aboutsummaryrefslogtreecommitdiff
path: root/libjava/classpath/java/security
diff options
context:
space:
mode:
authorMark Wielaard <mark@gcc.gnu.org>2006-05-18 17:29:21 +0000
committerMark Wielaard <mark@gcc.gnu.org>2006-05-18 17:29:21 +0000
commit4f9533c7722fa07511a94d005227961f4a4dec23 (patch)
tree9f9c470de62ee62fba1331a396450d728d2b1fad /libjava/classpath/java/security
parenteaec4980e139903ae9b274d1abcf3a13946603a8 (diff)
downloadgcc-4f9533c7722fa07511a94d005227961f4a4dec23.zip
gcc-4f9533c7722fa07511a94d005227961f4a4dec23.tar.gz
gcc-4f9533c7722fa07511a94d005227961f4a4dec23.tar.bz2
Imported GNU Classpath 0.90
Imported GNU Classpath 0.90 * scripts/makemake.tcl: LocaleData.java moved to gnu/java/locale. * sources.am: Regenerated. * gcj/javaprims.h: Regenerated. * Makefile.in: Regenerated. * gcj/Makefile.in: Regenerated. * include/Makefile.in: Regenerated. * testsuite/Makefile.in: Regenerated. * gnu/java/lang/VMInstrumentationImpl.java: New override. * gnu/java/net/local/LocalSocketImpl.java: Likewise. * gnu/classpath/jdwp/VMMethod.java: Likewise. * gnu/classpath/jdwp/VMVirtualMachine.java: Update to latest interface. * java/lang/Thread.java: Add UncaughtExceptionHandler. * java/lang/reflect/Method.java: Implements GenericDeclaration and isSynthetic(), * java/lang/reflect/Field.java: Likewise. * java/lang/reflect/Constructor.java * java/lang/Class.java: Implements Type, GenericDeclaration, getSimpleName() and getEnclosing*() methods. * java/lang/Class.h: Add new public methods. * java/lang/Math.java: Add signum(), ulp() and log10(). * java/lang/natMath.cc (log10): New function. * java/security/VMSecureRandom.java: New override. * java/util/logging/Logger.java: Updated to latest classpath version. * java/util/logging/LogManager.java: New override. From-SVN: r113887
Diffstat (limited to 'libjava/classpath/java/security')
-rw-r--r--libjava/classpath/java/security/BasicPermission.java5
-rw-r--r--libjava/classpath/java/security/KeyStore.java4
-rw-r--r--libjava/classpath/java/security/SecureRandom.java108
-rw-r--r--libjava/classpath/java/security/Security.java5
-rw-r--r--libjava/classpath/java/security/cert/CertPathValidatorSpi.java4
-rw-r--r--libjava/classpath/java/security/cert/CertStoreSpi.java3
-rw-r--r--libjava/classpath/java/security/cert/Certificate.java2
-rw-r--r--libjava/classpath/java/security/cert/PKIXCertPathChecker.java2
-rw-r--r--libjava/classpath/java/security/cert/PKIXParameters.java2
-rw-r--r--libjava/classpath/java/security/cert/X509CertSelector.java2
10 files changed, 122 insertions, 15 deletions
diff --git a/libjava/classpath/java/security/BasicPermission.java b/libjava/classpath/java/security/BasicPermission.java
index 267a6e2..ef2cc4d 100644
--- a/libjava/classpath/java/security/BasicPermission.java
+++ b/libjava/classpath/java/security/BasicPermission.java
@@ -1,5 +1,6 @@
/* BasicPermission.java -- implements a simple named permission
- Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+ Copyright (C) 1998, 1999, 2002, 2003, 2004, 2005, 2006
+ Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -97,7 +98,7 @@ public abstract class BasicPermission extends java.security.Permission
// requirement exists in the specification and Sun's runtime
// doesn't appear to do it.
- if ("".equals(name))
+ if (name.equals(""))
throw new IllegalArgumentException("Empty name");
}
diff --git a/libjava/classpath/java/security/KeyStore.java b/libjava/classpath/java/security/KeyStore.java
index 6964487..8681d82 100644
--- a/libjava/classpath/java/security/KeyStore.java
+++ b/libjava/classpath/java/security/KeyStore.java
@@ -212,7 +212,7 @@ public class KeyStore
/**
* Returns the default KeyStore type. This method looks up the
* type in &lt;JAVA_HOME&gt;/lib/security/java.security with the
- * property "keystore.type" or if that fails then "jks" .
+ * property "keystore.type" or if that fails then "gkr" .
*/
public static final String getDefaultType()
{
@@ -221,7 +221,7 @@ public class KeyStore
String tmp = Security.getProperty("keystore.type");
if (tmp == null)
- tmp = "jks";
+ tmp = "gkr";
return tmp;
}
diff --git a/libjava/classpath/java/security/SecureRandom.java b/libjava/classpath/java/security/SecureRandom.java
index 0d89225..d403d49 100644
--- a/libjava/classpath/java/security/SecureRandom.java
+++ b/libjava/classpath/java/security/SecureRandom.java
@@ -1,5 +1,6 @@
/* SecureRandom.java --- Secure Random class implementation
- Copyright (C) 1999, 2001, 2002, 2003, 2005 Free Software Foundation, Inc.
+ Copyright (C) 1999, 2001, 2002, 2003, 2005, 2006
+ Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -37,11 +38,19 @@ exception statement from your version. */
package java.security;
+import gnu.classpath.SystemProperties;
import gnu.java.security.Engine;
+import gnu.java.security.action.GetSecurityPropertyAction;
import gnu.java.security.jce.prng.Sha160RandomSpi;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
import java.util.Enumeration;
import java.util.Random;
+import java.util.logging.Level;
+import java.util.logging.Logger;
/**
* An interface to a cryptographically secure pseudo-random number
@@ -71,6 +80,9 @@ public class SecureRandom extends Random
int randomBytesUsed = 0;
SecureRandomSpi secureRandomSpi = null;
byte[] state = null;
+ private String algorithm;
+
+ private boolean isSeeded = false;
// Constructors.
// ------------------------------------------------------------------------
@@ -111,6 +123,7 @@ public class SecureRandom extends Random
secureRandomSpi = (SecureRandomSpi) Class.
forName(classname).newInstance();
provider = p[i];
+ algorithm = key.substring(13); // Minus SecureRandom.
return;
}
catch (ThreadDeath death)
@@ -128,6 +141,7 @@ public class SecureRandom extends Random
// Nothing found. Fall back to SHA1PRNG
secureRandomSpi = new Sha160RandomSpi();
+ algorithm = "Sha160";
}
/**
@@ -159,8 +173,18 @@ public class SecureRandom extends Random
*/
protected SecureRandom(SecureRandomSpi secureRandomSpi, Provider provider)
{
+ this(secureRandomSpi, provider, "unknown");
+ }
+
+ /**
+ * Private constructor called from the getInstance() method.
+ */
+ private SecureRandom(SecureRandomSpi secureRandomSpi, Provider provider,
+ String algorithm)
+ {
this.secureRandomSpi = secureRandomSpi;
this.provider = provider;
+ this.algorithm = algorithm;
}
// Class methods.
@@ -243,7 +267,7 @@ public class SecureRandom extends Random
{
return new SecureRandom((SecureRandomSpi)
Engine.getInstance(SECURE_RANDOM, algorithm, provider),
- provider);
+ provider, algorithm);
}
catch (java.lang.reflect.InvocationTargetException ite)
{
@@ -269,6 +293,18 @@ public class SecureRandom extends Random
}
/**
+ * Returns the algorithm name used or "unknown" when the algorithm
+ * used couldn't be determined (as when constructed by the protected
+ * 2 argument constructor).
+ *
+ * @since 1.5
+ */
+ public String getAlgorithm()
+ {
+ return algorithm;
+ }
+
+ /**
Seeds the SecureRandom. The class is re-seeded for each call and
each seed builds on the previous seed so as not to weaken security.
@@ -277,6 +313,7 @@ public class SecureRandom extends Random
public void setSeed(byte[] seed)
{
secureRandomSpi.engineSetSeed(seed);
+ isSeeded = true;
}
/**
@@ -304,6 +341,7 @@ public class SecureRandom extends Random
(byte) (0xff & seed)
};
secureRandomSpi.engineSetSeed(tmp);
+ isSeeded = true;
}
}
@@ -315,6 +353,8 @@ public class SecureRandom extends Random
*/
public void nextBytes(byte[] bytes)
{
+ if (!isSeeded)
+ setSeed(getSeed(32));
randomBytesUsed += bytes.length;
counter++;
secureRandomSpi.engineNextBytes(bytes);
@@ -360,10 +400,8 @@ public class SecureRandom extends Random
public static byte[] getSeed(int numBytes)
{
byte[] tmp = new byte[numBytes];
-
- new Random().nextBytes(tmp);
+ generateSeed(tmp);
return tmp;
- //return secureRandomSpi.engineGenerateSeed( numBytes );
}
/**
@@ -378,4 +416,64 @@ public class SecureRandom extends Random
return secureRandomSpi.engineGenerateSeed(numBytes);
}
+ // Seed methods.
+
+ private static final String SECURERANDOM_SOURCE = "securerandom.source";
+ private static final String JAVA_SECURITY_EGD = "java.security.egd";
+ private static final Logger logger = Logger.getLogger(SecureRandom.class.getName());
+
+ private static int generateSeed(byte[] buffer)
+ {
+ return generateSeed(buffer, 0, buffer.length);
+ }
+
+ private static int generateSeed(byte[] buffer, int offset, int length)
+ {
+ URL sourceUrl = null;
+ String urlStr = null;
+
+ GetSecurityPropertyAction action = new GetSecurityPropertyAction(SECURERANDOM_SOURCE);
+ try
+ {
+ urlStr = (String) AccessController.doPrivileged(action);
+ if (urlStr != null)
+ sourceUrl = new URL(urlStr);
+ }
+ catch (MalformedURLException ignored)
+ {
+ logger.log(Level.WARNING, SECURERANDOM_SOURCE + " property is malformed: {0}",
+ urlStr);
+ }
+
+ if (sourceUrl == null)
+ {
+ try
+ {
+ urlStr = SystemProperties.getProperty(JAVA_SECURITY_EGD);
+ if (urlStr != null)
+ sourceUrl = new URL(urlStr);
+ }
+ catch (MalformedURLException mue)
+ {
+ logger.log(Level.WARNING, JAVA_SECURITY_EGD + " property is malformed: {0}",
+ urlStr);
+ }
+ }
+
+ if (sourceUrl != null)
+ {
+ try
+ {
+ InputStream in = sourceUrl.openStream();
+ return in.read(buffer, offset, length);
+ }
+ catch (IOException ioe)
+ {
+ logger.log(Level.FINE, "error reading random bytes", ioe);
+ }
+ }
+
+ // If we get here, we did not get any seed from a property URL.
+ return VMSecureRandom.generateSeed(buffer, offset, length);
+ }
}
diff --git a/libjava/classpath/java/security/Security.java b/libjava/classpath/java/security/Security.java
index 4e31dab..d99c451 100644
--- a/libjava/classpath/java/security/Security.java
+++ b/libjava/classpath/java/security/Security.java
@@ -101,7 +101,12 @@ public final class Security
System.err.println
(" Falling back to standard GNU security provider");
}
+ // Note that this matches our classpath.security file.
providers.addElement (new gnu.java.security.provider.Gnu());
+ providers.addElement(new gnu.javax.crypto.jce.GnuCrypto());
+ providers.addElement(new gnu.javax.crypto.jce.GnuSasl());
+ providers.addElement(new gnu.javax.net.ssl.provider.Jessie());
+ providers.addElement(new gnu.javax.security.auth.callback.GnuCallbacks());
}
}
// This class can't be instantiated.
diff --git a/libjava/classpath/java/security/cert/CertPathValidatorSpi.java b/libjava/classpath/java/security/cert/CertPathValidatorSpi.java
index 8d18b49..282b7a6 100644
--- a/libjava/classpath/java/security/cert/CertPathValidatorSpi.java
+++ b/libjava/classpath/java/security/cert/CertPathValidatorSpi.java
@@ -38,6 +38,8 @@ exception statement from your version. */
package java.security.cert;
+import java.security.InvalidAlgorithmParameterException;
+
/**
* The <i>service provider interface</i> (<b>SPI</b>) for the {@link
* CertPathValidator} class. Providers implementing certificate path
@@ -75,5 +77,5 @@ public abstract class CertPathValidatorSpi
public abstract CertPathValidatorResult
engineValidate(CertPath certPath, CertPathParameters params)
throws CertPathValidatorException,
- java.security.InvalidAlgorithmParameterException;
+ InvalidAlgorithmParameterException;
}
diff --git a/libjava/classpath/java/security/cert/CertStoreSpi.java b/libjava/classpath/java/security/cert/CertStoreSpi.java
index eca0e86..a69545f 100644
--- a/libjava/classpath/java/security/cert/CertStoreSpi.java
+++ b/libjava/classpath/java/security/cert/CertStoreSpi.java
@@ -38,6 +38,7 @@ exception statement from your version. */
package java.security.cert;
+import java.security.InvalidAlgorithmParameterException;
import java.util.Collection;
/**
@@ -69,7 +70,7 @@ public abstract class CertStoreSpi
* parameters are inappropriate for this class.
*/
public CertStoreSpi(CertStoreParameters params)
- throws java.security.InvalidAlgorithmParameterException
+ throws InvalidAlgorithmParameterException
{
super();
}
diff --git a/libjava/classpath/java/security/cert/Certificate.java b/libjava/classpath/java/security/cert/Certificate.java
index f8456f9..33a14a4 100644
--- a/libjava/classpath/java/security/cert/Certificate.java
+++ b/libjava/classpath/java/security/cert/Certificate.java
@@ -73,7 +73,7 @@ import java.security.SignatureException;
*/
public abstract class Certificate implements Serializable
{
- private static final long serialVersionUID = -6751606818319535583L;
+ private static final long serialVersionUID = -3585440601605666277L;
private String type;
diff --git a/libjava/classpath/java/security/cert/PKIXCertPathChecker.java b/libjava/classpath/java/security/cert/PKIXCertPathChecker.java
index 7a33576..a6eef41 100644
--- a/libjava/classpath/java/security/cert/PKIXCertPathChecker.java
+++ b/libjava/classpath/java/security/cert/PKIXCertPathChecker.java
@@ -46,7 +46,7 @@ import java.util.Set;
*
* <p>Concrete subclasses can be passed to the {@link
* PKIXParameters#setCertPathCheckers(java.util.List)} and {@link
- * PKIXParameters#addCertPathChecker(java.security.cert.PKIXCertPathChecker}
+ * PKIXParameters#addCertPathChecker(java.security.cert.PKIXCertPathChecker)}
* methods, which are then used to set up PKIX certificate chain
* builders or validators. These classes then call the {@link
* #check(java.security.cert.Certificate,java.util.Collection)} method
diff --git a/libjava/classpath/java/security/cert/PKIXParameters.java b/libjava/classpath/java/security/cert/PKIXParameters.java
index 4a98711..16ef07f 100644
--- a/libjava/classpath/java/security/cert/PKIXParameters.java
+++ b/libjava/classpath/java/security/cert/PKIXParameters.java
@@ -55,7 +55,7 @@ import java.util.Set;
* Parameters for verifying certificate paths using the PKIX
* (Public-Key Infrastructure (X.509)) algorithm.
*
- * @see CertPathBulider
+ * @see CertPathBuilder
*/
public class PKIXParameters implements CertPathParameters
{
diff --git a/libjava/classpath/java/security/cert/X509CertSelector.java b/libjava/classpath/java/security/cert/X509CertSelector.java
index e3b8c0e..a46d228 100644
--- a/libjava/classpath/java/security/cert/X509CertSelector.java
+++ b/libjava/classpath/java/security/cert/X509CertSelector.java
@@ -367,7 +367,7 @@ public class X509CertSelector implements CertSelector, Cloneable
* Sets the authority key identifier criterion, or <code>null</code> to clear
* this criterion. Note that the byte array is cloned to prevent modification.
*
- * @param subjectKeyId The subject key identifier.
+ * @param authKeyId The authority key identifier.
*/
public void setAuthorityKeyIdentifier(byte[] authKeyId)
{
generated by cgit v1.1 at 2025-04-03 19:42:15 +0000