279,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec baos.write((length >>> 8) & 0xFF); baos.write(length & 0xFF); baos.write(buffer, 0, length); - // x buffer = dssKey.getX().toByteArray(); length = buffer.length; @@ -319,7 +287,6 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec baos.write((length >>> 8) & 0xFF); baos.write(length & 0xFF); baos.write(buffer, 0, length); - return baos.toByteArray(); } @@ -330,52 +297,51 @@ public class DSSKeyPairRawCodec implements IKeyPairCodec || k[1] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[1] || k[2] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[2] || k[3] != Registry.MAGIC_RAW_DSS_PRIVATE_KEY[3]) - { - throw new IllegalArgumentException("magic"); - } + throw new IllegalArgumentException("magic"); // version if (k[4] != 0x01) - { - throw new IllegalArgumentException("version"); - } - int i = 5; + throw new IllegalArgumentException("version"); + int i = 5; int l; byte[] buffer; - // p - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger p = new BigInteger(1, buffer); - // q - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger q = new BigInteger(1, buffer); - // g - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger g = new BigInteger(1, buffer); - // x - l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8 - | (k[i++] & 0xFF); + l = k[i++] << 24 + | (k[i++] & 0xFF) << 16 + | (k[i++] & 0xFF) << 8 + | (k[i++] & 0xFF); buffer = new byte[l]; System.arraycopy(k, i, buffer, 0, l); i += l; BigInteger x = new BigInteger(1, buffer); - return new DSSPrivateKey(p, q, g, x); } } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java index 516ef92afd5..a5e8e9d47eb 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java @@ -94,9 +94,15 @@ public class DSSKeyPairX509Codec * g INTEGER * } * </pre> - * - * <p>The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the - * DER-encoded form of the DSA public key as an INTEGER.</p> + * <p> + * Note that RFC-3280 (page 79) implies that some certificates MAY have an + * absent, or NULL, parameters field in their AlgorithmIdentifier element, + * implying that those parameters MUST be <i>inherited</i> from another + * certificate. This implementation, encodes a <i>NULL</i> element as the DER + * value of the parameters field when such is the case. + * <p> + * The <i>subjectPublicKey</i> field, which is a BIT STRING, contains the + * DER-encoded form of the DSA public key as an INTEGER. * * <pre> * DSAPublicKey ::= INTEGER -- public key, Y @@ -118,20 +124,25 @@ public class DSSKeyPairX509Codec DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DSA_ALG_OID); DSSPublicKey dssKey = (DSSPublicKey) key; - BigInteger p = dssKey.getParams().getP(); - BigInteger q = dssKey.getParams().getQ(); - BigInteger g = dssKey.getParams().getG(); - BigInteger y = dssKey.getY(); - - DERValue derP = new DERValue(DER.INTEGER, p); - DERValue derQ = new DERValue(DER.INTEGER, q); - DERValue derG = new DERValue(DER.INTEGER, g); - - ArrayList params = new ArrayList(3); - params.add(derP); - params.add(derQ); - params.add(derG); - DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + DERValue derParams; + if (dssKey.hasInheritedParameters()) + derParams = new DERValue(DER.NULL, null); + else + { + BigInteger p = dssKey.getParams().getP(); + BigInteger q = dssKey.getParams().getQ(); + BigInteger g = dssKey.getParams().getG(); + + DERValue derP = new DERValue(DER.INTEGER, p); + DERValue derQ = new DERValue(DER.INTEGER, q); + DERValue derG = new DERValue(DER.INTEGER, g); + + ArrayList params = new ArrayList(3); + params.add(derP); + params.add(derQ); + params.add(derG); + derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params); + } ArrayList algorithmID = new ArrayList(2); algorithmID.add(derOID); @@ -139,6 +150,7 @@ public class DSSKeyPairX509Codec DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, algorithmID); + BigInteger y = dssKey.getY(); DERValue derDSAPublicKey = new DERValue(DER.INTEGER, y); byte[] yBytes = derDSAPublicKey.getEncoded(); DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(yBytes)); @@ -157,11 +169,10 @@ public class DSSKeyPairX509Codec } catch (IOException x) { - InvalidParameterException e = new InvalidParameterException(); + InvalidParameterException e = new InvalidParameterException(x.getMessage()); e.initCause(x); throw e; } - return result; } @@ -186,7 +197,10 @@ public class DSSKeyPairX509Codec if (input == null) throw new InvalidParameterException("Input bytes MUST NOT be null"); - BigInteger p, g, q, y; + BigInteger p = null; + BigInteger g = null; + BigInteger q = null; + BigInteger y; DERReader der = new DERReader(input); try { @@ -204,20 +218,35 @@ public class DSSKeyPairX509Codec if (! algOID.equals(DSA_ALG_OID)) throw new InvalidParameterException("Unexpected OID: " + algOID); - DERValue derParams = der.read(); - DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field"); - DERValue val = der.read(); - DerUtil.checkIsBigInteger(val, "Wrong P field"); - p = (BigInteger) val.getValue(); - val = der.read(); - DerUtil.checkIsBigInteger(val, "Wrong Q field"); - q = (BigInteger) val.getValue(); - val = der.read(); - DerUtil.checkIsBigInteger(val, "Wrong G field"); - g = (BigInteger) val.getValue(); - - val = der.read(); + // RFC-3280, page 79 states: "If the subjectPublicKeyInfo field of the + // certificate contains an algorithm field with null parameters or + // parameters are omitted, compare the certificate subjectPublicKey + // algorithm to the working_public_key_algorithm. If the certificate + // subjectPublicKey algorithm and the working_public_key_algorithm are + // different, set the working_public_key_parameters to null." + // in other words, the parameters field of an AlgorithmIdentifier + // element MAY NOT be present at all, or if present MAY be NULL! + // the Mauve test ValidDSAParameterInheritenceTest5, in + // gnu.testlet.java.security.cert.pkix.pkits, is/was failing because + // of this. + if (val.getTag() == DER.NULL) + val = der.read(); + else if (val.isConstructed()) + { + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong P field"); + p = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong Q field"); + q = (BigInteger) val.getValue(); + val = der.read(); + DerUtil.checkIsBigInteger(val, "Wrong G field"); + g = (BigInteger) val.getValue(); + + val = der.read(); + } + if (! (val.getValue() instanceof BitString)) throw new InvalidParameterException("Wrong SubjectPublicKey field"); @@ -230,11 +259,10 @@ public class DSSKeyPairX509Codec } catch (IOException x) { - InvalidParameterException e = new InvalidParameterException(); + InvalidParameterException e = new InvalidParameterException(x.getMessage()); e.initCause(x); throw e; } - return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y); } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java index fe59cb6d77b..6ed8de8460d 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSPrivateKey.java @@ -38,38 +38,34 @@ exception statement from your version. */ package gnu.java.security.key.dss; -import gnu.classpath.SystemProperties; +import gnu.java.security.Configuration; import gnu.java.security.Registry; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.key.IKeyPairCodec; import java.math.BigInteger; +import java.security.AccessController; import java.security.PrivateKey; import java.security.interfaces.DSAPrivateKey; /** - * <p>An object that embodies a DSS (Digital Signature Standard) private key.</p> - * + * An object that embodies a DSS (Digital Signature Standard) private key. + * * @see #getEncoded */ -public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey +public class DSSPrivateKey + extends DSSKey + implements PrivateKey, DSAPrivateKey { - // Constants and variables - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - /** - * <p>A randomly or pseudorandomly generated integer with <code>0 < x < - * q</code>.</p> + * A randomly or pseudorandomly generated integer with <code>0 < x < + * q</code>. */ private final BigInteger x; /** String representation of this key. Cached for speed. */ private transient String str; - // Constructor(s) - // ------------------------------------------------------------------------- - /** * Convenience constructor. Calls the constructor with 5 arguments passing * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred @@ -104,13 +100,9 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID : preferredFormat, p, q, g); - this.x = x; } - // Class methods - // ------------------------------------------------------------------------- - /** * A class method that takes the output of the <code>encodePrivateKey()</code> * method of a DSS keypair codec object (an instance implementing @@ -135,30 +127,22 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey catch (IllegalArgumentException ignored) { } - // try PKCS#8 codec return (DSSPrivateKey) new DSSKeyPairPKCS8Codec().decodePrivateKey(k); } - // Instance methods - // ------------------------------------------------------------------------- - - // java.security.interfaces.DSAPrivateKey interface implementation --------- - public BigInteger getX() { return x; } - // Other instance methods -------------------------------------------------- - /** - * <p>Returns the encoded form of this private key according to the - * designated format.</p> - * + * Returns the encoded form of this private key according to the designated + * format. + * * @param format the desired format identifier of the resulting encoding. * @return the byte sequence encoding this key according to the designated - * format. + * format. * @exception IllegalArgumentException if the format is not supported. * @see DSSKeyPairRawCodec */ @@ -181,24 +165,22 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey } /** - * <p>Returns <code>true</code> if the designated object is an instance of + * Returns <code>true</code> if the designated object is an instance of * {@link DSAPrivateKey} and has the same DSS (Digital Signature Standard) - * parameter values as this one.</p> - * + * parameter values as this one. + * * @param obj the other non-null DSS key to compare to. - * @return <code>true</code> if the designated object is of the same type and - * value as this one. + * @return <code>true</code> if the designated object is of the same type + * and value as this one. */ public boolean equals(Object obj) { if (obj == null) - { - return false; - } - if (!(obj instanceof DSAPrivateKey)) - { - return false; - } + return false; + + if (! (obj instanceof DSAPrivateKey)) + return false; + DSAPrivateKey that = (DSAPrivateKey) obj; return super.equals(that) && x.equals(that.getX()); } @@ -207,13 +189,15 @@ public class DSSPrivateKey extends DSSKey implements PrivateKey, DSAPrivateKey { if (str == null) { - String ls = SystemProperties.getProperty("line.separator"); + String ls = (String) AccessController.doPrivileged + (new GetPropertyAction("line.separator")); str = new StringBuilder(this.getClass().getName()).append("(") - .append(super.toString()).append(",").append(ls) - .append("x=0x").append(DEBUG ? x.toString(16) : "**...*").append(ls) - .append(")").toString(); + .append(super.toString()).append(",").append(ls) + .append("x=0x").append(Configuration.DEBUG ? x.toString(16) + : "**...*").append(ls) + .append(")") + .toString(); } - return str; } } diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java index 52292131336..9e1c4cf0a04 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSPublicKey.java @@ -38,36 +38,33 @@ exception statement from your version. */ package gnu.java.security.key.dss; -import gnu.classpath.SystemProperties; import gnu.java.security.Registry; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.key.IKeyPairCodec; import java.math.BigInteger; +import java.security.AccessController; import java.security.PublicKey; import java.security.interfaces.DSAPublicKey; /** - * <p>An object that embodies a DSS (Digital Signature Standard) public key.</p> + * An object that embodies a DSS (Digital Signature Standard) public key. * * @see #getEncoded */ -public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey +public class DSSPublicKey + extends DSSKey + implements PublicKey, DSAPublicKey { - // Constants and variables - // ------------------------------------------------------------------------- - /** - * <code>y = g<sup>x</sup> mod p</code> where <code>x</code> is the private - * part of the DSA key. + * <code>y = g<sup>x</sup> mod p</code> where <code>x</code> is the + * private part of the DSA key. */ private final BigInteger y; /** String representation of this key. Cached for speed. */ private transient String str; - // Constructor(s) - // ------------------------------------------------------------------------- - /** * Conveience constructor. Calls the constructor with 5 arguments passing * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred @@ -85,8 +82,8 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey } /** - * Constructs a new instance of <code>DSSPublicKey</code> given the designated - * arguments. + * Constructs a new instance of <code>DSSPublicKey</code> given the + * designated arguments. * * @param preferredFormat the identifier of the preferred encoding format to * use when externalizing this key. @@ -102,13 +99,9 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.X509_ENCODING_ID : preferredFormat, p, q, g); - this.y = y; } - // Class methods - // ------------------------------------------------------------------------- - /** * A class method that takes the output of the <code>encodePublicKey()</code> * method of a DSS keypair codec object (an instance implementing @@ -133,30 +126,22 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey catch (IllegalArgumentException ignored) { } - // try X.509 codec return (DSSPublicKey) new DSSKeyPairX509Codec().decodePublicKey(k); } - // Instance methods - // ------------------------------------------------------------------------- - - // java.security.interfaces.DSAPublicKey interface implementation ---------- - public BigInteger getY() { return y; } - // Other instance methods -------------------------------------------------- - /** - * <p>Returns the encoded form of this public key according to the designated - * format.</p> + * Returns the encoded form of this public key according to the designated + * format. * * @param format the desired format identifier of the resulting encoding. * @return the byte sequence encoding this key according to the designated - * format. + * format. * @exception IllegalArgumentException if the format is not supported. * @see DSSKeyPairRawCodec */ @@ -179,24 +164,22 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey } /** - * <p>Returns <code>true</code> if the designated object is an instance of + * Returns <code>true</code> if the designated object is an instance of * {@link DSAPublicKey} and has the same DSS (Digital Signature Standard) - * parameter values as this one.</p> + * parameter values as this one. * * @param obj the other non-null DSS key to compare to. - * @return <code>true</code> if the designated object is of the same type and - * value as this one. + * @return <code>true</code> if the designated object is of the same type + * and value as this one. */ public boolean equals(Object obj) { if (obj == null) - { - return false; - } - if (!(obj instanceof DSAPublicKey)) - { - return false; - } + return false; + + if (! (obj instanceof DSAPublicKey)) + return false; + DSAPublicKey that = (DSAPublicKey) obj; return super.equals(that) && y.equals(that.getY()); } @@ -205,13 +188,14 @@ public class DSSPublicKey extends DSSKey implements PublicKey, DSAPublicKey { if (str == null) { - String ls = SystemProperties.getProperty("line.separator"); + String ls = (String) AccessController.doPrivileged + (new GetPropertyAction("line.separator")); str = new StringBuilder(this.getClass().getName()).append("(") - .append(super.toString()).append(",").append(ls) - .append("y=0x").append(y.toString(16)).append(ls) - .append(")").toString(); + .append(super.toString()).append(",").append(ls) + .append("y=0x").append(y.toString(16)).append(ls) + .append(")") + .toString(); } - return str; } } diff --git a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java index 5984bcc9393..7277599bd54 100644 --- a/libjava/classpath/gnu/java/security/key/dss/FIPS186.java +++ b/libjava/classpath/gnu/java/security/key/dss/FIPS186.java @@ -40,26 +40,21 @@ package gnu.java.security.key.dss; import gnu.java.security.hash.Sha160; import gnu.java.security.util.PRNG; -import gnu.java.security.util.Prime2; import java.math.BigInteger; import java.security.SecureRandom; /** - * <p>An implementation of the DSA parameters generation as described in - * FIPS-186.</p> - * - * References:<br> + * An implementation of the DSA parameters generation as described in FIPS-186. + * <p> + * References: + * <p> * <a href="http://www.itl.nist.gov/fipspubs/fip186.htm">Digital Signature - * Standard (DSS)</a>, Federal Information Processing Standards Publication 186. - * National Institute of Standards and Technology. + * Standard (DSS)</a>, Federal Information Processing Standards Publication + * 186. National Institute of Standards and Technology. */ public class FIPS186 { - - // Constants and variables - // ------------------------------------------------------------------------- - public static final int DSA_PARAMS_SEED = 0; public static final int DSA_PARAMS_COUNTER = 1; @@ -73,7 +68,7 @@ public class FIPS186 public static final int DSA_PARAMS_G = 5; /** The BigInteger constant 2. */ - private static final BigInteger TWO = new BigInteger("2"); + private static final BigInteger TWO = BigInteger.valueOf(2L); private static final BigInteger TWO_POW_160 = TWO.pow(160); @@ -89,9 +84,6 @@ public class FIPS186 /** Our default source of randomness. */ private PRNG prng = null; - // Constructor(s) - // ------------------------------------------------------------------------- - public FIPS186(int L, SecureRandom rnd) { super(); @@ -100,38 +92,31 @@ public class FIPS186 this.rnd = rnd; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - /** * This method generates the DSS <code>p</code>, <code>q</code>, and * <code>g</code> parameters only when <code>L</code> (the modulus length) * is not one of the following: <code>512</code>, <code>768</code> and - * <code>1024</code>. For those values of <code>L</code>, this implementation - * uses pre-computed values of <code>p</code>, <code>q</code>, and - * <code>g</code> given in the document <i>CryptoSpec</i> included in the - * security guide documentation of the standard JDK distribution.<p> - * + * <code>1024</code>. For those values of <code>L</code>, this + * implementation uses pre-computed values of <code>p</code>, + * <code>q</code>, and <code>g</code> given in the document <i>CryptoSpec</i> + * included in the security guide documentation of the standard JDK + * distribution. + * <p> * The DSS requires two primes , <code>p</code> and <code>q</code>, * satisfying the following three conditions: - * * <ul> - * <li><code>2<sup>159</sup> < q < 2<sup>160</sup></code></li> - * <li><code>2<sup>L-1</sup> < p < 2<sup>L</sup></code> for a - * specified <code>L</code>, where <code>L = 512 + 64j</code> for some - * <code>0 <= j <= 8</code></li> - * <li>q divides p - 1.</li> + * <li><code>2<sup>159</sup> < q < 2<sup>160</sup></code></li> + * <li><code>2<sup>L-1</sup> < p < 2<sup>L</sup></code> for a + * specified <code>L</code>, where <code>L = 512 + 64j</code> for some + * <code>0 <= j <= 8</code></li> + * <li>q divides p - 1.</li> * </ul> - * * The algorithm used to find these primes is as described in FIPS-186, * section 2.2: GENERATION OF PRIMES. This prime generation scheme starts by - * using the {@link Sha160} and a user supplied <i>SEED</i> - * to construct a prime, <code>q</code>, in the range 2<sup>159</sup> < q - * < 2<sup>160</sup>. Once this is accomplished, the same <i>SEED</i> - * value is used to construct an <code>X</code> in the range <code>2<sup>L-1 + * using the {@link Sha160} and a user supplied <i>SEED</i> to construct a + * prime, <code>q</code>, in the range 2<sup>159</sup> < q < 2<sup>160</sup>. + * Once this is accomplished, the same <i>SEED</i> value is used to construct + * an <code>X</code> in the range <code>2<sup>L-1 * </sup> < X < 2<sup>L</sup>. The prime, <code>p</code>, is then * formed by rounding <code>X</code> to a number congruent to <code>1 mod * 2q</code>. In this implementation we use the same <i>SEED</i> value given @@ -169,9 +154,8 @@ public class FIPS186 u = sha.digest(); } for (int i = 0; i < a.length; i++) - { - a[i] ^= u[i]; - } + a[i] ^= u[i]; + U = new BigInteger(1, a); // 3. Form q from U by setting the most significant bit (the // 2**159 bit) and the least significant bit to 1. In terms of @@ -183,12 +167,9 @@ public class FIPS186 // probability of a non-prime number passing the test is at // most 1/2**80. // 5. If q is not prime, go to step 1. - if (Prime2.isProbablePrime(q)) - { - break step1; - } + if (q.isProbablePrime(80)) + break step1; } // step1 - // 6. Let counter = 0 and offset = 2. counter = 0; offset = 2; @@ -201,9 +182,9 @@ public class FIPS186 { for (int k = 0; k <= n; k++) { - a = SEED_PLUS_OFFSET.add( - BigInteger.valueOf(k & 0xFFFFFFFFL)).mod( - TWO_POW_160).toByteArray(); + a = SEED_PLUS_OFFSET + .add(BigInteger.valueOf(k & 0xFFFFFFFFL)) + .mod(TWO_POW_160).toByteArray(); sha.update(a, 0, a.length); V[k] = new BigInteger(1, sha.digest()); } @@ -214,9 +195,8 @@ public class FIPS186 // Note that 0 <= W < 2**(L-1) and hence 2**(L-1) <= X < 2**L. W = V[0]; for (int k = 1; k < n; k++) - { - W = W.add(V[k].multiply(TWO.pow(k * 160))); - } + W = W.add(V[k].multiply(TWO.pow(k * 160))); + W = W.add(V[n].mod(TWO.pow(b)).multiply(TWO.pow(n * 160))); X = W.add(TWO.pow(L - 1)); // 9. Let c = X mod 2q and set p = X - (c - 1). @@ -228,22 +208,17 @@ public class FIPS186 { // 11. Perform a robust primality test on p. // 12. If p passes the test performed in step 11, go to step 15. - if (Prime2.isProbablePrime(p)) - { - break algorithm; - } + if (p.isProbablePrime(80)) + break algorithm; } // 13. Let counter = counter + 1 and offset = offset + n + 1. counter++; offset += n + 1; // 14. If counter >= 4096 go to step 1, otherwise go to step 7. if (counter >= 4096) - { - continue algorithm; - } + continue algorithm; } // step7 } // algorithm - // compute g. from FIPS-186, Appendix 4: // 1. Generate p and q as specified in Appendix 2. // 2. Let e = (p - 1) / q @@ -258,28 +233,21 @@ public class FIPS186 // 4. Set g = h**e mod p g = h.modPow(e, p); // 5. If g = 1, go to step 3 - if (!g.equals(BigInteger.ONE)) - { - break; - } + if (! g.equals(BigInteger.ONE)) + break; } - return new BigInteger[] { SEED, BigInteger.valueOf(counter), q, p, e, g }; } - // helper methods ---------------------------------------------------------- - /** * Fills the designated byte array with random data. - * + * * @param buffer the byte array to fill with random data. */ private void nextRandomBytes(byte[] buffer) { if (rnd != null) - { - rnd.nextBytes(buffer); - } + rnd.nextBytes(buffer); else getDefaultPRNG().nextBytes(buffer); } |
