From ffde862e033a0825e1e9972a89c0f1f80b261a8e Mon Sep 17 00:00:00 2001 From: mark Date: Mon, 14 Aug 2006 23:12:35 +0000 Subject: 2006-08-14 Mark Wielaard Imported GNU Classpath 0.92 * HACKING: Add more importing hints. Update automake version requirement. * configure.ac (gconf-peer): New enable AC argument. Add --disable-gconf-peer and --enable-default-preferences-peer to classpath configure when gconf is disabled. * scripts/makemake.tcl: Set gnu/java/util/prefs/gconf and gnu/java/awt/dnd/peer/gtk to bc. Classify gnu/java/security/Configuration.java as generated source file. * gnu/java/lang/management/VMGarbageCollectorMXBeanImpl.java, gnu/java/lang/management/VMMemoryPoolMXBeanImpl.java, gnu/java/lang/management/VMClassLoadingMXBeanImpl.java, gnu/java/lang/management/VMRuntimeMXBeanImpl.java, gnu/java/lang/management/VMMemoryManagerMXBeanImpl.java, gnu/java/lang/management/VMThreadMXBeanImpl.java, gnu/java/lang/management/VMMemoryMXBeanImpl.java, gnu/java/lang/management/VMCompilationMXBeanImpl.java: New VM stub classes. * java/lang/management/VMManagementFactory.java: Likewise. * java/net/VMURLConnection.java: Likewise. * gnu/java/nio/VMChannel.java: Likewise. * java/lang/Thread.java (getState): Add stub implementation. * java/lang/Class.java (isEnum): Likewise. * java/lang/Class.h (isEnum): Likewise. * gnu/awt/xlib/XToolkit.java (getClasspathTextLayoutPeer): Removed. * javax/naming/spi/NamingManager.java: New override for StackWalker functionality. * configure, sources.am, Makefile.in, gcj/Makefile.in, include/Makefile.in, testsuite/Makefile.in: Regenerated. git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@116139 138bc75d-0d04-0410-961f-82ee72b054a4 --- .../gnu/java/security/key/rsa/GnuRSAKey.java | 72 +++---- .../java/security/key/rsa/GnuRSAPrivateKey.java | 119 ++++++------ .../gnu/java/security/key/rsa/GnuRSAPublicKey.java | 74 ++++---- .../java/security/key/rsa/RSAKeyPairGenerator.java | 110 ++++------- .../security/key/rsa/RSAKeyPairPKCS8Codec.java | 58 +++--- .../java/security/key/rsa/RSAKeyPairRawCodec.java | 210 +++++++++------------ .../java/security/key/rsa/RSAKeyPairX509Codec.java | 21 ++- 7 files changed, 286 insertions(+), 378 deletions(-) (limited to 'libjava/classpath/gnu/java/security/key/rsa') diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java index 3009dd71fa0..4bdce4011a5 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAKey.java @@ -38,23 +38,21 @@ exception statement from your version. */ package gnu.java.security.key.rsa; -import gnu.classpath.SystemProperties; import gnu.java.security.Registry; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.util.FormatUtil; import java.math.BigInteger; +import java.security.AccessController; import java.security.Key; import java.security.interfaces.RSAKey; /** - *

A base asbtract class for both public and private RSA keys.

+ * A base asbtract class for both public and private RSA keys. */ -public abstract class GnuRSAKey implements Key, RSAKey +public abstract class GnuRSAKey + implements Key, RSAKey { - - // Constants and variables - // ------------------------------------------------------------------------- - /** The public modulus of an RSA key pair. */ private final BigInteger n; @@ -62,17 +60,14 @@ public abstract class GnuRSAKey implements Key, RSAKey private final BigInteger e; /** - * Identifier of the default encoding format to use when externalizing the - * key material. + * Identifier of the default encoding format to use when externalizing the key + * material. */ protected final int defaultFormat; /** String representation of this key. Cached for speed. */ private transient String str; - // Constructor(s) - // ------------------------------------------------------------------------- - /** * Trivial protected constructor. * @@ -91,21 +86,11 @@ public abstract class GnuRSAKey implements Key, RSAKey this.e = e; } - // Class methods - // ------------------------------------------------------------------------- - - // Instance methods - // ------------------------------------------------------------------------- - - // java.security.interfaces.RSAKey interface implementation ---------------- - public BigInteger getModulus() { return getN(); } - // java.security.Key interface implementation ------------------------------ - public String getAlgorithm() { return Registry.RSA_KPG; @@ -122,11 +107,9 @@ public abstract class GnuRSAKey implements Key, RSAKey return FormatUtil.getEncodingShortName(defaultFormat); } - // Other instance methods -------------------------------------------------- - /** - *

Returns the modulus n.

- * + * Returns the modulus n. + * * @return the modulus n. */ public BigInteger getN() @@ -135,8 +118,8 @@ public abstract class GnuRSAKey implements Key, RSAKey } /** - *

Returns the public exponent e.

- * + * Returns the public exponent e. + * * @return the public exponent e. */ public BigInteger getPublicExponent() @@ -145,8 +128,8 @@ public abstract class GnuRSAKey implements Key, RSAKey } /** - *

Same as {@link #getPublicExponent()}.

- * + * Same as {@link #getPublicExponent()}. + * * @return the public exponent e. */ public BigInteger getE() @@ -155,23 +138,21 @@ public abstract class GnuRSAKey implements Key, RSAKey } /** - *

Returns true if the designated object is an instance of - * {@link RSAKey} and has the same RSA parameter values as this one.

- * + * Returns true if the designated object is an instance of + * {@link RSAKey} and has the same RSA parameter values as this one. + * * @param obj the other non-null RSA key to compare to. - * @return true if the designated object is of the same type and - * value as this one. + * @return true if the designated object is of the same type + * and value as this one. */ public boolean equals(final Object obj) { if (obj == null) - { - return false; - } - if (!(obj instanceof RSAKey)) - { - return false; - } + return false; + + if (! (obj instanceof RSAKey)) + return false; + final RSAKey that = (RSAKey) obj; return n.equals(that.getModulus()); } @@ -180,8 +161,9 @@ public abstract class GnuRSAKey implements Key, RSAKey { if (str == null) { - String ls = SystemProperties.getProperty("line.separator"); - str = new StringBuilder().append(ls) + String ls = (String) AccessController.doPrivileged + (new GetPropertyAction("line.separator")); + str = new StringBuilder(ls) .append("defaultFormat=").append(defaultFormat).append(",").append(ls) .append("n=0x").append(n.toString(16)).append(",").append(ls) .append("e=0x").append(e.toString(16)) @@ -190,7 +172,5 @@ public abstract class GnuRSAKey implements Key, RSAKey return str; } - // abstract methods to be implemented by subclasses ------------------------ - public abstract byte[] getEncoded(int format); } diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java index 92053448763..00a1b822ad0 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPrivateKey.java @@ -38,42 +38,39 @@ exception statement from your version. */ package gnu.java.security.key.rsa; -import gnu.classpath.SystemProperties; +import gnu.java.security.Configuration; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairCodec; import java.math.BigInteger; +import java.security.AccessController; import java.security.PrivateKey; import java.security.interfaces.RSAPrivateCrtKey; import java.security.interfaces.RSAPrivateKey; /** - *

An object that embodies an RSA private key.

- * - *

References:

+ * An object that embodies an RSA private key. + *

+ * References: *

    - *
  1. - * RSA-PSS Signature Scheme with Appendix, part B.
    - * Primitive specification and supporting documentation.
    - * Jakob Jonsson and Burt Kaliski.
    2. + *
  2. + * RSA-PSS Signature Scheme with Appendix, part B.
    + * Primitive specification and supporting documentation.
    + * Jakob Jonsson and Burt Kaliski.
    3. *
*/ -public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, - RSAPrivateCrtKey +public class GnuRSAPrivateKey + extends GnuRSAKey + implements PrivateKey, RSAPrivateCrtKey { - // Constants and variables - // ------------------------------------------------------------------------- - - private static final boolean DEBUG = false; - /** The first prime divisor of the modulus. */ private final BigInteger p; /** The second prime divisor of the modulus. */ private final BigInteger q; - /** The public exponent of an RSA key. */ - // private final BigInteger e; /** The private exponent of an RSA private key. */ private final BigInteger d; @@ -89,21 +86,17 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, /** String representation of this key. Cached for speed. */ private transient String str; - // Constructor(s) - // ------------------------------------------------------------------------- - /** * Convenience constructor. Calls the constructor with 5 arguments passing * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred * encoding format. - * + * * @param p the modulus first prime divisor. * @param q the modulus second prime divisor. * @param e the public exponent. * @param d the private exponent. */ - public GnuRSAPrivateKey(BigInteger p, BigInteger q, BigInteger e, - BigInteger d) + public GnuRSAPrivateKey(BigInteger p, BigInteger q, BigInteger e, BigInteger d) { this(Registry.RAW_ENCODING_ID, p, q, e, d); } @@ -122,7 +115,9 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, public GnuRSAPrivateKey(int preferredFormat, BigInteger p, BigInteger q, BigInteger e, BigInteger d) { - this(preferredFormat, p.multiply(q), e, d, p, q, + this(preferredFormat, + p.multiply(q), + e, d, p, q, e.modInverse(p.subtract(BigInteger.ONE)), e.modInverse(q.subtract(BigInteger.ONE)), q.modInverse(p)); @@ -135,19 +130,20 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, * @param preferredFormat the indetifier of the preferred encoding format to * use when externalizing this key. * @param n the public modulus, which is also the product of p - * and q. + * and q. * @param e the public exponent. * @param d the private exponent. * @param p the modulus first prime divisor. * @param q the modulus second prime divisor. * @param dP the first prime's exponen. A positive integer less than - * p and q, satisfying e * dP = 1 (mod p-1) - * . + * p and q, satisfying + * e * dP = 1 (mod p-1). * @param dQ the second prime's exponent. A positive integer less than - * p and q, satisfying e * dQ = 1 (mod p-1) - * . + * p and q, satisfying + * e * dQ = 1 (mod p-1). * @param qInv the Chinese Remainder Theorem coefiicient. A positive integer - * less than p, satisfying q * qInv = 1 (mod p). + * less than p, satisfying + * q * qInv = 1 (mod p). */ public GnuRSAPrivateKey(int preferredFormat, BigInteger n, BigInteger e, BigInteger d, BigInteger p, BigInteger q, @@ -156,24 +152,20 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, super(preferredFormat == Registry.ASN1_ENCODING_ID ? Registry.PKCS8_ENCODING_ID : preferredFormat, n, e); - this.d = d; this.p = p; this.q = q; // the exponents dP and dQ are positive integers less than p and q // respectively satisfying - // e * dP = 1 (mod p-1); - // e * dQ = 1 (mod q-1), + // e * dP = 1 (mod p-1); + // e * dQ = 1 (mod q-1), this.dP = dP; this.dQ = dQ; // the CRT coefficient qInv is a positive integer less than p satisfying - // q * qInv = 1 (mod p). + // q * qInv = 1 (mod p). this.qInv = qInv; } - // Class methods - // ------------------------------------------------------------------------- - /** * A class method that takes the output of the encodePrivateKey() * method of an RSA keypair codec object (an instance implementing @@ -198,14 +190,10 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, catch (IllegalArgumentException ignored) { } - // try PKCS#8 codec return (GnuRSAPrivateKey) new RSAKeyPairPKCS8Codec().decodePrivateKey(k); } - // Instance methods - // ------------------------------------------------------------------------- - public BigInteger getPrimeP() { return p; @@ -231,22 +219,18 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, return qInv; } - // java.security.interfaces.RSAPrivateKey interface implementation --------- - public BigInteger getPrivateExponent() { return d; } - // Other instance methods -------------------------------------------------- - /** - * Returns the encoded form of this private key according to the - * designated format. - * + * Returns the encoded form of this private key according to the designated + * format. + * * @param format the desired format identifier of the resulting encoding. * @return the byte sequence encoding this key according to the designated - * format. + * format. * @throws IllegalArgumentException if the format is not supported. * @see RSAKeyPairRawCodec * @see RSAKeyPairPKCS8Codec @@ -270,19 +254,18 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, } /** - *

Returns true if the designated object is an instance of - * this class and has the same RSA parameter values as this one.

- * + * Returns true if the designated object is an instance of this + * class and has the same RSA parameter values as this one. + * * @param obj the other non-null RSA key to compare to. * @return true if the designated object is of the same type - * and value as this one. + * and value as this one. */ public boolean equals(final Object obj) { if (obj == null) - { - return false; - } + return false; + if (obj instanceof RSAPrivateKey) { final RSAPrivateKey that = (RSAPrivateKey) obj; @@ -304,16 +287,24 @@ public class GnuRSAPrivateKey extends GnuRSAKey implements PrivateKey, { if (str == null) { - String ls = SystemProperties.getProperty("line.separator"); + String ls = (String) AccessController.doPrivileged + (new GetPropertyAction("line.separator")); str = new StringBuilder(this.getClass().getName()).append("(") .append(super.toString()).append(",").append(ls) - .append("d=0x").append(DEBUG ? d.toString(16) : "**...*").append(ls) - .append("p=0x").append(DEBUG ? p.toString(16) : "**...*").append(ls) - .append("q=0x").append(DEBUG ? q.toString(16) : "**...*").append(ls) - .append("dP=0x").append(DEBUG ? dP.toString(16) : "**...*").append(ls) - .append("dQ=0x").append(DEBUG ? dQ.toString(16) : "**...*").append(ls) - .append("qInv=0x").append(DEBUG ? qInv.toString(16) : "**...*").append(ls) - .append(")").toString(); + .append("d=0x").append(Configuration.DEBUG ? d.toString(16) + : "**...*").append(ls) + .append("p=0x").append(Configuration.DEBUG ? p.toString(16) + : "**...*").append(ls) + .append("q=0x").append(Configuration.DEBUG ? q.toString(16) + : "**...*").append(ls) + .append("dP=0x").append(Configuration.DEBUG ? dP.toString(16) + : "**...*").append(ls) + .append("dQ=0x").append(Configuration.DEBUG ? dQ.toString(16) + : "**...*").append(ls) + .append("qInv=0x").append(Configuration.DEBUG ? qInv.toString(16) + : "**...*").append(ls) + .append(")") + .toString(); } return str; } diff --git a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java index 8badede1422..fe28d0ba3b0 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java +++ b/libjava/classpath/gnu/java/security/key/rsa/GnuRSAPublicKey.java @@ -38,42 +38,39 @@ exception statement from your version. */ package gnu.java.security.key.rsa; -import gnu.classpath.SystemProperties; import gnu.java.security.Registry; +import gnu.java.security.action.GetPropertyAction; import gnu.java.security.key.IKeyPairCodec; import java.math.BigInteger; +import java.security.AccessController; import java.security.PublicKey; import java.security.interfaces.RSAPublicKey; /** - *

An object that encapsulates an RSA public key.

- * - *

References:

+ * An object that encapsulates an RSA public key. + *

+ * References: *

    - *
  1. - * RSA-PSS Signature Scheme with Appendix, part B.
    - * Primitive specification and supporting documentation.
    - * Jakob Jonsson and Burt Kaliski.
    2. + *
  2. + * RSA-PSS Signature Scheme with Appendix, part B.
    + * Primitive specification and supporting documentation.
    + * Jakob Jonsson and Burt Kaliski.
    3. *
*/ -public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey, - RSAPublicKey +public class GnuRSAPublicKey + extends GnuRSAKey + implements PublicKey, RSAPublicKey { - // Constants and variables - // ------------------------------------------------------------------------- - /** String representation of this key. Cached for speed. */ private transient String str; - // Constructor(s) - // ------------------------------------------------------------------------- - /** * Conveience constructor. Calls the constructor with 3 arguments passing * {@link Registry#RAW_ENCODING_ID} as the identifier of the preferred * encoding format. - * + * * @param n the modulus. * @param e the public exponent. */ @@ -98,9 +95,6 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey, n, e); } - // Class methods - // ------------------------------------------------------------------------- - /** * A class method that takes the output of the encodePublicKey() * method of an RSA keypair codec object (an instance implementing @@ -125,21 +119,17 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey, catch (IllegalArgumentException ignored) { } - // try X.509 codec return (GnuRSAPublicKey) new RSAKeyPairX509Codec().decodePublicKey(k); } - // Instance methods - // ------------------------------------------------------------------------- - /** - *

Returns the encoded form of this public key according to the designated - * format.

- * + * Returns the encoded form of this public key according to the designated + * format. + * * @param format the desired format identifier of the resulting encoding. * @return the byte sequence encoding this key according to the designated - * format. + * format. * @throws IllegalArgumentException if the format is not supported. * @see RSAKeyPairRawCodec */ @@ -162,23 +152,21 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey, } /** - *

Returns true if the designated object is an instance of - * this class and has the same RSA parameter values as this one.

- * + * Returns true if the designated object is an instance of this + * class and has the same RSA parameter values as this one. + * * @param obj the other non-null RSA key to compare to. - * @return true if the designated object is of the same type and - * value as this one. + * @return true if the designated object is of the same type + * and value as this one. */ public boolean equals(final Object obj) { if (obj == null) - { - return false; - } - if (!(obj instanceof RSAPublicKey)) - { - return false; - } + return false; + + if (! (obj instanceof RSAPublicKey)) + return false; + final RSAPublicKey that = (RSAPublicKey) obj; return super.equals(that) && getPublicExponent().equals(that.getPublicExponent()); @@ -188,10 +176,12 @@ public class GnuRSAPublicKey extends GnuRSAKey implements PublicKey, { if (str == null) { - String ls = SystemProperties.getProperty("line.separator"); + String ls = (String) AccessController.doPrivileged + (new GetPropertyAction("line.separator")); str = new StringBuilder(this.getClass().getName()).append("(") .append(super.toString()).append(",").append(ls) - .append(")").toString(); + .append(")") + .toString(); } return str; } diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java index 39063381f37..c31cc4cc1e0 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairGenerator.java @@ -38,10 +38,10 @@ exception statement from your version. */ package gnu.java.security.key.rsa; +import gnu.java.security.Configuration; import gnu.java.security.Registry; import gnu.java.security.key.IKeyPairGenerator; import gnu.java.security.util.PRNG; -import gnu.java.security.util.Prime2; import java.math.BigInteger; import java.security.KeyPair; @@ -53,25 +53,23 @@ import java.util.Map; import java.util.logging.Logger; /** - *

A key-pair generator for asymetric keys to use in conjunction with the RSA - * scheme.

- * - *

Reference:

+ * A key-pair generator for asymetric keys to use in conjunction with the RSA + * scheme. + *

+ * Reference: *

    - *
  1. - * RSA-PSS Signature Scheme with Appendix, part B. Primitive - * specification and supporting documentation. Jakob Jonsson and Burt Kaliski. - *
    2. - *
  2. Handbook of Applied - * Cryptography, Alfred J. Menezes, Paul C. van Oorschot and Scott A. - * Vanstone. Section 11.3 RSA and related signature schemes.
    3. + *
  3. + * RSA-PSS Signature Scheme with Appendix, part B. Primitive specification + * and supporting documentation. Jakob Jonsson and Burt Kaliski.
    4. + *
  4. Handbook of Applied + * Cryptography, Alfred J. Menezes, Paul C. van Oorschot and Scott A. + * Vanstone. Section 11.3 RSA and related signature schemes.
    5. *
*/ -public class RSAKeyPairGenerator implements IKeyPairGenerator +public class RSAKeyPairGenerator + implements IKeyPairGenerator { - // Constants and variables - // ------------------------------------------------------------------------- - private static final Logger log = Logger.getLogger(RSAKeyPairGenerator.class.getName()); /** The BigInteger constant 1. */ @@ -90,8 +88,8 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator public static final String SOURCE_OF_RANDOMNESS = "gnu.crypto.rsa.prng"; /** - * Property name of an optional {@link RSAKeyGenParameterSpec} instance to - * use for this generator's n, and e values. The + * Property name of an optional {@link RSAKeyGenParameterSpec} instance to use + * for this generator's n, and e values. The * default is to generate n and use a fixed value for * e (Fermat's F4 number). */ @@ -128,38 +126,28 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator /** Preferred encoding format of generated keys. */ private int preferredFormat; - // Constructor(s) - // ------------------------------------------------------------------------- - // implicit 0-arguments constructor - // Class methods - // ------------------------------------------------------------------------- - - // gnu.crypto.key.IKeyPairGenerator interface implementation --------------- - public String name() { return Registry.RSA_KPG; } /** - *

Configures this instance.

- * + * Configures this instance. + * * @param attributes the map of name/value pairs to use. - * @exception IllegalArgumentException if the designated MODULUS_LENGTH - * value is less than 1024. + * @exception IllegalArgumentException if the designated MODULUS_LENGTH value + * is less than 1024. */ public void setup(Map attributes) { - log.entering(this.getClass().getName(), "setup", attributes); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "setup", attributes); // do we have a SecureRandom, or should we use our own? rnd = (SecureRandom) attributes.get(SOURCE_OF_RANDOMNESS); - // are we given a set of RSA params or we shall use our own? RSAKeyGenParameterSpec params = (RSAKeyGenParameterSpec) attributes.get(RSA_PARAMETERS); - // find out the modulus length if (params != null) { @@ -171,32 +159,30 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator Integer l = (Integer) attributes.get(MODULUS_LENGTH); L = (l == null ? DEFAULT_MODULUS_LENGTH : l.intValue()); } - if (L < 1024) - { - throw new IllegalArgumentException(MODULUS_LENGTH); - } + throw new IllegalArgumentException(MODULUS_LENGTH); // what is the preferred encoding format Integer formatID = (Integer) attributes.get(PREFERRED_ENCODING_FORMAT); preferredFormat = formatID == null ? DEFAULT_ENCODING_FORMAT : formatID.intValue(); - - log.exiting(this.getClass().getName(), "setup"); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "setup"); } /** - *

The algorithm used here is described in nessie-pss-B.pdf - * document which is part of the RSA-PSS submission to NESSIE.

- * + *

+ * The algorithm used here is described in nessie-pss-B.pdf document + * which is part of the RSA-PSS submission to NESSIE. + *

+ * * @return an RSA keypair. */ public KeyPair generate() { - log.entering(this.getClass().getName(), "generate"); - + if (Configuration.DEBUG) + log.entering(this.getClass().getName(), "generate"); BigInteger p, q, n, d; - // 1. Generate a prime p in the interval [2**(M-1), 2**M - 1], where // M = CEILING(L/2), and such that GCD(p, e) = 1 int M = (L + 1) / 2; @@ -208,12 +194,9 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator nextRandomBytes(kb); p = new BigInteger(1, kb).setBit(0); if (p.compareTo(lower) >= 0 && p.compareTo(upper) <= 0 - && Prime2.isProbablePrime(p) && p.gcd(e).equals(ONE)) - { - break step1; - } + && p.isProbablePrime(80) && p.gcd(e).equals(ONE)) + break step1; } - // 2. Generate a prime q such that the product of p and q is an L-bit // number, and such that GCD(q, e) = 1 step2: while (true) @@ -221,45 +204,34 @@ public class RSAKeyPairGenerator implements IKeyPairGenerator nextRandomBytes(kb); q = new BigInteger(1, kb).setBit(0); n = p.multiply(q); - if (n.bitLength() == L && Prime2.isProbablePrime(q) - && q.gcd(e).equals(ONE)) - { - break step2; - } - + if (n.bitLength() == L && q.isProbablePrime(80) && q.gcd(e).equals(ONE)) + break step2; // TODO: test for p != q } - // TODO: ensure p < q - // 3. Put n = pq. The public key is (n, e). // 4. Compute the parameters necessary for the private key K (see // Section 2.2). BigInteger phi = p.subtract(ONE).multiply(q.subtract(ONE)); d = e.modInverse(phi); - // 5. Output the public key and the private key. PublicKey pubK = new GnuRSAPublicKey(preferredFormat, n, e); PrivateKey secK = new GnuRSAPrivateKey(preferredFormat, p, q, e, d); - KeyPair result = new KeyPair(pubK, secK); - log.exiting(this.getClass().getName(), "generate", result); + if (Configuration.DEBUG) + log.exiting(this.getClass().getName(), "generate", result); return result; } - // helper methods ---------------------------------------------------------- - /** - *

Fills the designated byte array with random data.

- * + * Fills the designated byte array with random data. + * * @param buffer the byte array to fill with random data. */ private void nextRandomBytes(byte[] buffer) { if (rnd != null) - { - rnd.nextBytes(buffer); - } + rnd.nextBytes(buffer); else getDefaultPRNG().nextBytes(buffer); } diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java index 0b980903251..7a51d0a0dd0 100644 --- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java +++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairPKCS8Codec.java @@ -38,15 +38,7 @@ exception statement from your version. */ package gnu.java.security.key.rsa; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.math.BigInteger; -import java.security.InvalidParameterException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.util.ArrayList; -import java.util.logging.Logger; - +import gnu.java.security.Configuration; import gnu.java.security.OID; import gnu.java.security.Registry; import gnu.java.security.der.DER; @@ -56,6 +48,15 @@ import gnu.java.security.der.DERWriter; import gnu.java.security.key.IKeyPairCodec; import gnu.java.security.util.DerUtil; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.math.BigInteger; +import java.security.InvalidParameterException; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.util.ArrayList; +import java.util.logging.Logger; + /** * An implementation of an {@link IKeyPairCodec} that knows how to encode / * decode PKCS#8 ASN.1 external representation of RSA private keys. @@ -84,7 +85,6 @@ public class RSAKeyPairPKCS8Codec /** * Returns the PKCS#8 ASN.1 PrivateKeyInfo representation of an RSA * private key. The ASN.1 specification is as follows: - * * 
    *   PrivateKeyInfo ::= SEQUENCE {
    *     version              INTEGER, -- MUST be 0
@@ -97,10 +97,12 @@ public class RSAKeyPairPKCS8Codec
    *     parameters  ANY DEFINED BY algorithm OPTIONAL
    *   }
    *
- * - *

The privateKey field, which is an OCTET STRING, contains the - * DER-encoded form of the RSA private key defined as:

- * + *

+ * As indicated in RFC-2459: "The parameters field shall have ASN.1 type NULL + * for this algorithm identifier.". + *

+ * The privateKey field, which is an OCTET STRING, contains the + * DER-encoded form of the RSA private key defined as: * 

    *   RSAPrivateKey ::= SEQUENCE {
    *     version                 INTEGER, -- MUST be 0
@@ -122,8 +124,8 @@ public class RSAKeyPairPKCS8Codec
    */
   public byte[] encodePrivateKey(PrivateKey key)
   {
-    log.entering(this.getClass().getName(), "encodePrivateKey()", key);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "encodePrivateKey()", key);
     if (! (key instanceof GnuRSAPrivateKey))
       throw new InvalidParameterException("Wrong key type");
 
@@ -141,8 +143,9 @@ public class RSAKeyPairPKCS8Codec
 
     DERValue derOID = new DERValue(DER.OBJECT_IDENTIFIER, RSA_ALG_OID);
 
-    ArrayList algorithmID = new ArrayList(1);
+    ArrayList algorithmID = new ArrayList(2);
     algorithmID.add(derOID);
+    algorithmID.add(new DERValue(DER.NULL, null));
     DERValue derAlgorithmID = new DERValue(DER.CONSTRUCTED | DER.SEQUENCE,
                                            algorithmID);
 
@@ -190,8 +193,8 @@ public class RSAKeyPairPKCS8Codec
         y.initCause(x);
         throw y;
       }
-
-    log.exiting(this.getClass().getName(), "encodePrivateKey()", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "encodePrivateKey()", result);
     return result;
   }
 
@@ -213,8 +216,8 @@ public class RSAKeyPairPKCS8Codec
    */
   public PrivateKey decodePrivateKey(byte[] input)
   {
-    log.entering(this.getClass().getName(), "decodePrivateKey()", input);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "decodePrivateKey()", input);
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
@@ -239,9 +242,12 @@ public class RSAKeyPairPKCS8Codec
         if (! algOID.equals(RSA_ALG_OID))
           throw new InvalidParameterException("Unexpected OID: " + algOID);
 
+        // rfc-2459 states that this field is OPTIONAL but NULL if/when present
         DERValue val = der.read();
-        byte[] pkBytes = (byte[]) val.getValue();
+        if (val.getTag() == DER.NULL)
+          val = der.read();
 
+        byte[] pkBytes = (byte[]) val.getValue();
         der = new DERReader(pkBytes);
         DERValue derRSAPrivateKey = der.read();
         DerUtil.checkIsConstructed(derRSAPrivateKey, "Wrong RSAPrivateKey field");
@@ -284,10 +290,10 @@ public class RSAKeyPairPKCS8Codec
         y.initCause(x);
         throw y;
       }
-
-    PrivateKey result = new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID, n, e,
-                                             d, p, q, dP, dQ, qInv);
-    log.exiting(this.getClass().getName(), "decodePrivateKey()", result);
+    PrivateKey result = new GnuRSAPrivateKey(Registry.PKCS8_ENCODING_ID,
+                                             n, e, d, p, q, dP, dQ, qInv);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "decodePrivateKey()", result);
     return result;
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
index fb7cea99edd..c2650e6a49c 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairRawCodec.java
@@ -47,80 +47,60 @@ import java.security.PrivateKey;
 import java.security.PublicKey;
 
 /**
- * 
An object that implements the {@link IKeyPairCodec} interface for the
- * Raw format to use with RSA keypairs.

- *
- * @version $Revision: 1.1 $
+ * An object that implements the {@link IKeyPairCodec} interface for the Raw
+ * format to use with RSA keypairs.
  */
-public class RSAKeyPairRawCodec implements IKeyPairCodec
+public class RSAKeyPairRawCodec
+    implements IKeyPairCodec
 {
-
-  // Constants and variables
-  // -------------------------------------------------------------------------
-
-  // Constructor(s)
-  // -------------------------------------------------------------------------
-
   // implicit 0-arguments constructor
 
-  // Class methods
-  // -------------------------------------------------------------------------
-
-  // Instance methods
-  // -------------------------------------------------------------------------
-
-  // gnu.crypto.key.IKeyPairCodec interface implementation -------------------
-
   public int getFormatID()
   {
     return RAW_FORMAT;
   }
 
   /**
-   * 
Returns the encoded form of the designated RSA public key according to
-   * the Raw format supported by this library.

-   *
-   * 
The Raw format for an RSA public key, in this implementation, is
-   * a byte sequence consisting of the following:

-   *
+   * Returns the encoded form of the designated RSA public key according to the
+   * Raw format supported by this library.
+   * 

+   * The Raw format for an RSA public key, in this implementation, is a
+   * byte sequence consisting of the following:
    * 
    
-   *		
  1. 4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_RSA_PUBLIC_KEY},
  2. 
-   *		
  3. 1-byte version consisting of the constant: 0x01,
    4. 
-   *		
  4. 4-byte count of following bytes representing the RSA parameter
-   *		n (the modulus) in internet order,
    5. 
-   *		
  5. n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the toByteArray() method on the RSA parameter n,
    6. 
-   *		
  6. 4-byte count of following bytes representing the RSA parameter
-   *		e (the public exponent) in internet order,
    7. 
-   *		
  7. n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the toByteArray() method on the RSA parameter e.
    8. 
+   * 
  8. 4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_RSA_PUBLIC_KEY},
    9. 
+   * 
  9. 1-byte version consisting of the constant: 0x01,
    10. 
+   * 
  10. 4-byte count of following bytes representing the RSA parameter
+   * n (the modulus) in internet order,
    11. 
+   * 
  11. n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the toByteArray() method on the RSA parameter n,
+   * 
    12. 
+   * 
  12. 4-byte count of following bytes representing the RSA parameter
+   * e (the public exponent) in internet order,
    13. 
+   * 
  13. n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the toByteArray() method on the RSA parameter e.
+   * 
    14. 
    * 

-   *
+   * 
    * @param key the key to encode.
    * @return the Raw format encoding of the designated key.
    * @exception IllegalArgumentException if the designated key is not an RSA
-   * one.
+   *              one.
    */
   public byte[] encodePublicKey(PublicKey key)
   {
-    if (!(key instanceof GnuRSAPublicKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
+    if (! (key instanceof GnuRSAPublicKey))
+      throw new IllegalArgumentException("key");
 
     GnuRSAPublicKey rsaKey = (GnuRSAPublicKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[0]);
     baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[1]);
     baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[2]);
     baos.write(Registry.MAGIC_RAW_RSA_PUBLIC_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // n
     byte[] buffer = rsaKey.getModulus().toByteArray();
     int length = buffer.length;
@@ -129,7 +109,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // e
     buffer = rsaKey.getPublicExponent().toByteArray();
     length = buffer.length;
@@ -138,7 +117,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -149,92 +127,87 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[1]
         || k[2] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[2]
         || k[3] != Registry.MAGIC_RAW_RSA_PUBLIC_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
+      throw new IllegalArgumentException("magic");
 
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
-    int i = 5;
+      throw new IllegalArgumentException("version");
 
+    int i = 5;
     int l;
     byte[] buffer;
-
     // n
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger n = new BigInteger(1, buffer);
-
     // e
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger e = new BigInteger(1, buffer);
-
     return new GnuRSAPublicKey(n, e);
   }
 
   /**
-   * 
Returns the encoded form of the designated RSA private key according to
-   * the Raw format supported by this library.

-   *
-   * 
The Raw format for an RSA private key, in this implementation,
-   * is a byte sequence consisting of the following:

-   *
+   * Returns the encoded form of the designated RSA private key according to the
+   * Raw format supported by this library.
+   * 

+   * The Raw format for an RSA private key, in this implementation, is a
+   * byte sequence consisting of the following:
    * 
    
-   *		
  1. 4-byte magic consisting of the value of the literal
-   *    {@link Registry#MAGIC_RAW_RSA_PRIVATE_KEY},
  2. 
-   *		
  3. 1-byte version consisting of the constant: 0x01,
    4. 
-   *		
  4. 4-byte count of following bytes representing the RSA parameter
-   *		p (the first prime factor of the modulus) in internet
-   *    order,
    5. 
-   *		
  5. n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the toByteArray() method on the RSA parameter p,
    6. 
-   *		
  6. 4-byte count of following bytes representing the RSA parameter
-   *		q (the second prime factor of the modulus) in internet
-   *    order,
    7. 
-   *		
  7. n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the toByteArray() method on the RSA parameter q,
    8. 
-   *		
  8. 4-byte count of following bytes representing the RSA parameter
-   *		e (the public exponent) in internet order,
    9. 
-   *		
  9. n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the toByteArray() method on the RSA parameter e,
    10. 
-   *		
  10. 4-byte count of following bytes representing the RSA parameter
-   *		d (the private exponent) in internet order,
    11. 
-   *		
  11. n-bytes representation of a {@link BigInteger} obtained by invoking
-   *    the toByteArray() method on the RSA parameter d,
    12. 
+   * 
  12. 4-byte magic consisting of the value of the literal
+   * {@link Registry#MAGIC_RAW_RSA_PRIVATE_KEY},
    13. 
+   * 
  13. 1-byte version consisting of the constant: 0x01,
    14. 
+   * 
  14. 4-byte count of following bytes representing the RSA parameter
+   * p (the first prime factor of the modulus) in internet order,
+   * 
    15. 
+   * 
  15. n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the toByteArray() method on the RSA parameter p,
+   * 
    16. 
+   * 
  16. 4-byte count of following bytes representing the RSA parameter
+   * q (the second prime factor of the modulus) in internet
+   * order,
    17. 
+   * 
  17. n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the toByteArray() method on the RSA parameter q,
+   * 
    18. 
+   * 
  18. 4-byte count of following bytes representing the RSA parameter
+   * e (the public exponent) in internet order,
    19. 
+   * 
  19. n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the toByteArray() method on the RSA parameter e,
+   * 
    20. 
+   * 
  20. 4-byte count of following bytes representing the RSA parameter
+   * d (the private exponent) in internet order,
    21. 
+   * 
  21. n-bytes representation of a {@link BigInteger} obtained by invoking
+   * the toByteArray() method on the RSA parameter d,
+   * 
    22. 
    * 

-   *
+   * 
    * @param key the key to encode.
    * @return the Raw format encoding of the designated key.
    */
   public byte[] encodePrivateKey(PrivateKey key)
   {
-    if (!(key instanceof GnuRSAPrivateKey))
-      {
-        throw new IllegalArgumentException("key");
-      }
+    if (! (key instanceof GnuRSAPrivateKey))
+      throw new IllegalArgumentException("key");
 
     GnuRSAPrivateKey rsaKey = (GnuRSAPrivateKey) key;
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
-
     // magic
     baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[0]);
     baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[1]);
     baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[2]);
     baos.write(Registry.MAGIC_RAW_RSA_PRIVATE_KEY[3]);
-
     // version
     baos.write(0x01);
-
     // p
     byte[] buffer = rsaKey.getPrimeP().toByteArray();
     int length = buffer.length;
@@ -243,7 +216,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // q
     buffer = rsaKey.getPrimeQ().toByteArray();
     length = buffer.length;
@@ -252,7 +224,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // e
     buffer = rsaKey.getPublicExponent().toByteArray();
     length = buffer.length;
@@ -261,7 +232,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     // d
     buffer = rsaKey.getPrivateExponent().toByteArray();
     length = buffer.length;
@@ -270,7 +240,6 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
     baos.write((length >>> 8) & 0xFF);
     baos.write(length & 0xFF);
     baos.write(buffer, 0, length);
-
     return baos.toByteArray();
   }
 
@@ -281,52 +250,51 @@ public class RSAKeyPairRawCodec implements IKeyPairCodec
         || k[1] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[1]
         || k[2] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[2]
         || k[3] != Registry.MAGIC_RAW_RSA_PRIVATE_KEY[3])
-      {
-        throw new IllegalArgumentException("magic");
-      }
+      throw new IllegalArgumentException("magic");
 
     // version
     if (k[4] != 0x01)
-      {
-        throw new IllegalArgumentException("version");
-      }
-    int i = 5;
+      throw new IllegalArgumentException("version");
 
+    int i = 5;
     int l;
     byte[] buffer;
-
     // p
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger p = new BigInteger(1, buffer);
-
     // q
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger q = new BigInteger(1, buffer);
-
     // e
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger e = new BigInteger(1, buffer);
-
     // d
-    l = k[i++] << 24 | (k[i++] & 0xFF) << 16 | (k[i++] & 0xFF) << 8
-        | (k[i++] & 0xFF);
+    l =  k[i++]         << 24
+      | (k[i++] & 0xFF) << 16
+      | (k[i++] & 0xFF) << 8
+      | (k[i++] & 0xFF);
     buffer = new byte[l];
     System.arraycopy(k, i, buffer, 0, l);
     i += l;
     BigInteger d = new BigInteger(1, buffer);
-
     return new GnuRSAPrivateKey(p, q, e, d);
   }
 }
diff --git a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
index 882d9c7b2ca..b11e1c01371 100644
--- a/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
+++ b/libjava/classpath/gnu/java/security/key/rsa/RSAKeyPairX509Codec.java
@@ -38,6 +38,7 @@ exception statement from your version. */
 
 package gnu.java.security.key.rsa;
 
+import gnu.java.security.Configuration;
 import gnu.java.security.OID;
 import gnu.java.security.Registry;
 import gnu.java.security.der.BitString;
@@ -114,8 +115,8 @@ public class RSAKeyPairX509Codec
    */
   public byte[] encodePublicKey(PublicKey key)
   {
-    log.entering(this.getClass().getName(), "encodePublicKey()", key);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "encodePublicKey()", key);
     if (! (key instanceof GnuRSAPublicKey))
       throw new InvalidParameterException("key");
 
@@ -156,12 +157,12 @@ public class RSAKeyPairX509Codec
       }
     catch (IOException x)
       {
-        InvalidParameterException y = new InvalidParameterException();
+        InvalidParameterException y = new InvalidParameterException(x.getMessage());
         y.initCause(x);
         throw y;
       }
-
-    log.exiting(this.getClass().getName(), "encodePublicKey()", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "encodePublicKey()", result);
     return result;
   }
 
@@ -183,8 +184,8 @@ public class RSAKeyPairX509Codec
    */
   public PublicKey decodePublicKey(byte[] input)
   {
-    log.entering(this.getClass().getName(), "decodePublicKey()", input);
-
+    if (Configuration.DEBUG)
+      log.entering(this.getClass().getName(), "decodePublicKey()", input);
     if (input == null)
       throw new InvalidParameterException("Input bytes MUST NOT be null");
 
@@ -229,13 +230,13 @@ public class RSAKeyPairX509Codec
       }
     catch (IOException x)
       {
-        InvalidParameterException y = new InvalidParameterException();
+        InvalidParameterException y = new InvalidParameterException(x.getMessage());
         y.initCause(x);
         throw y;
       }
-
     PublicKey result = new GnuRSAPublicKey(Registry.X509_ENCODING_ID, n, e);
-    log.exiting(this.getClass().getName(), "decodePublicKey()", result);
+    if (Configuration.DEBUG)
+      log.exiting(this.getClass().getName(), "decodePublicKey()", result);
     return result;
   }
 
-- 
cgit v1.2.3