From ffde862e033a0825e1e9972a89c0f1f80b261a8e Mon Sep 17 00:00:00 2001 From: mark Date: Mon, 14 Aug 2006 23:12:35 +0000 Subject: 2006-08-14 Mark Wielaard Imported GNU Classpath 0.92 * HACKING: Add more importing hints. Update automake version requirement. * configure.ac (gconf-peer): New enable AC argument. Add --disable-gconf-peer and --enable-default-preferences-peer to classpath configure when gconf is disabled. * scripts/makemake.tcl: Set gnu/java/util/prefs/gconf and gnu/java/awt/dnd/peer/gtk to bc. Classify gnu/java/security/Configuration.java as generated source file. * gnu/java/lang/management/VMGarbageCollectorMXBeanImpl.java, gnu/java/lang/management/VMMemoryPoolMXBeanImpl.java, gnu/java/lang/management/VMClassLoadingMXBeanImpl.java, gnu/java/lang/management/VMRuntimeMXBeanImpl.java, gnu/java/lang/management/VMMemoryManagerMXBeanImpl.java, gnu/java/lang/management/VMThreadMXBeanImpl.java, gnu/java/lang/management/VMMemoryMXBeanImpl.java, gnu/java/lang/management/VMCompilationMXBeanImpl.java: New VM stub classes. * java/lang/management/VMManagementFactory.java: Likewise. * java/net/VMURLConnection.java: Likewise. * gnu/java/nio/VMChannel.java: Likewise. * java/lang/Thread.java (getState): Add stub implementation. * java/lang/Class.java (isEnum): Likewise. * java/lang/Class.h (isEnum): Likewise. * gnu/awt/xlib/XToolkit.java (getClasspathTextLayoutPeer): Removed. * javax/naming/spi/NamingManager.java: New override for StackWalker functionality. * configure, sources.am, Makefile.in, gcj/Makefile.in, include/Makefile.in, testsuite/Makefile.in: Regenerated. git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@116139 138bc75d-0d04-0410-961f-82ee72b054a4 --- .../java/security/key/dss/DSSKeyPairX509Codec.java | 98 ++++++++++++++-------- 1 file changed, 63 insertions(+), 35 deletions(-) (limited to 'libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java') diff --git a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java index 516ef92afd5..a5e8e9d47eb 100644 --- a/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java +++ b/libjava/classpath/gnu/java/security/key/dss/DSSKeyPairX509Codec.java @@ -94,9 +94,15 @@ public class DSSKeyPairX509Codec * g INTEGER * } * - * - *

The subjectPublicKey field, which is a BIT STRING, contains the - * DER-encoded form of the DSA public key as an INTEGER.

+ *

+ * Note that RFC-3280 (page 79) implies that some certificates MAY have an + * absent, or NULL, parameters field in their AlgorithmIdentifier element, + * implying that those parameters MUST be inherited from another + * certificate. This implementation, encodes a NULL element as the DER + * value of the parameters field when such is the case. + *

+ * The subjectPublicKey field, which is a BIT STRING, contains the + * DER-encoded form of the DSA public key as an INTEGER. * * 

    *       DSAPublicKey ::= INTEGER -- public key, Y
@@ -118,20 +124,25 @@ public class DSSKeyPairX509Codec
     DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, DSA_ALG_OID);
 
     DSSPublicKey dssKey = (DSSPublicKey) key;
-    BigInteger p = dssKey.getParams().getP();
-    BigInteger q = dssKey.getParams().getQ();
-    BigInteger g = dssKey.getParams().getG();
-    BigInteger y = dssKey.getY();
-
-    DERValue derP = new DERValue(DER.INTEGER, p);
-    DERValue derQ = new DERValue(DER.INTEGER, q);
-    DERValue derG = new DERValue(DER.INTEGER, g);
-
-    ArrayList params = new ArrayList(3);
-    params.add(derP);
-    params.add(derQ);
-    params.add(derG);
-    DERValue derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params);
+    DERValue derParams;
+    if (dssKey.hasInheritedParameters())
+      derParams = new DERValue(DER.NULL, null);
+    else
+      {
+        BigInteger p = dssKey.getParams().getP();
+        BigInteger q = dssKey.getParams().getQ();
+        BigInteger g = dssKey.getParams().getG();
+
+        DERValue derP = new DERValue(DER.INTEGER, p);
+        DERValue derQ = new DERValue(DER.INTEGER, q);
+        DERValue derG = new DERValue(DER.INTEGER, g);
+
+        ArrayList params = new ArrayList(3);
+        params.add(derP);
+        params.add(derQ);
+        params.add(derG);
+        derParams = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, params);
+      }
 
     ArrayList algorithmID = new ArrayList(2);
     algorithmID.add(derOID);
@@ -139,6 +150,7 @@ public class DSSKeyPairX509Codec
     DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
                                            algorithmID);
 
+    BigInteger y = dssKey.getY();
     DERValue derDSAPublicKey = new DERValue(DER.INTEGER, y);
     byte[] yBytes = derDSAPublicKey.getEncoded();
     DERValue derSPK = new DERValue(DER.BIT_STRING, new BitString(yBytes));
@@ -157,11 +169,10 @@ public class DSSKeyPairX509Codec
       }
     catch (IOException x)
       {
-        InvalidParameterException e = new InvalidParameterException();
+        InvalidParameterException e = new InvalidParameterException(x.getMessage());
         e.initCause(x);
         throw e;
       }
-
     return result;
   }
 
@@ -186,7 +197,10 @@ public class DSSKeyPairX509Codec
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
-    BigInteger p, g, q, y;
+    BigInteger p = null;
+    BigInteger g = null;
+    BigInteger q = null;
+    BigInteger y;
     DERReader der = new DERReader(input);
     try
       {
@@ -204,20 +218,35 @@ public class DSSKeyPairX509Codec
         if (! algOID.equals(DSA_ALG_OID))
           throw new InvalidParameterException("Unexpected OID: " + algOID);
 
-        DERValue derParams = der.read();
-        DerUtil.checkIsConstructed(derParams, "Wrong DSS Parameters field");
-
         DERValue val = der.read();
-        DerUtil.checkIsBigInteger(val, "Wrong P field");
-        p = (BigInteger) val.getValue();
-        val = der.read();
-        DerUtil.checkIsBigInteger(val, "Wrong Q field");
-        q = (BigInteger) val.getValue();
-        val = der.read();
-        DerUtil.checkIsBigInteger(val, "Wrong G field");
-        g = (BigInteger) val.getValue();
-
-        val = der.read();
+        // RFC-3280, page 79 states: "If the subjectPublicKeyInfo field of the
+        // certificate contains an algorithm field with null parameters or
+        // parameters are omitted, compare the certificate subjectPublicKey
+        // algorithm to the working_public_key_algorithm.  If the certificate
+        // subjectPublicKey algorithm and the working_public_key_algorithm are
+        // different, set the working_public_key_parameters to null."
+        // in other words, the parameters field of an AlgorithmIdentifier
+        // element MAY NOT be present at all, or if present MAY be NULL!
+        // the Mauve test ValidDSAParameterInheritenceTest5, in
+        // gnu.testlet.java.security.cert.pkix.pkits, is/was failing because
+        // of this.
+        if (val.getTag() == DER.NULL)
+          val = der.read();
+        else if (val.isConstructed())
+          {
+            val = der.read();
+            DerUtil.checkIsBigInteger(val, "Wrong P field");
+            p = (BigInteger) val.getValue();
+            val = der.read();
+            DerUtil.checkIsBigInteger(val, "Wrong Q field");
+            q = (BigInteger) val.getValue();
+            val = der.read();
+            DerUtil.checkIsBigInteger(val, "Wrong G field");
+            g = (BigInteger) val.getValue();
+
+            val = der.read();
+          }
+
         if (! (val.getValue() instanceof BitString))
           throw new InvalidParameterException("Wrong SubjectPublicKey field");
 
@@ -230,11 +259,10 @@ public class DSSKeyPairX509Codec
       }
     catch (IOException x)
       {
-        InvalidParameterException e = new InvalidParameterException();
+        InvalidParameterException e = new InvalidParameterException(x.getMessage());
         e.initCause(x);
         throw e;
       }
-
     return new DSSPublicKey(Registry.X509_ENCODING_ID, p, q, g, y);
   }
 
-- 
cgit v1.2.3