diff options
Diffstat (limited to 'libjava/gnu/java/security/provider')
25 files changed, 0 insertions, 4574 deletions
diff --git a/libjava/gnu/java/security/provider/CollectionCertStoreImpl.java b/libjava/gnu/java/security/provider/CollectionCertStoreImpl.java deleted file mode 100644 index 4bf3d5434ef..00000000000 --- a/libjava/gnu/java/security/provider/CollectionCertStoreImpl.java +++ /dev/null @@ -1,102 +0,0 @@ -/* CollectionCertStore.java -- Collection-based cert store. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.InvalidAlgorithmParameterException; -import java.security.cert.CRL; -import java.security.cert.CRLSelector; -import java.security.cert.CertSelector; -import java.security.cert.CertStoreException; -import java.security.cert.CertStoreParameters; -import java.security.cert.CertStoreSpi; -import java.security.cert.Certificate; -import java.security.cert.CollectionCertStoreParameters; -import java.util.Collection; -import java.util.Iterator; -import java.util.LinkedList; - -public final class CollectionCertStoreImpl extends CertStoreSpi -{ - - // Fields. - // ------------------------------------------------------------------------- - - private final Collection store; - - // Constructors. - // ------------------------------------------------------------------------- - - public CollectionCertStoreImpl(CertStoreParameters params) - throws InvalidAlgorithmParameterException - { - super(params); - if (! (params instanceof CollectionCertStoreParameters)) - throw new InvalidAlgorithmParameterException("not a CollectionCertStoreParameters object"); - store = ((CollectionCertStoreParameters) params).getCollection(); - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public Collection engineGetCertificates(CertSelector selector) - throws CertStoreException - { - LinkedList result = new LinkedList(); - for (Iterator it = store.iterator(); it.hasNext(); ) - { - Object o = it.next(); - if ((o instanceof Certificate) && selector.match((Certificate) o)) - result.add(o); - } - return result; - } - - public Collection engineGetCRLs(CRLSelector selector) - throws CertStoreException - { - LinkedList result = new LinkedList(); - for (Iterator it = store.iterator(); it.hasNext(); ) - { - Object o = it.next(); - if ((o instanceof CRL) && selector.match((CRL) o)) - result.add(o); - } - return result; - } -} diff --git a/libjava/gnu/java/security/provider/DSAKeyFactory.java b/libjava/gnu/java/security/provider/DSAKeyFactory.java deleted file mode 100644 index 7e154e27473..00000000000 --- a/libjava/gnu/java/security/provider/DSAKeyFactory.java +++ /dev/null @@ -1,134 +0,0 @@ -/* DSAKeyFactory.java -- DSA key factory. - Copyright (C) 2003 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyFactorySpi; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.interfaces.DSAPrivateKey; -import java.security.interfaces.DSAPublicKey; -import java.security.spec.DSAPrivateKeySpec; -import java.security.spec.DSAPublicKeySpec; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.KeySpec; - -/** - * DSA key factory. - * - * @author Casey Marshall (rsdio@metastatic.org) - */ -public class DSAKeyFactory extends KeyFactorySpi -{ - - // Constructor. - // ------------------------------------------------------------------------ - - public DSAKeyFactory() - { - super(); - } - - // Instance methods. - // ------------------------------------------------------------------------ - - protected PrivateKey engineGeneratePrivate(KeySpec keySpec) - throws InvalidKeySpecException - { - if (!(keySpec instanceof DSAPrivateKeySpec)) - throw new InvalidKeySpecException(); - return new GnuDSAPrivateKey( - ((DSAPrivateKeySpec) keySpec).getX(), - ((DSAPrivateKeySpec) keySpec).getP(), - ((DSAPrivateKeySpec) keySpec).getQ(), - ((DSAPrivateKeySpec) keySpec).getG()); - } - - protected PublicKey engineGeneratePublic(KeySpec keySpec) - throws InvalidKeySpecException - { - if (!(keySpec instanceof DSAPublicKeySpec)) - throw new InvalidKeySpecException(); - return new GnuDSAPublicKey( - ((DSAPublicKeySpec) keySpec).getY(), - ((DSAPublicKeySpec) keySpec).getP(), - ((DSAPublicKeySpec) keySpec).getQ(), - ((DSAPublicKeySpec) keySpec).getG()); - } - - protected KeySpec engineGetKeySpec(Key key, Class keySpec) - throws InvalidKeySpecException - { - if ((key instanceof DSAPublicKey) && - keySpec.isAssignableFrom(DSAPublicKeySpec.class)) - { - return new DSAPublicKeySpec(((DSAPublicKey) key).getY(), - ((DSAPublicKey) key).getParams().getP(), - ((DSAPublicKey) key).getParams().getQ(), - ((DSAPublicKey) key).getParams().getG()); - } - if ((key instanceof DSAPrivateKey) && - keySpec.isAssignableFrom(DSAPrivateKeySpec.class)) - { - return new DSAPrivateKeySpec(((DSAPrivateKey) key).getX(), - ((DSAPrivateKey) key).getParams().getP(), - ((DSAPrivateKey) key).getParams().getQ(), - ((DSAPrivateKey) key).getParams().getG()); - } - throw new InvalidKeySpecException(); - } - - protected Key engineTranslateKey(Key key) throws InvalidKeyException - { - if ((key instanceof GnuDSAPublicKey) || (key instanceof GnuDSAPrivateKey)) - return key; - if (key instanceof DSAPublicKey) - return new GnuDSAPublicKey(((DSAPublicKey) key).getY(), - ((DSAPublicKey) key).getParams().getP(), - ((DSAPublicKey) key).getParams().getQ(), - ((DSAPublicKey) key).getParams().getG()); - if (key instanceof DSAPrivateKey) - return new GnuDSAPrivateKey(((DSAPrivateKey) key).getX(), - ((DSAPrivateKey) key).getParams().getP(), - ((DSAPrivateKey) key).getParams().getQ(), - ((DSAPrivateKey) key).getParams().getG()); - throw new InvalidKeyException(); - } -} diff --git a/libjava/gnu/java/security/provider/DSAKeyPairGenerator.java b/libjava/gnu/java/security/provider/DSAKeyPairGenerator.java deleted file mode 100644 index 2c643d5c367..00000000000 --- a/libjava/gnu/java/security/provider/DSAKeyPairGenerator.java +++ /dev/null @@ -1,171 +0,0 @@ -/* GnuDSAKeyPairGenerator.java --- Gnu DSA Key Pair Generator - Copyright (C) 1999 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.math.BigInteger; -import java.security.AlgorithmParameterGenerator; -import java.security.AlgorithmParameters; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidParameterException; -import java.security.KeyPair; -import java.security.KeyPairGeneratorSpi; -import java.security.SecureRandom; -import java.security.interfaces.DSAParams; -import java.security.spec.AlgorithmParameterSpec; -import java.security.spec.DSAParameterSpec; -import java.util.Random; - -public class DSAKeyPairGenerator extends KeyPairGeneratorSpi - implements java.security.interfaces.DSAKeyPairGenerator -{ -int keysize; -SecureRandom random; -private BigInteger q = null; // the small prime -private BigInteger p = null; // the big prime -private BigInteger g = null; - -DSAKeyPairGenerator() -{ - keysize = 1024; -} - -public void initialize(int keysize, SecureRandom random) -{ - //if( ((keysize % 64) != 0) || (keysize < 512) || (keysize > 1024) ) - // throw new InvalidAlgorithmParameterException("Invalid key size"); - - this.keysize = keysize; - this.random = random; -} - -public void initialize(AlgorithmParameterSpec params, - SecureRandom random) - throws InvalidAlgorithmParameterException -{ - if( !( params instanceof DSAParameterSpec ) ) - throw new InvalidAlgorithmParameterException("Must be DSAParameterSpec"); - - DSAParameterSpec dsaparameterspec = (DSAParameterSpec)params; - p = dsaparameterspec.getP(); - q = dsaparameterspec.getQ(); - g = dsaparameterspec.getG(); - this.random = random; -} - -public void initialize(DSAParams params, SecureRandom random) - throws InvalidParameterException -{ - if(params.getP() != null) - p = params.getP(); - else - throw new InvalidParameterException(); - - if(params.getQ() != null) - q = params.getQ(); - else - throw new InvalidParameterException(); - - if(params.getG() != null) - g = params.getG(); - else - throw new InvalidParameterException(); - - this.random = random; -} - -public void initialize(int modlen, boolean genParams, SecureRandom random) - throws InvalidParameterException -{ - if( ((modlen % 64) != 0) || (modlen < 512) || (modlen > 1024) ) - throw new InvalidParameterException(); - - if( (genParams == false) && (modlen != 512) && (modlen != 768) && (modlen != 1024) ) - throw new InvalidParameterException(); - this.keysize = modlen; - this.random = random; - p = null; - q = null; - g = null; -} - -public KeyPair generateKeyPair() -{ - if( getDefaults() == false) { - try { - AlgorithmParameterGenerator apgDSA = AlgorithmParameterGenerator.getInstance("DSA"); - AlgorithmParameters apDSA = apgDSA.generateParameters(); - DSAParameterSpec dsaparameterspec = (DSAParameterSpec)apDSA.getParameterSpec( DSAParameterSpec.class ); - p = dsaparameterspec.getP(); - q = dsaparameterspec.getQ(); - g = dsaparameterspec.getG(); - } catch ( Exception e ) { - return null; - } - } - - BigInteger x = new BigInteger( 159, new Random() ); - - BigInteger y = g.modPow( x, p ); - - return new KeyPair( new GnuDSAPublicKey(y,p,q,g), new GnuDSAPrivateKey(x,p,q,g)); - //return new KeyPair( public, private ); -} - -//These constants are Sun's Constants copied from the -//Cryptography Specification -private boolean getDefaults() -{ - if( keysize == 512) { - p = new BigInteger("fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", 16); - q = new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16); - g = new BigInteger("678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", 16); - return true; - } else if( keysize == 768) { - p = new BigInteger("e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5d890141922d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a22219d470bce7d777d4a21fbe9c270b57f607002f3cef8393694cf45ee3688c11a8c56ab127a3daf", 16); - q = new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", 16); - g = new BigInteger("30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7a31d23c4dbbcbe06174544401a5b2c020965d8c2bd2171d3668445771f74ba084d2029d83c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a7064f316933a346d3f529252", 16); - } else if( keysize == 512) { - p = new BigInteger("fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16); - q = new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16); - g = new BigInteger("f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16); - } - return false; -} - -} diff --git a/libjava/gnu/java/security/provider/DSAParameterGenerator.java b/libjava/gnu/java/security/provider/DSAParameterGenerator.java deleted file mode 100644 index ccec1136cd3..00000000000 --- a/libjava/gnu/java/security/provider/DSAParameterGenerator.java +++ /dev/null @@ -1,128 +0,0 @@ -/* DSAParameterGenerator.java --- DSA Parameter Generator Implementation - Copyright (C) 1999 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.util.Prime; - -import java.math.BigInteger; -import java.security.AlgorithmParameterGeneratorSpi; -import java.security.AlgorithmParameters; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; -import java.security.spec.AlgorithmParameterSpec; -import java.security.spec.DSAParameterSpec; -import java.security.spec.InvalidParameterSpecException; -import java.util.Random; - -public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi -{ - private int size; - private SecureRandom random = null; - - public DSAParameterGenerator() - { - size = 1024; - } - - public void engineInit(int size, SecureRandom random) - { - if( (size < 512) || (size > 1024) || ( (size % 64) != 0) ) - //throw new InvalidAlgorithmParameterException("Invalid Size"); - return; - this.size = size; - this.random = random; - } - - public void engineInit(AlgorithmParameterSpec genParamSpec, SecureRandom random) - throws InvalidAlgorithmParameterException - { - if( !( genParamSpec instanceof DSAParameterSpec ) ) - throw new InvalidAlgorithmParameterException("Must be DSAParameterSpec"); - - DSAParameterSpec dsaparameterspec = (DSAParameterSpec)genParamSpec; - int tmp = dsaparameterspec.getP().bitLength(); - - if( (tmp < 512) || (tmp > 1024) || ( (tmp % 64) != 0) ) - throw new InvalidAlgorithmParameterException("Invalid Size"); - - this.random = random; - } - - //For more information see IEEE P1363 A.16.1 (10/05/98 Draft) - public AlgorithmParameters engineGenerateParameters() - { - DSAParameterSpec dsaparameterspec; - - int L = size; - BigInteger r, p, k, h, g; - - //q 2^159 < q < 2^160 - r = Prime.generateRandomPrime( 159, 160, BigInteger.valueOf(1)); - - // 2^(L-1) < p < 2^L - p = Prime.generateRandomPrime( r, BigInteger.valueOf(1), L - 1, L, BigInteger.valueOf(1)); - - k = p.subtract( BigInteger.valueOf(1) ); - k = k.divide( r ); - - Random rand = new Random(); - h = BigInteger.valueOf(1); - - for(;;) { - h = h.add(BigInteger.valueOf( 1 ) ); - - g = h.modPow(k, p); - - if( g.compareTo( BigInteger.valueOf(1) ) != 1 ) - break; - } - - try { - dsaparameterspec = new DSAParameterSpec(p, r, g); - AlgorithmParameters ap = AlgorithmParameters.getInstance("DSA"); - ap.init( dsaparameterspec ); - return ap; - } catch ( NoSuchAlgorithmException nsae ) { - return null; - } catch ( InvalidParameterSpecException ipse) { - return null; - } - } -} diff --git a/libjava/gnu/java/security/provider/DSAParameters.java b/libjava/gnu/java/security/provider/DSAParameters.java deleted file mode 100644 index 77d648956ee..00000000000 --- a/libjava/gnu/java/security/provider/DSAParameters.java +++ /dev/null @@ -1,150 +0,0 @@ -/* DSAParameters.java --- DSA Parameters Implementation - Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.io.ASN1ParsingException; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERReader; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.AlgorithmParametersSpi; -import java.security.spec.AlgorithmParameterSpec; -import java.security.spec.DSAParameterSpec; -import java.security.spec.InvalidParameterSpecException; -import java.util.ArrayList; - -/* - ASN.1 Encoding for DSA from rfc2459 - - id-dsa ID ::= { iso(1) member-body(2) us(840) x9-57(10040) - x9cm(4) 1 } - - Dss-Parms ::= SEQUENCE { - p INTEGER, - q INTEGER, - g INTEGER } - -*/ -public class DSAParameters extends AlgorithmParametersSpi -{ -private BigInteger q; // the small prime -private BigInteger p; // the big prime -private BigInteger g; - - -public void engineInit(AlgorithmParameterSpec paramSpec) - throws InvalidParameterSpecException -{ - if( paramSpec instanceof DSAParameterSpec ) { - DSAParameterSpec dsaParamSpec = (DSAParameterSpec)paramSpec; - p = dsaParamSpec.getP(); - q = dsaParamSpec.getQ(); - g = dsaParamSpec.getG(); - } - else - throw new InvalidParameterSpecException("Only accepts DSAParameterSpec"); -} - -public void engineInit(byte[] params) - throws IOException -{ - DERReader in = new DERReader(params); - DERValue val = in.read(); - if (val.getValue() != DER.CONSTRUCTED_VALUE) - throw new ASN1ParsingException("badly formed parameters"); - try - { - p = (BigInteger) in.read().getValue(); - q = (BigInteger) in.read().getValue(); - g = (BigInteger) in.read().getValue(); - } - catch (Exception x) - { - throw new ASN1ParsingException("badly formed parameters"); - } -} - -public void engineInit(byte[] params, String format) - throws IOException -{ - if( !format.equals("ASN.1") ) - throw new IOException("Invalid Format: Only accepts ASN.1"); - engineInit( params ); -} - -public AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) - throws InvalidParameterSpecException -{ - if( paramSpec.isAssignableFrom(DSAParameterSpec.class) ) - return new DSAParameterSpec(p, q, g); - else - throw new InvalidParameterSpecException("Only accepts DSAParameterSpec"); -} - -public byte[] engineGetEncoded() - throws IOException -{ - ByteArrayOutputStream bout = new ByteArrayOutputStream(); - ArrayList seq = new ArrayList(3); - seq.add(new DERValue(DER.INTEGER, p)); - seq.add(new DERValue(DER.INTEGER, q)); - seq.add(new DERValue(DER.INTEGER, g)); - DERWriter.write(bout, new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, seq)); - return bout.toByteArray(); -} - - -public byte[] engineGetEncoded(String format) - throws IOException -{ - if( !format.equals("ASN.1") ) - throw new IOException("Invalid Format: Only accepts ASN.1"); - return engineGetEncoded(); -} - -public String engineToString() -{ - return ("q: " + q + " p: " + p + " g: " + g); -} - -} diff --git a/libjava/gnu/java/security/provider/DSASignature.java b/libjava/gnu/java/security/provider/DSASignature.java deleted file mode 100644 index 1d3875d28e3..00000000000 --- a/libjava/gnu/java/security/provider/DSASignature.java +++ /dev/null @@ -1,251 +0,0 @@ -/* DSASignature.java -- - Copyright (C) 1999, 2003, 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.der.DER; -import gnu.java.security.der.DERReader; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.InvalidParameterException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SecureRandom; -import java.security.SignatureException; -import java.security.SignatureSpi; -import java.security.interfaces.DSAPrivateKey; -import java.security.interfaces.DSAPublicKey; -import java.security.spec.AlgorithmParameterSpec; -import java.util.ArrayList; -import java.util.Random; - -public class DSASignature extends SignatureSpi -{ - private DSAPublicKey publicKey; - private DSAPrivateKey privateKey; - private final MessageDigest digest; - private final SecureRandom random; - - public DSASignature() throws NoSuchAlgorithmException - { - random = new SecureRandom(); - digest = MessageDigest.getInstance ("SHA1"); - } - - private void init() - { - digest.reset(); - } - - public void engineInitVerify (PublicKey publicKey) - throws InvalidKeyException - { - if (publicKey instanceof DSAPublicKey) - this.publicKey = (DSAPublicKey) publicKey; - else - throw new InvalidKeyException(); - init(); - } - - public void engineInitSign (PrivateKey privateKey) - throws InvalidKeyException - { - if (privateKey instanceof DSAPrivateKey) - this.privateKey = (DSAPrivateKey) privateKey; - else - throw new InvalidKeyException ("not a DSA private key"); - - init(); - } - - public void engineInitSign (PrivateKey privateKey, - SecureRandom random) - throws InvalidKeyException - { - if (privateKey instanceof DSAPrivateKey) - this.privateKey = (DSAPrivateKey) privateKey; - else - throw new InvalidKeyException ("not a DSA private key"); - - appRandom = random; - init(); - } - - public void engineUpdate(byte b) - throws SignatureException - { - digest.update (b); - } - - public void engineUpdate (byte[] b, int off, int len) - throws SignatureException - { - digest.update (b, off, len); - } - - public byte[] engineSign() throws SignatureException - { - if (privateKey == null) - throw new SignatureException ("not initialized for signing"); - - try - { - BigInteger g = privateKey.getParams().getG(); - BigInteger p = privateKey.getParams().getP(); - BigInteger q = privateKey.getParams().getQ(); - - BigInteger x = privateKey.getX(); - - BigInteger k = new BigInteger (159, appRandom != null ? appRandom : random); - - BigInteger r = g.modPow(k, p); - r = r.mod(q); - - byte bytes[] = digest.digest(); - BigInteger sha = new BigInteger (1, bytes); - - BigInteger s = sha.add (x.multiply (r)); - s = s.multiply (k.modInverse(q)).mod (q); - - ByteArrayOutputStream bout = new ByteArrayOutputStream(); - ArrayList seq = new ArrayList (2); - seq.add(0, new DERValue (DER.INTEGER, r)); - seq.add(1, new DERValue (DER.INTEGER, s)); - DERWriter.write (bout, new DERValue (DER.CONSTRUCTED | DER.SEQUENCE, seq)); - return bout.toByteArray(); - } - catch (IOException ioe) - { - SignatureException se = new SignatureException(); - se.initCause (ioe); - throw se; - } - catch (ArithmeticException ae) - { - SignatureException se = new SignatureException(); - se.initCause (ae); - throw se; - } - } - - public int engineSign (byte[] outbuf, int offset, int len) - throws SignatureException - { - byte tmp[] = engineSign(); - if (tmp.length > len) - throw new SignatureException ("output buffer too short"); - System.arraycopy (tmp, 0, outbuf, offset, tmp.length); - return tmp.length; - } - - public boolean engineVerify (byte[] sigBytes) - throws SignatureException - { - // Decode sigBytes from ASN.1 DER encoding - try - { - DERReader in = new DERReader (sigBytes); - DERValue val = in.read(); - if (!val.isConstructed()) - throw new SignatureException ("badly formed signature"); - BigInteger r = (BigInteger) in.read().getValue(); - BigInteger s = (BigInteger) in.read().getValue(); - - BigInteger g = publicKey.getParams().getG(); - BigInteger p = publicKey.getParams().getP(); - BigInteger q = publicKey.getParams().getQ(); - - BigInteger y = publicKey.getY(); - - BigInteger w = s.modInverse (q); - - byte bytes[] = digest.digest(); - BigInteger sha = new BigInteger (1, bytes); - - BigInteger u1 = w.multiply (sha).mod ( q ); - - BigInteger u2 = r.multiply (w).mod(q); - - BigInteger v = g.modPow (u1, p).multiply (y.modPow (u2, p)).mod (p).mod (q); - - if (v.equals (r)) - return true; - else - return false; - } - catch (IOException ioe) - { - SignatureException se = new SignatureException ("badly formed signature"); - se.initCause (ioe); - throw se; - } - } - - public void engineSetParameter (String param, - Object value) - throws InvalidParameterException - { - throw new InvalidParameterException(); - } - - public void engineSetParameter (AlgorithmParameterSpec params) - throws InvalidAlgorithmParameterException - { - throw new InvalidParameterException(); - - } - - public Object engineGetParameter (String param) - throws InvalidParameterException - { - throw new InvalidParameterException(); - } - - public Object clone() throws CloneNotSupportedException - { - return super.clone(); - } -} diff --git a/libjava/gnu/java/security/provider/DefaultPolicy.java b/libjava/gnu/java/security/provider/DefaultPolicy.java deleted file mode 100644 index d42be6c908f..00000000000 --- a/libjava/gnu/java/security/provider/DefaultPolicy.java +++ /dev/null @@ -1,68 +0,0 @@ -/* DefaultPolicy.java -- - Copyright (C) 2001, 2002 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - -package gnu.java.security.provider; - -import java.security.AllPermission; -import java.security.CodeSource; -import java.security.Permission; -import java.security.PermissionCollection; -import java.security.Permissions; -import java.security.Policy; - -/** - * This is just a stub policy implementation which grants all permissions - * to any code source. FIXME: This should be replaced with a real - * implementation that reads the policy configuration from a file, like - * $JAVA_HOME/jre/lib/security/java.security. - */ -public class DefaultPolicy extends Policy -{ - static Permission allPermission = new AllPermission(); - - public PermissionCollection getPermissions(CodeSource codesource) - { - Permissions perms = new Permissions(); - perms.add(allPermission); - return perms; - } - - public void refresh() - { - // Nothing. - } -} diff --git a/libjava/gnu/java/security/provider/EncodedKeyFactory.java b/libjava/gnu/java/security/provider/EncodedKeyFactory.java deleted file mode 100644 index 2bf0fff809e..00000000000 --- a/libjava/gnu/java/security/provider/EncodedKeyFactory.java +++ /dev/null @@ -1,303 +0,0 @@ -/* EncodedKeyFactory.java -- encoded key factory. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.BitString; -import gnu.java.security.der.DERReader; -import gnu.java.security.der.DERValue; - -import java.io.IOException; -import java.math.BigInteger; -import java.security.AlgorithmParameters; -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyFactorySpi; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.spec.DSAParameterSpec; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.InvalidParameterSpecException; -import java.security.spec.KeySpec; -import java.security.spec.PKCS8EncodedKeySpec; -import java.security.spec.RSAPrivateCrtKeySpec; -import java.security.spec.RSAPublicKeySpec; -import java.security.spec.X509EncodedKeySpec; - -import javax.crypto.spec.DHParameterSpec; - -/** - * A factory for keys encoded in either the X.509 format (for public - * keys) or the PKCS#8 format (for private keys). - * - * @author Casey Marshall (rsdio@metastatic.org) - */ -public class EncodedKeyFactory extends KeyFactorySpi -{ - - // Constants. - // ------------------------------------------------------------------------ - - private static final OID ID_DSA = new OID("1.2.840.10040.4.1"); - private static final OID ID_RSA = new OID("1.2.840.113549.1.1.1"); - private static final OID ID_DH = new OID("1.2.840.10046.2.1"); - - // Instance methods. - // ------------------------------------------------------------------------ - - public PublicKey engineGeneratePublic(KeySpec spec) - throws InvalidKeySpecException - { - if (!(spec instanceof X509EncodedKeySpec)) - throw new InvalidKeySpecException("only supports X.509 key specs"); - DERReader der = new DERReader(((X509EncodedKeySpec) spec).getEncoded()); - try - { - DERValue spki = der.read(); - if (!spki.isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - DERValue alg = der.read(); - if (!alg.isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - DERValue val = der.read(); - if (!(val.getValue() instanceof OID)) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - OID algId = (OID) val.getValue(); - byte[] algParams = null; - if (alg.getLength() > val.getEncodedLength()) - { - val = der.read(); - algParams = val.getEncoded(); - if (val.isConstructed()) - der.skip(val.getLength()); - } - val = der.read(); - if (!(val.getValue() instanceof BitString)) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - byte[] publicKey = ((BitString) val.getValue()).toByteArray(); - if (algId.equals(ID_DSA)) - { - BigInteger p = null, g = null, q = null, Y; - if (algParams != null) - { - DERReader dsaParams = new DERReader(algParams); - val = dsaParams.read(); - if (!val.isConstructed()) - throw new InvalidKeySpecException("malformed DSA parameters"); - val = dsaParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DSA parameters"); - p = (BigInteger) val.getValue(); - val = dsaParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DSA parameters"); - q = (BigInteger) val.getValue(); - val = dsaParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DSA parameters"); - g = (BigInteger) val.getValue(); - } - DERReader dsaPub = new DERReader(publicKey); - val = dsaPub.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DSA parameters"); - Y = (BigInteger) val.getValue(); - return new GnuDSAPublicKey(Y, p, q, g); - } - else if (algId.equals(ID_RSA)) - { - DERReader rsaParams = new DERReader(publicKey); - if (!rsaParams.read().isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - return new GnuRSAPublicKey(new RSAPublicKeySpec( - (BigInteger) rsaParams.read().getValue(), - (BigInteger) rsaParams.read().getValue())); - } - else if (algId.equals(ID_DH)) - { - if (algParams == null) - throw new InvalidKeySpecException("missing DH parameters"); - DERReader dhParams = new DERReader(algParams); - val = dhParams.read(); - BigInteger p, g, q, Y; - if (!val.isConstructed()) - throw new InvalidKeySpecException("malformed DH parameters"); - val = dhParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DH parameters"); - p = (BigInteger) val.getValue(); - val = dhParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DH parameters"); - g = (BigInteger) val.getValue(); - val = dhParams.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DH parameters"); - q = (BigInteger) val.getValue(); - DERReader dhPub = new DERReader(publicKey); - val = dhPub.read(); - if (!(val.getValue() instanceof BigInteger)) - throw new InvalidKeySpecException("malformed DH parameters"); - Y = (BigInteger) val.getValue(); - return (PublicKey) new GnuDHPublicKey(new DHParameterSpec(p, g), Y, q); - } - else - throw new InvalidKeySpecException("unknown algorithm: " + algId); - } - catch (IOException ioe) - { - throw new InvalidKeySpecException(ioe.getMessage()); - } - } - - public PrivateKey engineGeneratePrivate(KeySpec spec) - throws InvalidKeySpecException - { - if (!(spec instanceof PKCS8EncodedKeySpec)) - { - throw new InvalidKeySpecException("only supports PKCS8 key specs"); - } - DERReader der = new DERReader(((PKCS8EncodedKeySpec) spec).getEncoded()); - try - { - DERValue pki = der.read(); - if (!pki.isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - DERValue val = der.read(); - if (!(val.getValue() instanceof BigInteger)) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - DERValue alg = der.read(); - if (!alg.isConstructed()) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - val = der.read(); - if (!(val.getValue() instanceof OID)) - { - throw new InvalidKeySpecException("malformed encoded key"); - } - OID algId = (OID) val.getValue(); - byte[] algParams = null; - if (alg.getLength() > val.getEncodedLength()) - { - val = der.read(); - algParams = val.getEncoded(); - if (val.isConstructed()) - der.skip(val.getLength()); - } - byte[] privateKey = (byte[]) der.read().getValue(); - if (algId.equals(ID_DSA)) - { - if (algParams == null) - { - throw new InvalidKeySpecException("missing DSA parameters"); - } - AlgorithmParameters params = AlgorithmParameters.getInstance("DSA"); - params.init(algParams); - DSAParameterSpec dsaSpec = (DSAParameterSpec) - params.getParameterSpec(DSAParameterSpec.class); - DERReader dsaPriv = new DERReader(privateKey); - return new GnuDSAPrivateKey((BigInteger) dsaPriv.read().getValue(), - dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG()); - } - else if (algId.equals(ID_RSA)) - { - DERReader rsaParams = new DERReader(privateKey); - if (!rsaParams.read().isConstructed()) - throw new InvalidKeySpecException("malformed encoded key"); - return new GnuRSAPrivateKey(new RSAPrivateCrtKeySpec( - (BigInteger) rsaParams.read().getValue(), // n - (BigInteger) rsaParams.read().getValue(), // e - (BigInteger) rsaParams.read().getValue(), // d - (BigInteger) rsaParams.read().getValue(), // p - (BigInteger) rsaParams.read().getValue(), // q - (BigInteger) rsaParams.read().getValue(), // d mod (p - 1) - (BigInteger) rsaParams.read().getValue(), // d mod (q - 1) - (BigInteger) rsaParams.read().getValue())); // (inv q) mod p - } - else - throw new InvalidKeySpecException("unknown algorithm: " + algId); - } - catch (InvalidParameterSpecException iapse) - { - throw new InvalidKeySpecException(iapse.getMessage()); - } - catch (NoSuchAlgorithmException nsae) - { - throw new InvalidKeySpecException(nsae.getMessage()); - } - catch (IOException ioe) - { - throw new InvalidKeySpecException(ioe.getMessage()); - } - } - - public KeySpec engineGetKeySpec(Key key, Class speClass) - throws InvalidKeySpecException - { - if ((key instanceof PrivateKey) && key.getFormat().equals("PKCS#8") - && speClass.isAssignableFrom(PKCS8EncodedKeySpec.class)) - return new PKCS8EncodedKeySpec(key.getEncoded()); - else if ((key instanceof PublicKey) && key.getFormat().equals("X.509") - && speClass.isAssignableFrom(X509EncodedKeySpec.class)) - return new X509EncodedKeySpec(key.getEncoded()); - else - throw new InvalidKeySpecException(); - } - - public Key engineTranslateKey(Key key) throws InvalidKeyException - { - throw new InvalidKeyException("translating keys not supported"); - } -} diff --git a/libjava/gnu/java/security/provider/Gnu.java b/libjava/gnu/java/security/provider/Gnu.java deleted file mode 100644 index 849f63c1601..00000000000 --- a/libjava/gnu/java/security/provider/Gnu.java +++ /dev/null @@ -1,168 +0,0 @@ -/* Gnu.java --- Gnu provider main class - Copyright (C) 1999, 2002, 2003, 2005 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.AccessController; -import java.security.PrivilegedAction; -import java.security.Provider; - -public final class Gnu extends Provider -{ - public Gnu() - { - super("GNU", 1.0, "GNU provider v1.0 implementing SHA-1, MD5, DSA, RSA, X.509 Certificates and CRLs, PKIX certificate path validators, Collection cert stores"); - - AccessController.doPrivileged (new PrivilegedAction() - { - public Object run() - { - // Note that all implementation class names are referenced by using - // Class.getName(). That way when we staticly link the Gnu provider - // we automatically get all the implementation classes. - - // Signature - put("Signature.SHA1withDSA", - gnu.java.security.provider.DSASignature.class.getName()); - - put("Alg.Alias.Signature.DSS", "SHA1withDSA"); - put("Alg.Alias.Signature.DSA", "SHA1withDSA"); - put("Alg.Alias.Signature.SHAwithDSA", "SHA1withDSA"); - put("Alg.Alias.Signature.DSAwithSHA", "SHA1withDSA"); - put("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA"); - put("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA"); - put("Alg.Alias.Signature.SHA-1/DSA", "SHA1withDSA"); - put("Alg.Alias.Signature.SHA1/DSA", "SHA1withDSA"); - put("Alg.Alias.Signature.OID.1.2.840.10040.4.3", "SHA1withDSA"); - put("Alg.Alias.Signature.1.2.840.10040.4.3", "SHA1withDSA"); - put("Alg.Alias.Signature.1.3.14.3.2.13", "SHA1withDSA"); - put("Alg.Alias.Signature.1.3.14.3.2.27", "SHA1withDSA"); - - put("Signature.MD2withRSA", MD2withRSA.class.getName()); - put("Signature.MD2withRSA ImplementedIn", "Software"); - put("Alg.Alias.Signature.md2WithRSAEncryption", "MD2withRSA"); - put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.2", "MD2withRSA"); - put("Alg.Alias.Signature.1.2.840.113549.1.1.2", "MD2withRSA"); - - put("Signature.MD4withRSA", MD4withRSA.class.getName()); - put("Signature.MD4withRSA ImplementedIn", "Software"); - put("Alg.Alias.Signature.md4WithRSAEncryption", "MD4withRSA"); - put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.3", "MD4withRSA"); - put("Alg.Alias.Signature.1.2.840.113549.1.1.3", "MD4withRSA"); - - put("Signature.MD5withRSA", MD5withRSA.class.getName()); - put("Signature.MD5withRSA ImplementedIn", "Software"); - put("Alg.Alias.Signature.md5WithRSAEncryption", "MD5withRSA"); - put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.4", "MD5withRSA"); - put("Alg.Alias.Signature.1.2.840.113549.1.1.4", "MD5withRSA"); - - put("Signature.SHA1withRSA", SHA1withRSA.class.getName()); - put("Signature.SHA1withRSA ImplementedIn", "Software"); - put("Alg.Alias.Signature.sha-1WithRSAEncryption", "SHA1withRSA"); - put("Alg.Alias.Signature.OID.1.2.840.113549.1.1.5", "SHA1withRSA"); - put("Alg.Alias.Signature.1.2.840.113549.1.1.5", "SHA1withRSA"); - - // Key Pair Generator - put("KeyPairGenerator.DSA", - gnu.java.security.provider.DSAKeyPairGenerator.class.getName()); - - put("Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSA"); - - // Key Factory - put("KeyFactory.DSA", - gnu.java.security.provider.DSAKeyFactory.class.getName()); - - put("KeyFactory.Encoded", EncodedKeyFactory.class.getName()); - put("KeyFactory.Encoded ImplementedIn", "Software"); - put("Alg.Alias.KeyFactory.X.509", "Encoded"); - put("Alg.Alias.KeyFactory.X509", "Encoded"); - put("Alg.Alias.KeyFactory.PKCS#8", "Encoded"); - put("Alg.Alias.KeyFactory.PKCS8", "Encoded"); - - put("KeyFactory.RSA", RSAKeyFactory.class.getName()); - - put("Alg.Alias.KeyFactory.OID.1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.KeyFactory.1.2.840.10040.4.1", "DSA"); - put("Alg.Alias.KeyFactory.1.3.14.3.2.12", "DSA"); - - // Message Digests - put("MessageDigest.SHA", gnu.java.security.provider.SHA.class.getName()); - put("MessageDigest.MD5", gnu.java.security.provider.MD5.class.getName()); - - // Format "Alias", "Actual Name" - put("Alg.Alias.MessageDigest.SHA1", "SHA"); - put("Alg.Alias.MessageDigest.SHA-1", "SHA"); - put("Alg.Alias.MessageDigest.SHA-160", "SHA"); - - // Algorithm Parameters - put("AlgorithmParameters.DSA", - gnu.java.security.provider.DSAParameters.class.getName()); - - put("Alg.Alias.AlgorithmParameters.DSS", "DSA"); - put("Alg.Alias.AlgorithmParameters.SHAwithDSA", "DSA"); - put("Alg.Alias.AlgorithmParameters.OID.1.2.840.10040.4.3", "DSA"); - put("Alg.Alias.AlgorithmParameters.1.2.840.10040.4.3", "DSA"); - - // Algorithm Parameter Generator - put("AlgorithmParameterGenerator.DSA", - gnu.java.security.provider.DSAParameterGenerator.class.getName()); - - // SecureRandom - put("SecureRandom.SHA1PRNG", - gnu.java.security.provider.SHA1PRNG.class.getName()); - - // CertificateFactory - put("CertificateFactory.X509", X509CertificateFactory.class.getName()); - - put("CertificateFactory.X509 ImplementedIn", "Software"); - put("Alg.Alias.CertificateFactory.X.509", "X509"); - - // CertPathValidator - put("CertPathValidator.PKIX", PKIXCertPathValidatorImpl.class.getName()); - put("CertPathValidator.PKIX ImplementedIn", "Software"); - - // CertStore - put("CertStore.Collection", CollectionCertStoreImpl.class.getName()); - - return null; - } - }); - } -} diff --git a/libjava/gnu/java/security/provider/GnuDHPublicKey.java b/libjava/gnu/java/security/provider/GnuDHPublicKey.java deleted file mode 100644 index 6e13f6bf20f..00000000000 --- a/libjava/gnu/java/security/provider/GnuDHPublicKey.java +++ /dev/null @@ -1,115 +0,0 @@ -/* GnuDHPublicKey.java -- A Diffie-Hellman public key. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.BitString; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; - -import java.math.BigInteger; -import java.util.ArrayList; - -import javax.crypto.interfaces.DHPublicKey; -import javax.crypto.spec.DHParameterSpec; - -public class GnuDHPublicKey implements DHPublicKey -{ - - // Fields. - // ------------------------------------------------------------------------- - - private byte[] encoded; - private final DHParameterSpec params; - private final BigInteger Y; - private final BigInteger q; - - // Constructor. - // ------------------------------------------------------------------------- - - public GnuDHPublicKey(DHParameterSpec params, BigInteger Y, BigInteger q) - { - this.params = params; - this.Y = Y; - this.q = q; - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public BigInteger getY() - { - return Y; - } - - public DHParameterSpec getParams() - { - return params; - } - - public String getAlgorithm() - { - return "DH"; - } - - public String getFormat() - { - return "X.509"; - } - - public byte[] getEncoded() - { - if (encoded != null) - return (byte[]) encoded.clone(); - ArrayList spki = new ArrayList(2); - ArrayList alg = new ArrayList(2); - alg.add(new DERValue(DER.OBJECT_IDENTIFIER, new OID("1.2.840.10046.2.1"))); - ArrayList param = new ArrayList(3); - param.add(new DERValue(DER.INTEGER, params.getP())); - param.add(new DERValue(DER.INTEGER, params.getG())); - param.add(new DERValue(DER.INTEGER, q)); - alg.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, param)); - spki.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, alg)); - spki.add(new DERValue(DER.BIT_STRING, new BitString(Y.toByteArray()))); - encoded = new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, spki).getEncoded(); - if (encoded != null) - return (byte[]) encoded.clone(); - return null; - } -} diff --git a/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java b/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java deleted file mode 100644 index aac2faab229..00000000000 --- a/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java +++ /dev/null @@ -1,147 +0,0 @@ -/* GnuDSAPrivateKey.java --- Gnu DSA Private Key - Copyright (C) 1999,2003,2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.interfaces.DSAParams; -import java.security.interfaces.DSAPrivateKey; -import java.security.spec.DSAParameterSpec; -import java.util.ArrayList; - -public class GnuDSAPrivateKey implements DSAPrivateKey -{ - private byte[] encodedKey; - BigInteger x; - BigInteger p; - BigInteger q; - BigInteger g; - - public GnuDSAPrivateKey(BigInteger x, BigInteger p, BigInteger q, BigInteger g ) - { - this.x = x; - this.p = p; - this.q = q; - this.g = g; - } - - public String getAlgorithm() - { - return "DSA"; - } - - public String getFormat() - { - return "PKCS#8"; - } - - /** - * Encodes this key as a <code>PrivateKeyInfo</code>, as described in - * PKCS #8. The ASN.1 specification for this structure is: - * - * <blockquote><pre> - * PrivateKeyInfo ::= SEQUENCE { - * version Version, - * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, - * privateKey PrivateKey, - * attributes [0] IMPLICIT Attributes OPTIONAL } - * - * Version ::= INTEGER - * - * PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier - * - * PrivateKey ::= OCTET STRING - * - * Attributes ::= SET OF Attribute - * </pre></blockquote> - * - * <p>DSA private keys (in Classpath at least) have no attributes. - */ - public byte[] getEncoded() - { - if (encodedKey != null) - return (byte[]) encodedKey.clone(); - try - { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - ArrayList pki = new ArrayList(3); - pki.add(new DERValue(DER.INTEGER, BigInteger.ZERO)); - ArrayList algId = new ArrayList(2); - algId.add(new DERValue(DER.OBJECT_IDENTIFIER, - new OID("1.2.840.10040.4.1"))); - ArrayList algParams = new ArrayList(3); - algParams.add(new DERValue(DER.INTEGER, p)); - algParams.add(new DERValue(DER.INTEGER, q)); - algParams.add(new DERValue(DER.INTEGER, g)); - algId.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, algParams)); - pki.add(new DERValue(DER.OCTET_STRING, x.toByteArray())); - DERWriter.write(out, new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, pki)); - return (byte[]) (encodedKey = out.toByteArray()).clone(); - } - catch (IOException ioe) - { - return null; - } - } - - public DSAParams getParams() - { - return (DSAParams)(new DSAParameterSpec(p,q,g)); - } - - public BigInteger getX() - { - return x; - } - - public String toString() - { - return "GnuDSAPrivateKey: x=" - + (x != null ? x.toString(16) : "null") + " p=" - + (p != null ? p.toString(16) : "null") + " q=" - + (q != null ? q.toString(16) : "null") + " g=" - + (g != null ? g.toString(16) : "null"); - } -} diff --git a/libjava/gnu/java/security/provider/GnuDSAPublicKey.java b/libjava/gnu/java/security/provider/GnuDSAPublicKey.java deleted file mode 100644 index 41195fa992c..00000000000 --- a/libjava/gnu/java/security/provider/GnuDSAPublicKey.java +++ /dev/null @@ -1,137 +0,0 @@ -/* GnuDSAPublicKey.java --- Gnu DSA Public Key - Copyright (C) 1999,2003,2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.BitString; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.interfaces.DSAParams; -import java.security.interfaces.DSAPublicKey; -import java.security.spec.DSAParameterSpec; -import java.util.ArrayList; - -public class GnuDSAPublicKey implements DSAPublicKey -{ - private byte[] encodedKey; - BigInteger y; - BigInteger p; - BigInteger q; - BigInteger g; - - public GnuDSAPublicKey(BigInteger y, BigInteger p, BigInteger q, BigInteger g ) - { - this.y = y; - this.p = p; - this.q = q; - this.g = g; - } - - public String getAlgorithm() - { - return "DSA"; - } - - public String getFormat() - { - return "X.509"; - } - - /** - * The encoded form of DSA public keys is: - * - * <blockquote><pre> - * SubjectPublicKeyInfo ::= SEQUENCE { - * algorithm AlgorithmIdentifier, - * subjectPublicKey BIT STRING } - * </pre></blockquote> - */ - public byte[] getEncoded() - { - if (encodedKey != null) - return (byte[]) encodedKey.clone(); - try - { - ByteArrayOutputStream out = new ByteArrayOutputStream(); - ArrayList spki = new ArrayList(2); - ArrayList alg = new ArrayList(2); - alg.add(new DERValue(DER.OBJECT_IDENTIFIER, - new OID("1.2.840.113549.1.1.1"))); - ArrayList params = new ArrayList(3); - params.add(new DERValue(DER.INTEGER, p)); - params.add(new DERValue(DER.INTEGER, q)); - params.add(new DERValue(DER.INTEGER, g)); - alg.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, params)); - spki.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, alg)); - spki.add(new DERValue(DER.BIT_STRING, new BitString(y.toByteArray()))); - DERWriter.write(out, new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, spki)); - return (byte[]) (encodedKey = out.toByteArray()).clone(); - } - catch (IOException ioe) - { - return null; - } - } - - public DSAParams getParams() - { - if (p == null || q == null || g == null) - return null; - return (DSAParams)(new DSAParameterSpec(p,q,g)); - } - - public BigInteger getY() - { - return y; - } - - public String toString() - { - return - "GnuDSAPublicKey: y=" + (y != null ? y.toString(16) : "(null)") + - " p=" + (p != null ? p.toString(16) : "(null)") + - " q=" + (q != null ? q.toString(16) : "(null)") + - " g=" + (g != null ? g.toString(16) : "(null)"); - } -} diff --git a/libjava/gnu/java/security/provider/GnuRSAPrivateKey.java b/libjava/gnu/java/security/provider/GnuRSAPrivateKey.java deleted file mode 100644 index b09fc88bc5c..00000000000 --- a/libjava/gnu/java/security/provider/GnuRSAPrivateKey.java +++ /dev/null @@ -1,164 +0,0 @@ -/* GnuRSAPrivateKey.java -- GNU RSA private key. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; - -import java.math.BigInteger; -import java.security.interfaces.RSAPrivateCrtKey; -import java.security.spec.RSAPrivateCrtKeySpec; -import java.util.ArrayList; - -class GnuRSAPrivateKey implements RSAPrivateCrtKey -{ - - // Fields. - // ------------------------------------------------------------------------- - - private final RSAPrivateCrtKeySpec spec; - private byte[] encodedKey; - - // Constructor. - // ------------------------------------------------------------------------- - - public GnuRSAPrivateKey(RSAPrivateCrtKeySpec spec) - { - this.spec = spec; - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public BigInteger getModulus() - { - return spec.getModulus(); - } - - public BigInteger getPrivateExponent() - { - return spec.getPrivateExponent(); - } - - public BigInteger getCrtCoefficient() - { - return spec.getCrtCoefficient(); - } - - public BigInteger getPrimeExponentP() - { - return spec.getPrimeExponentP(); - } - - public BigInteger getPrimeExponentQ() - { - return spec.getPrimeExponentQ(); - } - - public BigInteger getPrimeP() - { - return spec.getPrimeP(); - } - - public BigInteger getPrimeQ() - { - return spec.getPrimeQ(); - } - - public BigInteger getPublicExponent() - { - return spec.getPublicExponent(); - } - - public String getAlgorithm() - { - return "RSA"; - } - - public String getFormat() - { - return "PKCS#8"; - } - - /** - * The encoded form is: - * - * <pre> - * RSAPrivateKey ::= SEQUENCE { - * version Version, - * modulus INTEGER, -- n - * publicExponent INTEGER, -- e - * privateExponent INTEGER, -- d - * prime1 INTEGER, -- p - * prime2 INTEGER, -- q - * exponent1 INTEGER, -- d mod (p-1) - * exponent2 INTEGER, -- d mod (q-1) - * coefficient INTEGER -- (inverse of q) mod p } - * </pre> - * - * <p>Which is in turn encoded in a PrivateKeyInfo structure from PKCS#8. - */ - public byte[] getEncoded() - { - if (encodedKey != null) - return (byte[]) encodedKey.clone(); - ArrayList key = new ArrayList(9); - key.add(new DERValue(DER.INTEGER, BigInteger.ZERO)); - key.add(new DERValue(DER.INTEGER, getModulus())); - key.add(new DERValue(DER.INTEGER, getPublicExponent())); - key.add(new DERValue(DER.INTEGER, getPrivateExponent())); - key.add(new DERValue(DER.INTEGER, getPrimeP())); - key.add(new DERValue(DER.INTEGER, getPrimeQ())); - key.add(new DERValue(DER.INTEGER, getPrimeExponentP())); - key.add(new DERValue(DER.INTEGER, getPrimeExponentQ())); - key.add(new DERValue(DER.INTEGER, getCrtCoefficient())); - DERValue pk = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, key); - ArrayList pki = new ArrayList(3); - pki.add(new DERValue(DER.INTEGER, BigInteger.ZERO)); - ArrayList alg = new ArrayList(2); - alg.add(new DERValue(DER.OBJECT_IDENTIFIER, - new OID("1.2.840.113549.1.1.1"))); - alg.add(new DERValue(DER.NULL, null)); - pki.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, alg)); - pki.add(new DERValue(DER.OCTET_STRING, pk.getEncoded())); - encodedKey = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, pki).getEncoded(); - return (byte[]) encodedKey.clone(); - } -} diff --git a/libjava/gnu/java/security/provider/GnuRSAPublicKey.java b/libjava/gnu/java/security/provider/GnuRSAPublicKey.java deleted file mode 100644 index a35e761c066..00000000000 --- a/libjava/gnu/java/security/provider/GnuRSAPublicKey.java +++ /dev/null @@ -1,109 +0,0 @@ -/* GnuRSAPublicKey.java -- GNU RSA public key. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.BitString; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERValue; - -import java.math.BigInteger; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.RSAPublicKeySpec; -import java.util.ArrayList; - -class GnuRSAPublicKey implements RSAPublicKey -{ - - // Fields. - // ------------------------------------------------------------------------- - - private final RSAPublicKeySpec spec; - private byte[] encodedKey; - - // Constructor. - // ------------------------------------------------------------------------- - - public GnuRSAPublicKey(RSAPublicKeySpec spec) - { - this.spec = spec; - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public BigInteger getModulus() - { - return spec.getModulus(); - } - - public BigInteger getPublicExponent() - { - return spec.getPublicExponent(); - } - - public String getAlgorithm() - { - return "RSA"; - } - - public String getFormat() - { - return "X.509"; - } - - public byte[] getEncoded() - { - if (encodedKey != null) - return (byte[]) encodedKey.clone(); - ArrayList key = new ArrayList(2); - key.add(new DERValue(DER.INTEGER, getModulus())); - key.add(new DERValue(DER.INTEGER, getPublicExponent())); - DERValue rsapk = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, key); - ArrayList alg = new ArrayList(2); - alg.add(new DERValue(DER.OBJECT_IDENTIFIER, - new OID("1.2.840.113549.1.1.1"))); - alg.add(new DERValue(DER.NULL, null)); - ArrayList spki = new ArrayList(2); - spki.add(new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, alg)); - spki.add(new DERValue(DER.BIT_STRING, new BitString(rsapk.getEncoded()))); - encodedKey = new DERValue(DER.SEQUENCE|DER.CONSTRUCTED, spki).getEncoded(); - return (byte[]) encodedKey.clone(); - } -} diff --git a/libjava/gnu/java/security/provider/MD2withRSA.java b/libjava/gnu/java/security/provider/MD2withRSA.java deleted file mode 100644 index a72ae5588dc..00000000000 --- a/libjava/gnu/java/security/provider/MD2withRSA.java +++ /dev/null @@ -1,54 +0,0 @@ -/* MD2withRSA.java -- MD2 with RSA encryption signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class MD2withRSA extends RSA -{ - - // Constructor. - // ------------------------------------------------------------------------- - - public MD2withRSA() throws NoSuchAlgorithmException - { - super(MessageDigest.getInstance("MD2"), DIGEST_ALGORITHM.getChild(2)); - } -} diff --git a/libjava/gnu/java/security/provider/MD4withRSA.java b/libjava/gnu/java/security/provider/MD4withRSA.java deleted file mode 100644 index 76a6a1ad033..00000000000 --- a/libjava/gnu/java/security/provider/MD4withRSA.java +++ /dev/null @@ -1,54 +0,0 @@ -/* MD4withRSA.java -- MD4 with RSA encryption signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class MD4withRSA extends RSA -{ - - // Constructor. - // ------------------------------------------------------------------------- - - public MD4withRSA() throws NoSuchAlgorithmException - { - super(MessageDigest.getInstance("MD4"), DIGEST_ALGORITHM.getChild(4)); - } -} diff --git a/libjava/gnu/java/security/provider/MD5.java b/libjava/gnu/java/security/provider/MD5.java deleted file mode 100644 index 1534eb91089..00000000000 --- a/libjava/gnu/java/security/provider/MD5.java +++ /dev/null @@ -1,338 +0,0 @@ -/* MD5.java -- Class implementing the MD5 algorithm as specified in RFC1321. - Copyright (C) 1999, 2002 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; -import java.security.MessageDigest; - -/** - This class implements the MD5 algorithm as described in RFC1321. - - @see java.security.MessageDigest -*/ -public class MD5 extends MessageDigest implements Cloneable -{ - private final int W[] = new int[16]; - private long bytecount; - private int A; - private int B; - private int C; - private int D; - - public MD5() - { - super("MD5"); - engineReset (); - } - - public Object clone() - { - return new MD5 (this); - } - - private MD5 (MD5 copy) - { - this (); - bytecount = copy.bytecount; - A = copy.A; - B = copy.B; - C = copy.C; - D = copy.D; - System.arraycopy (copy.W, 0, W, 0, 16); - } - - public int engineGetDigestLength() - { - return 16; - } - - // Intialize the A,B,C,D needed for the hash - public void engineReset() - { - bytecount = 0; - A = 0x67452301; - B = 0xefcdab89; - C = 0x98badcfe; - D = 0x10325476; - for(int i = 0; i < 16; i++) - W[i] = 0; - } - - public void engineUpdate (byte b) - { - int i = (int)bytecount % 64; - int shift = (3 - i % 4) * 8; - int idx = i / 4; - - // if you could index ints, this would be: W[idx][shift/8] = b - W[idx] = (W[idx] & ~(0xff << shift)) | ((b & 0xff) << shift); - - // if we've filled up a block, then process it - if ((++ bytecount) % 64 == 0) - munch (); - } - - public void engineUpdate (byte bytes[], int off, int len) - { - if (len < 0) - throw new ArrayIndexOutOfBoundsException (); - - int end = off + len; - while (off < end) - engineUpdate (bytes[off++]); - } - - public byte[] engineDigest() - { - long bitcount = bytecount * 8; - engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding - - // add the rest of the padding to fill this block out, but leave 8 - // bytes to put in the original bytecount - while ((int)bytecount % 64 != 56) - engineUpdate ((byte)0); - - // add the length of the original, unpadded block to the end of - // the padding - W[14] = SWAP((int)(0xffffffff & bitcount)); - W[15] = SWAP((int)(0xffffffff & (bitcount >>> 32))); - bytecount += 8; - - // digest the fully padded block - munch (); - - A = SWAP(A); - B = SWAP(B); - C = SWAP(C); - D = SWAP(D); - byte[] result = new byte[] {(byte)(A >>> 24), (byte)(A >>> 16), - (byte)(A >>> 8), (byte)A, - (byte)(B >>> 24), (byte)(B >>> 16), - (byte)(B >>> 8), (byte)B, - (byte)(C >>> 24), (byte)(C >>> 16), - (byte)(C >>> 8), (byte)C, - (byte)(D >>> 24), (byte)(D >>> 16), - (byte)(D >>> 8), (byte)D}; - - engineReset (); - return result; - } - - private int F( int X, int Y, int Z) - { - return ((X & Y) | (~X & Z)); - } - - private int G( int X, int Y, int Z) - { - return ((X & Z) | (Y & ~Z)); - } - - private int H( int X, int Y, int Z) - { - return (X ^ Y ^ Z); - } - - private int I( int X, int Y, int Z) - { - return (Y ^ (X | ~Z)); - } - - private int rotateLeft( int i, int count) - { - //Taken from FIPS 180-1 - return ( (i << count) | (i >>> (32 - count)) ) ; - } - - /* Round 1. */ - private int FF( int a, int b, int c, int d, int k, int s, int i) - { - /* Let [abcd k s i] denote the operation */ - a += F(b,c,d) + k + i; - return b + rotateLeft(a, s); - } - /* Round 2. */ - private int GG( int a, int b, int c, int d, int k, int s, int i) - { - /* Let [abcd k s i] denote the operation */ - a += G(b,c,d) + k + i; - return b + rotateLeft(a, s); - } - /* Round 3. */ - private int HH( int a, int b, int c, int d, int k, int s, int i) - { - /* Let [abcd k s t] denote the operation */ - a += H(b,c,d) + k + i; - return b + rotateLeft(a, s); - } - - /* Round 4. */ - private int II( int a, int b, int c, int d, int k, int s, int i) - { - /* Let [abcd k s t] denote the operation */ - a += I(b,c,d) + k + i; - return b + rotateLeft(a, s); - } - - private int SWAP(int n) - { - //Copied from md5.c in FSF Gnu Privacy Guard 0.9.2 - return (( (0xff & n) << 24) | ((n & 0xff00) << 8) | ((n >>> 8) & 0xff00) | (n >>> 24)); - } - - private void munch() - { - int AA,BB,CC,DD, j; - int X[] = new int[16]; - - /* Copy block i into X. */ - for(j = 0; j < 16; j++) - X[j] = SWAP(W[j]); - - /* Save A as AA, B as BB, C as CC, and D as DD. */ - AA = A; - BB = B; - CC = C; - DD = D; - - /* The hex constants are from md5.c - in FSF Gnu Privacy Guard 0.9.2 */ - /* Round 1. */ - /* Let [abcd k s i] denote the operation - a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */ - /* Do the following 16 operations. */ - A = FF(A,B,C,D, X[0], 7, 0xd76aa478); - D = FF(D,A,B,C, X[1], 12, 0xe8c7b756); - C = FF(C,D,A,B, X[2], 17, 0x242070db); - B = FF(B,C,D,A, X[3], 22, 0xc1bdceee); - - A = FF(A,B,C,D, X[4], 7, 0xf57c0faf); - D = FF(D,A,B,C, X[5], 12, 0x4787c62a); - C = FF(C,D,A,B, X[6], 17, 0xa8304613); - B = FF(B,C,D,A, X[7], 22, 0xfd469501); - - A = FF(A,B,C,D, X[8], 7, 0x698098d8); - D = FF(D,A,B,C, X[9], 12, 0x8b44f7af); - C = FF(C,D,A,B, X[10], 17, 0xffff5bb1); - B = FF(B,C,D,A, X[11], 22, 0x895cd7be); - - A = FF(A,B,C,D, X[12], 7, 0x6b901122); - D = FF(D,A,B,C, X[13], 12, 0xfd987193); - C = FF(C,D,A,B, X[14], 17, 0xa679438e); - B = FF(B,C,D,A, X[15], 22, 0x49b40821); - - /* Round 2. */ - /* Let [abcd k s i] denote the operation - a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */ - /* Do the following 16 operations. */ - A = GG(A,B,C,D, X[1], 5, 0xf61e2562); - D = GG(D,A,B,C, X[6], 9, 0xc040b340); - C = GG(C,D,A,B, X[11], 14, 0x265e5a51); - B = GG(B,C,D,A, X[0], 20, 0xe9b6c7aa); - - A = GG(A,B,C,D, X[5], 5, 0xd62f105d); - D = GG(D,A,B,C, X[10], 9, 0x02441453); - C = GG(C,D,A,B, X[15], 14, 0xd8a1e681); - B = GG(B,C,D,A, X[4], 20, 0xe7d3fbc8); - - A = GG(A,B,C,D, X[9], 5, 0x21e1cde6); - D = GG(D,A,B,C, X[14], 9, 0xc33707d6); - C = GG(C,D,A,B, X[3], 14, 0xf4d50d87); - B = GG(B,C,D,A, X[8], 20, 0x455a14ed); - - A = GG(A,B,C,D, X[13], 5, 0xa9e3e905); - D = GG(D,A,B,C, X[2], 9, 0xfcefa3f8); - C = GG(C,D,A,B, X[7], 14, 0x676f02d9); - B = GG(B,C,D,A, X[12], 20, 0x8d2a4c8a); - - /* Round 3. */ - /* Let [abcd k s t] denote the operation - a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */ - /* Do the following 16 operations. */ - A = HH(A,B,C,D, X[5], 4, 0xfffa3942); - D = HH(D,A,B,C, X[8], 11, 0x8771f681); - C = HH(C,D,A,B, X[11], 16, 0x6d9d6122); - B = HH(B,C,D,A, X[14], 23, 0xfde5380c); - - A = HH(A,B,C,D, X[1], 4, 0xa4beea44); - D = HH(D,A,B,C, X[4], 11, 0x4bdecfa9); - C = HH(C,D,A,B, X[7], 16, 0xf6bb4b60); - B = HH(B,C,D,A, X[10], 23, 0xbebfbc70); - - A = HH(A,B,C,D, X[13], 4, 0x289b7ec6); - D = HH(D,A,B,C, X[0], 11, 0xeaa127fa); - C = HH(C,D,A,B, X[3], 16, 0xd4ef3085); - B = HH(B,C,D,A, X[6], 23, 0x04881d05); - - A = HH(A,B,C,D, X[9], 4, 0xd9d4d039); - D = HH(D,A,B,C, X[12], 11, 0xe6db99e5); - C = HH(C,D,A,B, X[15], 16, 0x1fa27cf8); - B = HH(B,C,D,A, X[2], 23, 0xc4ac5665); - - /* Round 4. */ - /* Let [abcd k s t] denote the operation - a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */ - /* Do the following 16 operations. */ - A = II(A,B,C,D, X[0], 6, 0xf4292244); - D = II(D,A,B,C, X[7], 10, 0x432aff97); - C = II(C,D,A,B, X[14], 15, 0xab9423a7); - B = II(B,C,D,A, X[5], 21, 0xfc93a039); - - A = II(A,B,C,D, X[12], 6, 0x655b59c3); - D = II(D,A,B,C, X[3], 10, 0x8f0ccc92); - C = II(C,D,A,B, X[10], 15, 0xffeff47d); - B = II(B,C,D,A, X[1], 21, 0x85845dd1); - - A = II(A,B,C,D, X[8], 6, 0x6fa87e4f); - D = II(D,A,B,C, X[15], 10, 0xfe2ce6e0); - C = II(C,D,A,B, X[6], 15, 0xa3014314); - B = II(B,C,D,A, X[13], 21, 0x4e0811a1); - - A = II(A,B,C,D, X[4], 6, 0xf7537e82); - D = II(D,A,B,C, X[11], 10, 0xbd3af235); - C = II(C,D,A,B, X[2], 15, 0x2ad7d2bb); - B = II(B,C,D,A, X[9], 21, 0xeb86d391); - - /* Then perform the following additions. (That is increment each - of the four registers by the value it had before this block - was started.) */ - A = A + AA; - B = B + BB; - C = C + CC; - D = D + DD; - } -} diff --git a/libjava/gnu/java/security/provider/MD5withRSA.java b/libjava/gnu/java/security/provider/MD5withRSA.java deleted file mode 100644 index 721d897ed24..00000000000 --- a/libjava/gnu/java/security/provider/MD5withRSA.java +++ /dev/null @@ -1,54 +0,0 @@ -/* MD5withRSA.java -- MD5 with RSA encryption signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class MD5withRSA extends RSA -{ - - // Constructor. - // ------------------------------------------------------------------------- - - public MD5withRSA() throws NoSuchAlgorithmException - { - super(MessageDigest.getInstance("MD5"), DIGEST_ALGORITHM.getChild(5)); - } -} diff --git a/libjava/gnu/java/security/provider/PKIXCertPathValidatorImpl.java b/libjava/gnu/java/security/provider/PKIXCertPathValidatorImpl.java deleted file mode 100644 index 1268b169d9b..00000000000 --- a/libjava/gnu/java/security/provider/PKIXCertPathValidatorImpl.java +++ /dev/null @@ -1,701 +0,0 @@ -/* PKIXCertPathValidatorImpl.java -- PKIX certificate path validator. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.x509.GnuPKIExtension; -import gnu.java.security.x509.PolicyNodeImpl; -import gnu.java.security.x509.X509CRLSelectorImpl; -import gnu.java.security.x509.X509CertSelectorImpl; -import gnu.java.security.x509.ext.BasicConstraints; -import gnu.java.security.x509.ext.CertificatePolicies; -import gnu.java.security.x509.ext.Extension; -import gnu.java.security.x509.ext.KeyUsage; -import gnu.java.security.x509.ext.PolicyConstraint; - -import java.io.IOException; -import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; -import java.security.PublicKey; -import java.security.cert.CRL; -import java.security.cert.CertPath; -import java.security.cert.CertPathParameters; -import java.security.cert.CertPathValidatorException; -import java.security.cert.CertPathValidatorResult; -import java.security.cert.CertPathValidatorSpi; -import java.security.cert.CertStore; -import java.security.cert.CertStoreException; -import java.security.cert.CertificateException; -import java.security.cert.PKIXCertPathChecker; -import java.security.cert.PKIXCertPathValidatorResult; -import java.security.cert.PKIXParameters; -import java.security.cert.TrustAnchor; -import java.security.cert.X509CRL; -import java.security.cert.X509Certificate; -import java.security.interfaces.DSAParams; -import java.security.interfaces.DSAPublicKey; -import java.util.Arrays; -import java.util.Collection; -import java.util.Collections; -import java.util.Date; -import java.util.HashSet; -import java.util.Iterator; -import java.util.LinkedList; -import java.util.List; -import java.util.Set; - -/** - * An implementation of the Public Key Infrastructure's X.509 - * certificate path validation algorithm. - * - * <p>See <a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280: - * Internet X.509 Public Key Infrastructure Certificate and - * Certificate Revocation List (CRL) Profile</a>. - * - * @author Casey Marshall (rsdio@metastatic.org) - */ -public class PKIXCertPathValidatorImpl extends CertPathValidatorSpi -{ - - // Constants. - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - private static void debug (String msg) - { - System.err.print (">> PKIXCertPathValidatorImpl: "); - System.err.println (msg); - } - - public static final String ANY_POLICY = "2.5.29.32.0"; - - // Constructor. - // ------------------------------------------------------------------------- - - public PKIXCertPathValidatorImpl() - { - super(); - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public CertPathValidatorResult engineValidate(CertPath path, - CertPathParameters params) - throws CertPathValidatorException, InvalidAlgorithmParameterException - { - if (!(params instanceof PKIXParameters)) - throw new InvalidAlgorithmParameterException("not a PKIXParameters object"); - - // First check if the certificate path is valid. - // - // This means that: - // - // (a) for all x in {1, ..., n-1}, the subject of certificate x is - // the issuer of certificate x+1; - // - // (b) for all x in {1, ..., n}, the certificate was valid at the - // time in question. - // - // Because this is the X.509 algorithm, we also check if all - // cerificates are of type X509Certificate. - - PolicyNodeImpl rootNode = new PolicyNodeImpl(); - Set initPolicies = ((PKIXParameters) params).getInitialPolicies(); - rootNode.setValidPolicy(ANY_POLICY); - rootNode.setCritical(false); - rootNode.setDepth(0); - if (initPolicies != null) - rootNode.addAllExpectedPolicies(initPolicies); - else - rootNode.addExpectedPolicy(ANY_POLICY); - List checks = ((PKIXParameters) params).getCertPathCheckers(); - List l = path.getCertificates(); - if (l == null || l.size() == 0) - throw new CertPathValidatorException(); - X509Certificate[] p = null; - try - { - p = (X509Certificate[]) l.toArray(new X509Certificate[l.size()]); - } - catch (ClassCastException cce) - { - throw new CertPathValidatorException("invalid certificate path"); - } - - String sigProvider = ((PKIXParameters) params).getSigProvider(); - PublicKey prevKey = null; - Date now = ((PKIXParameters) params).getDate(); - if (now == null) - now = new Date(); - LinkedList policyConstraints = new LinkedList(); - for (int i = p.length - 1; i >= 0; i--) - { - try - { - p[i].checkValidity(now); - } - catch (CertificateException ce) - { - throw new CertPathValidatorException(ce.toString()); - } - Set uce = getCritExts(p[i]); - for (Iterator check = checks.iterator(); check.hasNext(); ) - { - try - { - ((PKIXCertPathChecker) check.next()).check(p[i], uce); - } - catch (Exception x) - { - } - } - - PolicyConstraint constr = null; - if (p[i] instanceof GnuPKIExtension) - { - Extension pcx = - ((GnuPKIExtension) p[i]).getExtension (PolicyConstraint.ID); - if (pcx != null) - constr = (PolicyConstraint) pcx.getValue(); - } - else - { - byte[] pcx = p[i].getExtensionValue (PolicyConstraint.ID.toString()); - if (pcx != null) - { - try - { - constr = new PolicyConstraint (pcx); - } - catch (Exception x) - { - } - } - } - if (constr != null && constr.getRequireExplicitPolicy() >= 0) - { - policyConstraints.add (new int[] - { p.length-i, constr.getRequireExplicitPolicy() }); - } - - updatePolicyTree(p[i], rootNode, p.length-i, (PKIXParameters) params, - checkExplicitPolicy (p.length-i, policyConstraints)); - - // The rest of the tests involve this cert's relationship with the - // next in the path. If this cert is the end entity, we can stop. - if (i == 0) - break; - - basicSanity(p, i); - PublicKey pubKey = null; - try - { - pubKey = p[i].getPublicKey(); - if (pubKey instanceof DSAPublicKey) - { - DSAParams dsa = ((DSAPublicKey) pubKey).getParams(); - // If the DSA public key is missing its parameters, use those - // from the previous cert's key. - if (dsa == null || dsa.getP() == null || dsa.getG() == null - || dsa.getQ() == null) - { - if (prevKey == null) - throw new InvalidKeyException("DSA keys not chainable"); - if (!(prevKey instanceof DSAPublicKey)) - throw new InvalidKeyException("DSA keys not chainable"); - dsa = ((DSAPublicKey) prevKey).getParams(); - pubKey = new GnuDSAPublicKey(((DSAPublicKey) pubKey).getY(), - dsa.getP(), dsa.getQ(), dsa.getG()); - } - } - if (sigProvider == null) - p[i-1].verify(pubKey); - else - p[i-1].verify(pubKey, sigProvider); - prevKey = pubKey; - } - catch (Exception e) - { - throw new CertPathValidatorException(e.toString()); - } - if (!p[i].getSubjectDN().equals(p[i-1].getIssuerDN())) - throw new CertPathValidatorException("issuer DN mismatch"); - boolean[] issuerUid = p[i-1].getIssuerUniqueID(); - boolean[] subjectUid = p[i].getSubjectUniqueID(); - if (issuerUid != null && subjectUid != null) - if (!Arrays.equals(issuerUid, subjectUid)) - throw new CertPathValidatorException("UID mismatch"); - - // Check the certificate against the revocation lists. - if (((PKIXParameters) params).isRevocationEnabled()) - { - X509CRLSelectorImpl selector = new X509CRLSelectorImpl(); - try - { - selector.addIssuerName(p[i].getSubjectDN()); - } - catch (IOException ioe) - { - throw new CertPathValidatorException("error selecting CRLs"); - } - List certStores = ((PKIXParameters) params).getCertStores(); - List crls = new LinkedList(); - for (Iterator it = certStores.iterator(); it.hasNext(); ) - { - CertStore cs = (CertStore) it.next(); - try - { - Collection c = cs.getCRLs(selector); - crls.addAll(c); - } - catch (CertStoreException cse) - { - } - } - if (crls.isEmpty()) - throw new CertPathValidatorException("no CRLs for issuer"); - boolean certOk = false; - for (Iterator it = crls.iterator(); it.hasNext(); ) - { - CRL crl = (CRL) it.next(); - if (!(crl instanceof X509CRL)) - continue; - X509CRL xcrl = (X509CRL) crl; - if (!checkCRL(xcrl, p, now, p[i], pubKey, certStores)) - continue; - if (xcrl.isRevoked(p[i-1])) - throw new CertPathValidatorException("certificate is revoked"); - else - certOk = true; - } - if (!certOk) - throw new CertPathValidatorException("certificate's validity could not be determined"); - } - } - rootNode.setReadOnly(); - - // Now ensure that the first certificate in the chain was issued - // by a trust anchor. - Exception cause = null; - Set anchors = ((PKIXParameters) params).getTrustAnchors(); - for (Iterator i = anchors.iterator(); i.hasNext(); ) - { - TrustAnchor anchor = (TrustAnchor) i.next(); - X509Certificate anchorCert = null; - PublicKey anchorKey = null; - if (anchor.getTrustedCert() != null) - { - anchorCert = anchor.getTrustedCert(); - anchorKey = anchorCert.getPublicKey(); - } - else - anchorKey = anchor.getCAPublicKey(); - if (anchorKey == null) - continue; - try - { - if (anchorCert == null) - anchorCert.checkValidity(now); - p[p.length-1].verify(anchorKey); - if (anchorCert != null && anchorCert.getBasicConstraints() >= 0 - && anchorCert.getBasicConstraints() < p.length) - continue; - - if (((PKIXParameters) params).isRevocationEnabled()) - { - X509CRLSelectorImpl selector = new X509CRLSelectorImpl(); - if (anchorCert != null) - try - { - selector.addIssuerName(anchorCert.getSubjectDN()); - } - catch (IOException ioe) - { - } - else - selector.addIssuerName(anchor.getCAName()); - List certStores = ((PKIXParameters) params).getCertStores(); - List crls = new LinkedList(); - for (Iterator it = certStores.iterator(); it.hasNext(); ) - { - CertStore cs = (CertStore) it.next(); - try - { - Collection c = cs.getCRLs(selector); - crls.addAll(c); - } - catch (CertStoreException cse) - { - } - } - if (crls.isEmpty()) - continue; - for (Iterator it = crls.iterator(); it.hasNext(); ) - { - CRL crl = (CRL) it.next(); - if (!(crl instanceof X509CRL)) - continue; - X509CRL xcrl = (X509CRL) crl; - try - { - xcrl.verify(anchorKey); - } - catch (Exception x) - { - continue; - } - Date nextUpdate = xcrl.getNextUpdate(); - if (nextUpdate != null && nextUpdate.compareTo(now) < 0) - continue; - if (xcrl.isRevoked(p[p.length-1])) - throw new CertPathValidatorException("certificate is revoked"); - } - } - - // The chain is valid; return the result. - return new PKIXCertPathValidatorResult(anchor, rootNode, - p[0].getPublicKey()); - } - catch (Exception ignored) - { - cause = ignored; - continue; - } - } - - // The path is not valid. - CertPathValidatorException cpve = - new CertPathValidatorException("path validation failed"); - if (cause != null) - cpve.initCause (cause); - throw cpve; - } - - // Own methods. - // ------------------------------------------------------------------------- - - /** - * Check if a given CRL is acceptable for checking the revocation status - * of certificates in the path being checked. - * - * <p>The CRL is accepted iff:</p> - * - * <ol> - * <li>The <i>nextUpdate</i> field (if present) is in the future.</li> - * <li>The CRL does not contain any unsupported critical extensions.</li> - * <li>The CRL is signed by one of the certificates in the path, or,</li> - * <li>The CRL is signed by the given public key and was issued by the - * public key's subject, or,</li> - * <li>The CRL is signed by a certificate in the given cert stores, and - * that cert is signed by one of the certificates in the path.</li> - * </ol> - * - * @param crl The CRL being checked. - * @param path The path this CRL is being checked against. - * @param now The value to use as 'now'. - * @param pubKeySubject The subject of the public key. - * @param pubKey The public key to check. - * @return True if the CRL is acceptable. - */ - private static boolean checkCRL(X509CRL crl, X509Certificate[] path, Date now, - X509Certificate pubKeyCert, PublicKey pubKey, - List certStores) - { - Date nextUpdate = crl.getNextUpdate(); - if (nextUpdate != null && nextUpdate.compareTo(now) < 0) - return false; - if (crl.hasUnsupportedCriticalExtension()) - return false; - for (int i = 0; i < path.length; i++) - { - if (!path[i].getSubjectDN().equals(crl.getIssuerDN())) - continue; - boolean[] keyUsage = path[i].getKeyUsage(); - if (keyUsage != null) - { - if (!keyUsage[KeyUsage.CRL_SIGN]) - continue; - } - try - { - crl.verify(path[i].getPublicKey()); - return true; - } - catch (Exception x) - { - } - } - if (crl.getIssuerDN().equals(pubKeyCert.getSubjectDN())) - { - try - { - boolean[] keyUsage = pubKeyCert.getKeyUsage(); - if (keyUsage != null) - { - if (!keyUsage[KeyUsage.CRL_SIGN]) - throw new Exception(); - } - crl.verify(pubKey); - return true; - } - catch (Exception x) - { - } - } - try - { - X509CertSelectorImpl select = new X509CertSelectorImpl(); - select.addSubjectName(crl.getIssuerDN()); - List certs = new LinkedList(); - for (Iterator it = certStores.iterator(); it.hasNext(); ) - { - CertStore cs = (CertStore) it.next(); - try - { - certs.addAll(cs.getCertificates(select)); - } - catch (CertStoreException cse) - { - } - } - for (Iterator it = certs.iterator(); it.hasNext(); ) - { - X509Certificate c = (X509Certificate) it.next(); - for (int i = 0; i < path.length; i++) - { - if (!c.getIssuerDN().equals(path[i].getSubjectDN())) - continue; - boolean[] keyUsage = c.getKeyUsage(); - if (keyUsage != null) - { - if (!keyUsage[KeyUsage.CRL_SIGN]) - continue; - } - try - { - c.verify(path[i].getPublicKey()); - crl.verify(c.getPublicKey()); - return true; - } - catch (Exception x) - { - } - } - if (c.getIssuerDN().equals(pubKeyCert.getSubjectDN())) - { - c.verify(pubKey); - crl.verify(c.getPublicKey()); - } - } - } - catch (Exception x) - { - } - return false; - } - - private static Set getCritExts(X509Certificate cert) - { - HashSet s = new HashSet(); - if (cert instanceof GnuPKIExtension) - { - Collection exts = ((GnuPKIExtension) cert).getExtensions(); - for (Iterator it = exts.iterator(); it.hasNext(); ) - { - Extension ext = (Extension) it.next(); - if (ext.isCritical() && !ext.isSupported()) - s.add(ext.getOid().toString()); - } - } - else - s.addAll(cert.getCriticalExtensionOIDs()); - return s; - } - - /** - * Perform a basic sanity check on the CA certificate at <code>index</code>. - */ - private static void basicSanity(X509Certificate[] path, int index) - throws CertPathValidatorException - { - X509Certificate cert = path[index]; - int pathLen = 0; - for (int i = index - 1; i > 0; i--) - { - if (!path[i].getIssuerDN().equals(path[i].getSubjectDN())) - pathLen++; - } - Extension e = null; - if (cert instanceof GnuPKIExtension) - { - e = ((GnuPKIExtension) cert).getExtension(BasicConstraints.ID); - } - else - { - try - { - e = new Extension(cert.getExtensionValue(BasicConstraints.ID.toString())); - } - catch (Exception x) - { - } - } - if (e == null) - throw new CertPathValidatorException("no basicConstraints"); - BasicConstraints bc = (BasicConstraints) e.getValue(); - if (!bc.isCA()) - throw new CertPathValidatorException("certificate cannot be used to verify signatures"); - if (bc.getPathLengthConstraint() >= 0 && bc.getPathLengthConstraint() < pathLen) - throw new CertPathValidatorException("path is too long"); - - boolean[] keyUsage = cert.getKeyUsage(); - if (keyUsage != null) - { - if (!keyUsage[KeyUsage.KEY_CERT_SIGN]) - throw new CertPathValidatorException("certificate cannot be used to sign certificates"); - } - } - - private static void updatePolicyTree(X509Certificate cert, PolicyNodeImpl root, - int depth, PKIXParameters params, - boolean explicitPolicy) - throws CertPathValidatorException - { - if (DEBUG) debug("updatePolicyTree depth == " + depth); - Set nodes = new HashSet(); - LinkedList stack = new LinkedList(); - Iterator current = null; - stack.addLast(Collections.singleton(root).iterator()); - do - { - current = (Iterator) stack.removeLast(); - while (current.hasNext()) - { - PolicyNodeImpl p = (PolicyNodeImpl) current.next(); - if (DEBUG) debug("visiting node == " + p); - if (p.getDepth() == depth - 1) - { - if (DEBUG) debug("added node"); - nodes.add(p); - } - else - { - if (DEBUG) debug("skipped node"); - stack.addLast(current); - current = p.getChildren(); - } - } - } - while (!stack.isEmpty()); - - Extension e = null; - CertificatePolicies policies = null; - List qualifierInfos = null; - if (cert instanceof GnuPKIExtension) - { - e = ((GnuPKIExtension) cert).getExtension(CertificatePolicies.ID); - if (e != null) - policies = (CertificatePolicies) e.getValue(); - } - - List cp = null; - if (policies != null) - cp = policies.getPolicies(); - else - cp = Collections.EMPTY_LIST; - boolean match = false; - if (DEBUG) debug("nodes are == " + nodes); - if (DEBUG) debug("cert policies are == " + cp); - for (Iterator it = nodes.iterator(); it.hasNext(); ) - { - PolicyNodeImpl parent = (PolicyNodeImpl) it.next(); - if (DEBUG) debug("adding policies to " + parent); - for (Iterator it2 = cp.iterator(); it2.hasNext(); ) - { - OID policy = (OID) it2.next(); - if (DEBUG) debug("trying to add policy == " + policy); - if (policy.toString().equals(ANY_POLICY) && - params.isAnyPolicyInhibited()) - continue; - PolicyNodeImpl child = new PolicyNodeImpl(); - child.setValidPolicy(policy.toString()); - child.addExpectedPolicy(policy.toString()); - if (parent.getExpectedPolicies().contains(policy.toString())) - { - parent.addChild(child); - match = true; - } - else if (parent.getExpectedPolicies().contains(ANY_POLICY)) - { - parent.addChild(child); - match = true; - } - else if (ANY_POLICY.equals (policy.toString())) - { - parent.addChild (child); - match = true; - } - if (match && policies != null) - { - List qualifiers = policies.getPolicyQualifierInfos (policy); - if (qualifiers != null) - child.addAllPolicyQualifiers (qualifiers); - } - } - } - if (!match && (params.isExplicitPolicyRequired() || explicitPolicy)) - throw new CertPathValidatorException("policy tree building failed"); - } - - private boolean checkExplicitPolicy (int depth, List explicitPolicies) - { - if (DEBUG) debug ("checkExplicitPolicy depth=" + depth); - for (Iterator it = explicitPolicies.iterator(); it.hasNext(); ) - { - int[] i = (int[]) it.next(); - int caDepth = i[0]; - int limit = i[1]; - if (DEBUG) debug (" caDepth=" + caDepth + " limit=" + limit); - if (depth - caDepth >= limit) - return true; - } - return false; - } -} diff --git a/libjava/gnu/java/security/provider/RSA.java b/libjava/gnu/java/security/provider/RSA.java deleted file mode 100644 index c3cfbbf79f1..00000000000 --- a/libjava/gnu/java/security/provider/RSA.java +++ /dev/null @@ -1,311 +0,0 @@ -/* RSA.java -- RSA PKCS#1 signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; -import gnu.java.security.der.DER; -import gnu.java.security.der.DERReader; -import gnu.java.security.der.DERValue; -import gnu.java.security.der.DERWriter; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.InvalidKeyException; -import java.security.MessageDigest; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.SecureRandom; -import java.security.SignatureException; -import java.security.SignatureSpi; -import java.security.interfaces.RSAPrivateKey; -import java.security.interfaces.RSAPublicKey; -import java.util.ArrayList; - -public abstract class RSA extends SignatureSpi implements Cloneable -{ - - // Constants and fields. - // ------------------------------------------------------------------------- - - /** - * digestAlgorithm OBJECT IDENTIFIER ::= - * { iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) } - */ - protected static final OID DIGEST_ALGORITHM = new OID("1.2.840.113549.2"); - - protected final OID digestAlgorithm; - protected final MessageDigest md; - protected RSAPrivateKey signerKey; - protected RSAPublicKey verifierKey; - - // Constructor. - // ------------------------------------------------------------------------- - - protected RSA(MessageDigest md, OID digestAlgorithm) - { - super(); - this.md = md; - this.digestAlgorithm = digestAlgorithm; - } - - // Instance methods. - // ------------------------------------------------------------------------- - - public Object clone() throws CloneNotSupportedException - { - return super.clone(); - } - - protected Object engineGetParameter(String param) - { - throw new UnsupportedOperationException("deprecated"); - } - - protected void engineSetParameter(String param, Object value) - { - throw new UnsupportedOperationException("deprecated"); - } - - protected void engineInitSign(PrivateKey privateKey) - throws InvalidKeyException - { - if (!(privateKey instanceof RSAPrivateKey)) - throw new InvalidKeyException(); - verifierKey = null; - signerKey = (RSAPrivateKey) privateKey; - } - - protected void engineInitSign(PrivateKey privateKey, SecureRandom random) - throws InvalidKeyException - { - // This class does not need random bytes. - engineInitSign(privateKey); - } - - protected void engineInitVerify(PublicKey publicKey) - throws InvalidKeyException - { - if (!(publicKey instanceof RSAPublicKey)) - throw new InvalidKeyException(); - signerKey = null; - verifierKey = (RSAPublicKey) publicKey; - } - - protected void engineUpdate(byte b) throws SignatureException - { - if (signerKey == null && verifierKey == null) - throw new SignatureException("not initialized"); - md.update(b); - } - - protected void engineUpdate(byte[] buf, int off, int len) - throws SignatureException - { - if (signerKey == null && verifierKey == null) - throw new SignatureException("not initialized"); - md.update(buf, off, len); - } - - protected byte[] engineSign() throws SignatureException - { - if (signerKey == null) - throw new SignatureException("not initialized for signing"); - // - // The signature will be the RSA encrypted BER representation of - // the following: - // - // DigestInfo ::= SEQUENCE { - // digestAlgorithm DigestAlgorithmIdentifier, - // digest Digest } - // - // DigestAlgorithmIdentifier ::= AlgorithmIdentifier - // - // Digest ::= OCTET STRING - // - ArrayList digestAlg = new ArrayList(2); - digestAlg.add(new DERValue(DER.OBJECT_IDENTIFIER, digestAlgorithm)); - digestAlg.add(new DERValue(DER.NULL, null)); - ArrayList digestInfo = new ArrayList(2); - digestInfo.add(new DERValue(DER.SEQUENCE, digestAlg)); - digestInfo.add(new DERValue(DER.OCTET_STRING, md.digest())); - ByteArrayOutputStream out = new ByteArrayOutputStream(); - try - { - DERWriter.write(out, new DERValue(DER.SEQUENCE, digestInfo)); - } - catch (IOException ioe) - { - throw new SignatureException(ioe.toString()); - } - byte[] buf = out.toByteArray(); - md.reset(); - - // k = octect length of the modulus. - int k = signerKey.getModulus().bitLength(); - k = (k >>> 3) + ((k & 7) == 0 ? 0 : 1); - if (buf.length < k - 3) - { - throw new SignatureException("RSA modulus too small"); - } - byte[] d = new byte[k]; - - // Padding type 1: - // 00 | 01 | FF | ... | FF | 00 | D - d[1] = 0x01; - for (int i = 2; i < k - buf.length - 1; i++) - d[i] = (byte) 0xFF; - System.arraycopy(buf, 0, d, k - buf.length, buf.length); - - BigInteger eb = new BigInteger(d); - - byte[] ed = eb.modPow(signerKey.getPrivateExponent(), - signerKey.getModulus()).toByteArray(); - - // Ensure output is k octets long. - if (ed.length < k) - { - byte[] b = new byte[k]; - System.arraycopy(eb, 0, b, k - ed.length, ed.length); - ed = b; - } - else if (ed.length > k) - { - if (ed.length != k + 1) - { - throw new SignatureException("modPow result is larger than the modulus"); - } - // Maybe an extra 00 octect. - byte[] b = new byte[k]; - System.arraycopy(ed, 1, b, 0, k); - ed = b; - } - - return ed; - } - - protected int engineSign(byte[] out, int off, int len) - throws SignatureException - { - if (out == null || off < 0 || len < 0 || off+len > out.length) - throw new SignatureException("illegal output argument"); - byte[] result = engineSign(); - if (result.length > len) - throw new SignatureException("not enough space for signature"); - System.arraycopy(result, 0, out, off, result.length); - return result.length; - } - - protected boolean engineVerify(byte[] sig) throws SignatureException - { - if (verifierKey == null) - throw new SignatureException("not initialized for verifying"); - if (sig == null) - throw new SignatureException("no signature specified"); - int k = verifierKey.getModulus().bitLength(); - k = (k >>> 3) + ((k & 7) == 0 ? 0 : 1); - if (sig.length != k) - throw new SignatureException("signature is the wrong size (expecting " - + k + " bytes, got " + sig.length + ")"); - BigInteger ed = new BigInteger(1, sig); - byte[] eb = ed.modPow(verifierKey.getPublicExponent(), - verifierKey.getModulus()).toByteArray(); - - int i = 0; - if (eb[0] == 0x00) - { - for (i = 1; i < eb.length && eb[i] == 0x00; i++); - if (i == 1) - throw new SignatureException("wrong RSA padding"); - i--; - } - else if (eb[0] == 0x01) - { - for (i = 1; i < eb.length && eb[i] != 0x00; i++) - if (eb[i] != (byte) 0xFF) - throw new IllegalArgumentException("wrong RSA padding"); - } - else - throw new SignatureException("wrong RSA padding type"); - - byte[] d = new byte[eb.length-i-1]; - System.arraycopy(eb, i+1, d, 0, eb.length-i-1); - - DERReader der = new DERReader(d); - try - { - DERValue val = der.read(); - if (val.getTag() != DER.SEQUENCE) - throw new SignatureException("failed to parse DigestInfo"); - val = der.read(); - if (val.getTag() != DER.SEQUENCE) - throw new SignatureException("failed to parse DigestAlgorithmIdentifier"); - boolean sequenceIsBer = val.getLength() == 0; - val = der.read(); - if (val.getTag() != DER.OBJECT_IDENTIFIER) - throw new SignatureException("failed to parse object identifier"); - if (!val.getValue().equals(digestAlgorithm)) - throw new SignatureException("digest algorithms do not match"); - val = der.read(); - // We should never see parameters here, since they are never used. - if (val.getTag() != DER.NULL) - throw new SignatureException("cannot handle digest parameters"); - if (sequenceIsBer) - der.skip(1); // end-of-sequence byte. - val = der.read(); - if (val.getTag() != DER.OCTET_STRING) - throw new SignatureException("failed to parse Digest"); - return MessageDigest.isEqual(md.digest(), (byte[]) val.getValue()); - } - catch (IOException ioe) - { - throw new SignatureException(ioe.toString()); - } - } - - protected boolean engineVerify(byte[] sig, int off, int len) - throws SignatureException - { - if (sig == null || off < 0 || len < 0 || off+len > sig.length) - throw new SignatureException("illegal parameter"); - byte[] buf = new byte[len]; - System.arraycopy(sig, off, buf, 0, len); - return engineVerify(buf); - } -} diff --git a/libjava/gnu/java/security/provider/RSAKeyFactory.java b/libjava/gnu/java/security/provider/RSAKeyFactory.java deleted file mode 100644 index d13cbe510a1..00000000000 --- a/libjava/gnu/java/security/provider/RSAKeyFactory.java +++ /dev/null @@ -1,181 +0,0 @@ -/* RSAKeyFactory.java -- RSA key factory. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.InvalidKeyException; -import java.security.Key; -import java.security.KeyFactorySpi; -import java.security.PrivateKey; -import java.security.PublicKey; - -import java.security.interfaces.RSAPrivateCrtKey; -import java.security.interfaces.RSAPrivateKey; -import java.security.interfaces.RSAPublicKey; - -import java.security.spec.InvalidKeySpecException; -import java.security.spec.KeySpec; -import java.security.spec.PKCS8EncodedKeySpec; -import java.security.spec.RSAPrivateCrtKeySpec; -import java.security.spec.RSAPrivateKeySpec; -import java.security.spec.RSAPublicKeySpec; -import java.security.spec.X509EncodedKeySpec; - -public class RSAKeyFactory extends KeyFactorySpi -{ - - // Default constructor. - // ------------------------------------------------------------------------- - - // Instance methods. - // ------------------------------------------------------------------------- - - protected PrivateKey engineGeneratePrivate(KeySpec spec) - throws InvalidKeySpecException - { - if (spec instanceof RSAPrivateCrtKeySpec) - { - return new GnuRSAPrivateKey((RSAPrivateCrtKeySpec) spec); - } - if (spec instanceof RSAPrivateKeySpec) - { - return new GnuRSAPrivateKey(new RSAPrivateCrtKeySpec( - ((RSAPrivateKeySpec) spec).getModulus(), null, - ((RSAPrivateKeySpec) spec).getPrivateExponent(), null, - null, null, null, null)); - } - if (spec instanceof PKCS8EncodedKeySpec) - { - EncodedKeyFactory ekf = new EncodedKeyFactory(); - PrivateKey pk = ekf.engineGeneratePrivate(spec); - if (pk instanceof RSAPrivateKey) - return pk; - } - throw new InvalidKeySpecException(); - } - - protected PublicKey engineGeneratePublic(KeySpec spec) - throws InvalidKeySpecException - { - if (spec instanceof RSAPublicKeySpec) - { - return new GnuRSAPublicKey((RSAPublicKeySpec) spec); - } - if (spec instanceof X509EncodedKeySpec) - { - EncodedKeyFactory ekf = new EncodedKeyFactory(); - PublicKey pk = ekf.engineGeneratePublic(spec); - if (pk instanceof RSAPublicKey) - return pk; - } - throw new InvalidKeySpecException(); - } - - protected KeySpec engineGetKeySpec(Key key, Class keySpec) - throws InvalidKeySpecException - { - if (keySpec.isAssignableFrom(RSAPrivateCrtKeySpec.class) - && (key instanceof RSAPrivateCrtKey)) - { - return new RSAPrivateCrtKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPublicExponent(), - ((RSAPrivateCrtKey) key).getPrivateExponent(), - ((RSAPrivateCrtKey) key).getPrimeP(), - ((RSAPrivateCrtKey) key).getPrimeQ(), - ((RSAPrivateCrtKey) key).getPrimeExponentP(), - ((RSAPrivateCrtKey) key).getPrimeExponentQ(), - ((RSAPrivateCrtKey) key).getCrtCoefficient()); - } - if (keySpec.isAssignableFrom(RSAPrivateKeySpec.class) - && (key instanceof RSAPrivateKey)) - { - return new RSAPrivateKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPrivateExponent()); - } - if (keySpec.isAssignableFrom(RSAPublicKeySpec.class) - && (key instanceof RSAPublicKey)) - { - return new RSAPublicKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPublicExponent()); - } - if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class) - && key.getFormat().equalsIgnoreCase("PKCS#8")) - { - return new PKCS8EncodedKeySpec(key.getEncoded()); - } - if (keySpec.isAssignableFrom(X509EncodedKeySpec.class) - && key.getFormat().equalsIgnoreCase("X.509")) - { - return new X509EncodedKeySpec(key.getEncoded()); - } - throw new InvalidKeySpecException(); - } - - protected Key engineTranslateKey(Key key) throws InvalidKeyException - { - if (key instanceof RSAPrivateCrtKey) - { - return new GnuRSAPrivateKey(new RSAPrivateCrtKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPublicExponent(), - ((RSAPrivateCrtKey) key).getPrivateExponent(), - ((RSAPrivateCrtKey) key).getPrimeP(), - ((RSAPrivateCrtKey) key).getPrimeQ(), - ((RSAPrivateCrtKey) key).getPrimeExponentP(), - ((RSAPrivateCrtKey) key).getPrimeExponentQ(), - ((RSAPrivateCrtKey) key).getCrtCoefficient())); - } - if (key instanceof RSAPrivateKey) - { - return new GnuRSAPrivateKey(new RSAPrivateCrtKeySpec( - ((RSAPrivateKey) key).getModulus(), null, - ((RSAPrivateKey) key).getPrivateExponent(), null, - null, null, null, null)); - } - if (key instanceof RSAPublicKey) - { - return new GnuRSAPublicKey(new RSAPublicKeySpec( - ((RSAPrivateCrtKey) key).getModulus(), - ((RSAPrivateCrtKey) key).getPublicExponent())); - } - throw new InvalidKeyException(); - } -} diff --git a/libjava/gnu/java/security/provider/SHA.java b/libjava/gnu/java/security/provider/SHA.java deleted file mode 100644 index e3b09bc5603..00000000000 --- a/libjava/gnu/java/security/provider/SHA.java +++ /dev/null @@ -1,242 +0,0 @@ -/* SHA.java -- Class implementing the SHA-1 algorithm as specified in [1]. - Copyright (C) 1999, 2000, 2002 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.security.MessageDigest; - -/** - This class implements the SHA-1 algorithm as described in [1]. - - [1] Federal Information Processing Standards Publication 180-1. - Specifications for the Secure Hash Standard. April 17, 1995. - - @see java.security.MessageDigest -*/ -public class SHA extends MessageDigest implements Cloneable -{ - public SHA () - { - super("SHA"); - engineReset (); - } - - public int engineGetDigestLength() - { - return 20; - } - - public void engineUpdate (byte b) - { - int i = ((int)bytecount) & 0x3f; //wgs - int shift = (3 - i % 4) << 3; - int idx = i / 4; - - i = (int)b; - W[idx] = (W[idx] & ~(0xff << shift)) | ((i & 0xff) << shift); - - // if we've filled up a block, then process it - if (((++bytecount) & 0x3f) == 0) - munch (); - } - - // This could be optimized. - public void engineUpdate (byte bytes[], int off, int len) - { - if (len < 0) - throw new ArrayIndexOutOfBoundsException (); - - int end = off + len; - while (off < end) - engineUpdate (bytes[off++]); - } - - public void engineReset () - { - bytecount = 0; - // magic numbers from [1] p. 10. - H0 = 0x67452301; - H1 = 0xefcdab89; - H2 = 0x98badcfe; - H3 = 0x10325476; - H4 = 0xc3d2e1f0; - } - - public byte[] engineDigest () - { - long bitcount = bytecount << 3; - engineUpdate ((byte)0x80); // 10000000 in binary; the start of the padding - - // add the rest of the padding to fill this block out, but leave 8 - // bytes to put in the original bytecount - while ((bytecount & 0x3f) != 56) - engineUpdate ((byte)0); - - // add the length of the original, unpadded block to the end of - // the padding - W[14] = (int)(bitcount >>> 32); - W[15] = (int)bitcount; - bytecount += 8; - - // digest the fully padded block - munch (); - - byte[] result - = new byte[] {(byte)(H0 >>> 24), (byte)(H0 >>> 16), - (byte)(H0 >>> 8), (byte)H0, - (byte)(H1 >>> 24), (byte)(H1 >>> 16), - (byte)(H1 >>> 8), (byte)H1, - (byte)(H2 >>> 24), (byte)(H2 >>> 16), - (byte)(H2 >>> 8), (byte)H2, - (byte)(H3 >>> 24), (byte)(H3 >>> 16), - (byte)(H3 >>> 8), (byte)H3, - (byte)(H4 >>> 24), (byte)(H4 >>> 16), - (byte)(H4 >>> 8), (byte)H4}; - - engineReset (); - return result; - } - - // Process a single block. This is pretty much copied verbatim from - // [1] pp. 9, 10. - private void munch () - { - for (int t = 16; t < 80; ++ t) - { - int Wt = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16]; - W[t] = Wt << 1 | Wt >>> 31; - } - - int A = H0; - int B = H1; - int C = H2; - int D = H3; - int E = H4; - - for (int t = 0; t < 20; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + ((B & C) | (~B & D)) // f_t(B,C,D) - + E + W[t] - + 0x5a827999; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 20; t < 40; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B ^ C ^ D) // f_t(B,C,D) - + E + W[t] - + 0x6ed9eba1; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 40; t < 60; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B & C | B & D | C & D) // f_t(B,C,D) - + E + W[t] - + 0x8f1bbcdc; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - for (int t = 60; t < 80; ++ t) - { - int TEMP = (A << 5 | A >>> 27) // S^5(A) - + (B ^ C ^ D) // f_t(B,C,D) - + E + W[t] - + 0xca62c1d6; // K_t - - E = D; - D = C; - C = B << 30 | B >>> 2; // S^30(B) - B = A; - A = TEMP; - } - - H0 += A; - H1 += B; - H2 += C; - H3 += D; - H4 += E; - - // Reset W by clearing it. - for (int t = 0; t < 80; ++ t) - W[t] = 0; - } - - public Object clone () - { - return new SHA (this); - } - - private SHA (SHA copy) - { - this (); - bytecount = copy.bytecount; - H0 = copy.H0; - H1 = copy.H1; - H2 = copy.H2; - H3 = copy.H3; - H4 = copy.H4; - System.arraycopy (copy.W, 0, W, 0, 80); - } - - private final int W[] = new int[80]; - private long bytecount; - private int H0; - private int H1; - private int H2; - private int H3; - private int H4; -} diff --git a/libjava/gnu/java/security/provider/SHA1PRNG.java b/libjava/gnu/java/security/provider/SHA1PRNG.java deleted file mode 100644 index 7f2784881fb..00000000000 --- a/libjava/gnu/java/security/provider/SHA1PRNG.java +++ /dev/null @@ -1,126 +0,0 @@ -/* SHA1PRNG.java --- Secure Random SPI SHA1PRNG - Copyright (C) 1999, 2001, 2003 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.io.Serializable; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandomSpi; -import java.util.Random; - -public class SHA1PRNG extends SecureRandomSpi implements Serializable -{ - MessageDigest digest; - byte seed[]; - byte data[]; - int seedpos; - int datapos; - private boolean seeded = false; // set to true when we seed this - - public SHA1PRNG() - { - try { - digest = MessageDigest.getInstance("SHA"); - } catch ( NoSuchAlgorithmException nsae) { -// System.out.println("Failed to find SHA Message Digest: " + nsae); -// nsae.printStackTrace(); - throw new InternalError ("no SHA implementation found"); - } - - seed = new byte[20]; - seedpos = 0; - data = new byte[40]; - datapos = 20; // try to force hashing a first block - } - - public void engineSetSeed(byte[] seed) - { - for(int i = 0; i < seed.length; i++) - this.seed[seedpos++ % 20] ^= seed[i]; - seedpos %= 20; - - } - - public void engineNextBytes(byte[] bytes) - { - ensureIsSeeded (); - int loc = 0; - while (loc < bytes.length) - { - int copy = Math.min (bytes.length - loc, 20 - datapos); - - if (copy > 0) - { - System.arraycopy (data, datapos, bytes, loc, copy); - datapos += copy; - loc += copy; - } - else - { - // No data ready for copying, so refill our buffer. - System.arraycopy( seed, 0, data, 20, 20); - byte[] digestdata = digest.digest( data ); - System.arraycopy( digestdata, 0, data, 0, 20); - datapos = 0; - } - } - } - - public byte[] engineGenerateSeed(int numBytes) - { - byte tmp[] = new byte[numBytes]; - - engineNextBytes( tmp ); - return tmp; - } - - private void ensureIsSeeded() - { - if (!seeded) - { - new Random(0L).nextBytes(seed); - - byte[] digestdata = digest.digest(data); - System.arraycopy(digestdata, 0, data, 0, 20); - - seeded = true; - } - } - -} diff --git a/libjava/gnu/java/security/provider/SHA1withRSA.java b/libjava/gnu/java/security/provider/SHA1withRSA.java deleted file mode 100644 index 0e63fdeeb52..00000000000 --- a/libjava/gnu/java/security/provider/SHA1withRSA.java +++ /dev/null @@ -1,61 +0,0 @@ -/* SHA1withRSA.java -- SHA-1 with RSA encryption signatures. - Copyright (C) 2004 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.security.OID; - -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; - -public class SHA1withRSA extends RSA -{ - - // Constant. - // ------------------------------------------------------------------------- - - private static final OID SHA1 = new OID("1.3.14.3.2.26"); - - // Constructor. - // ------------------------------------------------------------------------- - - public SHA1withRSA() throws NoSuchAlgorithmException - { - super(MessageDigest.getInstance("SHA-160"), SHA1); - } -} diff --git a/libjava/gnu/java/security/provider/X509CertificateFactory.java b/libjava/gnu/java/security/provider/X509CertificateFactory.java deleted file mode 100644 index 1a415eabb05..00000000000 --- a/libjava/gnu/java/security/provider/X509CertificateFactory.java +++ /dev/null @@ -1,305 +0,0 @@ -/* X509CertificateFactory.java -- generates X.509 certificates. - Copyright (C) 2003 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -02110-1301 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import gnu.java.io.Base64InputStream; -import gnu.java.security.x509.X509CRL; -import gnu.java.security.x509.X509CertPath; -import gnu.java.security.x509.X509Certificate; - -import java.io.BufferedInputStream; -import java.io.EOFException; -import java.io.IOException; -import java.io.InputStream; -import java.security.cert.CRL; -import java.security.cert.CRLException; -import java.security.cert.CertPath; -import java.security.cert.Certificate; -import java.security.cert.CertificateEncodingException; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactorySpi; -import java.util.Collection; -import java.util.Iterator; -import java.util.LinkedList; -import java.util.List; - -public class X509CertificateFactory extends CertificateFactorySpi -{ - - // Constants. - // ------------------------------------------------------------------------ - - public static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----"; - public static final String END_CERTIFICATE = "-----END CERTIFICATE-----"; - public static final String BEGIN_X509_CRL = "-----BEGIN X509 CRL-----"; - public static final String END_X509_CRL = "-----END X509 CRL-----"; - - // Constructors. - // ------------------------------------------------------------------------ - - public X509CertificateFactory() - { - super(); - } - - // Instance methods. - // ------------------------------------------------------------------------ - - public Certificate engineGenerateCertificate(InputStream inStream) - throws CertificateException - { - try - { - return generateCert(inStream); - } - catch (IOException ioe) - { - CertificateException ce = new CertificateException(ioe.getMessage()); - ce.initCause (ioe); - throw ce; - } - } - - public Collection engineGenerateCertificates(InputStream inStream) - throws CertificateException - { - LinkedList certs = new LinkedList(); - while (true) - { - try - { - certs.add(generateCert(inStream)); - } - catch (EOFException eof) - { - break; - } - catch (IOException ioe) - { - CertificateException ce = new CertificateException(ioe.getMessage()); - ce.initCause (ioe); - throw ce; - } - } - return certs; - } - - public CRL engineGenerateCRL(InputStream inStream) throws CRLException - { - try - { - return generateCRL(inStream); - } - catch (IOException ioe) - { - CRLException crle = new CRLException(ioe.getMessage()); - crle.initCause (ioe); - throw crle; - } - } - - public Collection engineGenerateCRLs(InputStream inStream) - throws CRLException - { - LinkedList crls = new LinkedList(); - while (true) - { - try - { - crls.add(generateCRL(inStream)); - } - catch (EOFException eof) - { - break; - } - catch (IOException ioe) - { - CRLException crle = new CRLException(ioe.getMessage()); - crle.initCause (ioe); - throw crle; - } - } - return crls; - } - - public CertPath engineGenerateCertPath(List certs) - { - return new X509CertPath(certs); - } - - public CertPath engineGenerateCertPath(InputStream in) - throws CertificateEncodingException - { - return new X509CertPath(in); - } - - public CertPath engineGenerateCertPath(InputStream in, String encoding) - throws CertificateEncodingException - { - return new X509CertPath(in, encoding); - } - - public Iterator engineGetCertPathEncodings() - { - return X509CertPath.ENCODINGS.iterator(); - } - - // Own methods. - // ------------------------------------------------------------------------ - - private X509Certificate generateCert(InputStream inStream) - throws IOException, CertificateException - { - if (inStream == null) - throw new CertificateException("missing input stream"); - if (!inStream.markSupported()) - inStream = new BufferedInputStream(inStream, 8192); - inStream.mark(20); - int i = inStream.read(); - if (i == -1) - throw new EOFException(); - - // If the input is in binary DER format, the first byte MUST be - // 0x30, which stands for the ASN.1 [UNIVERSAL 16], which is the - // UNIVERSAL SEQUENCE, with the CONSTRUCTED bit (0x20) set. - // - // So if we do not see 0x30 here we will assume it is in Base-64. - if (i != 0x30) - { - inStream.reset(); - StringBuffer line = new StringBuffer(80); - do - { - line.setLength(0); - do - { - i = inStream.read(); - if (i == -1) - throw new EOFException(); - if (i != '\n' && i != '\r') - line.append((char) i); - } - while (i != '\n' && i != '\r'); - } - while (!line.toString().equals(BEGIN_CERTIFICATE)); - X509Certificate ret = new X509Certificate( - new BufferedInputStream(new Base64InputStream(inStream), 8192)); - line.setLength(0); - line.append('-'); // Base64InputStream will eat this. - do - { - i = inStream.read(); - if (i == -1) - throw new EOFException(); - if (i != '\n' && i != '\r') - line.append((char) i); - } - while (i != '\n' && i != '\r'); - // XXX ??? - if (!line.toString().equals(END_CERTIFICATE)) - throw new CertificateException("no end-of-certificate marker"); - return ret; - } - else - { - inStream.reset(); - return new X509Certificate(inStream); - } - } - - private X509CRL generateCRL(InputStream inStream) - throws IOException, CRLException - { - if (inStream == null) - throw new CRLException("missing input stream"); - if (!inStream.markSupported()) - inStream = new BufferedInputStream(inStream, 8192); - inStream.mark(20); - int i = inStream.read(); - if (i == -1) - throw new EOFException(); - - // If the input is in binary DER format, the first byte MUST be - // 0x30, which stands for the ASN.1 [UNIVERSAL 16], which is the - // UNIVERSAL SEQUENCE, with the CONSTRUCTED bit (0x20) set. - // - // So if we do not see 0x30 here we will assume it is in Base-64. - if (i != 0x30) - { - inStream.reset(); - StringBuffer line = new StringBuffer(80); - do - { - line.setLength(0); - do - { - i = inStream.read(); - if (i == -1) - throw new EOFException(); - if (i != '\n' && i != '\r') - line.append((char) i); - } - while (i != '\n' && i != '\r'); - } - while (!line.toString().startsWith(BEGIN_X509_CRL)); - X509CRL ret = new X509CRL( - new BufferedInputStream(new Base64InputStream(inStream), 8192)); - line.setLength(0); - line.append('-'); // Base64InputStream will eat this. - do - { - i = inStream.read(); - if (i == -1) - throw new EOFException(); - if (i != '\n' && i != '\r') - line.append((char) i); - } - while (i != '\n' && i != '\r'); - // XXX ??? - if (!line.toString().startsWith(END_X509_CRL)) - throw new CRLException("no end-of-CRL marker"); - return ret; - } - else - { - inStream.reset(); - return new X509CRL(inStream); - } - } -} |
