[multiple changes]

2005-02-16  Mark Wielaard  <mark@klomp.org>

       * Makefile.am (ordinary_java_source_files): Add new files
       gnu/java/security/ber/BER.java,
       gnu/java/security/ber/BEREncodingException.java,
       gnu/java/security/ber/BERReader.java,
       gnu/java/security/ber/BERValue.java,
       gnu/java/security/pkcs/PKCS7SignedData.java and
       gnu/java/security/pkcs/SignerInfo.java.
       * Makefile.in: Regenerated.

2005-02-16  Casey Marshall  <csm@gnu.org>

       * gnu/java/security/provider/GnuDSAPrivateKey.java
       (encodedKey): new field.
       (getFormat): return "PKCS#8".
       (getEncoded): implemented.
       (toString): check for 'null' values.
       * gnu/java/security/provider/GnuDSAPublicKey.java
       (encodedKey): new field.
       (getFormat): return "X.509".
       (getEncoded): implemented.
       (toString): check for 'null' values.

2005-02-16  Michael Koch  <konqueror@gmx.de>

       * java/util/jar/JarFile.java: Imports reworked.

2005-02-16  Mark Wielaard  <mark@klomp.org>

       * java/util/jar/JarFile.java (verify): Make package private.
       (signaturesRead): Likewise.
       (verified): Likewise.
       (entryCerts): Likewise.
       (DEBUG): Likewise.
       (debug): Likewise.
       (entries): Construct new JarEnumeration with reference to this.
       (JarEnumeration): Make static.
       (JarEnumeration.jarfile): New field.
       (JarEnumeration.nextElement): Use and synchronize on jarfile.
       Compare verified value to Boolean.TRUE or Boolean.False only
       when verify is true.
       (getEntry): Make synchronized. Compare value of verified to
       Boolean.TRUE.
       (getInputStream): Construct EntryInputStream with reference to this.
       (getManifest): Make synchronized.
       (EntryInputStream): Make static.
       (EntryInputStream.jarfile): New field.
       (EntryInputStream.EntryInputStream): Check if manifest exists,
       before getting attributes.
       (eof): Synchronize on jarfile.

2005-02-16  Casey Marshall  <csm@gnu.org>

       * java/util/jar/JarFile.java (verify): return if the jar is signed
       with an unsupported algorithm.

2005-02-16  Mark Wielaard  <mark@klomp.org>

       * java/util/jar/JarFile.java (EntryInputStream): Add actual
       InputStream as argument.
       (getInputStream): Construct a new EntryInputStream with the result of
       super.getInputStream(entry).

2005-02-16  Casey Marshall  <csm@gnu.org>

       Signed JAR file support.
       * java/net/URLClassLoader.java
       (JarURLResource.getCertificates): re-read jar entry to ensure
       certificates are picked up.
       (findClass): fill in class `signers' field, too.
       * java/util/jar/JarFile.java (META_INF): new constant.
       (PKCS7_DSA_SUFFIX): new constant.
       (PKCS7_RSA_SUFFIX): new constant.
       (DIGEST_KEY_SUFFIX): new constant.
       (SF_SUFFIX): new constant.
       (MD2_OID): new constant.
       (MD4_OID): new constant.
       (MD5_OID): new constant.
       (SHA1_OID): new constant.
       (DSA_ENCRYPTION_OID): new constant.
       (RSA_ENCRYPTION_OID): new constant.
       (signaturesRead): new field.
       (verified): new field.
       (entryCerts): new field.
       (DEBUG): new constant.
       (debug): new method.
       (JarEnumeration.nextElement): fill in entry certificates, read
       signatures if they haven't been read.
       (getEntry): likewise.
       (getInputStream): verify stream if it hasn't been verified yet.
       (readSignatures): new method.
       (verify): new method.
       (verifyHashes): new method.
       (readManifestEntry): new method.
       (EntryInputStream): new class.
       * gnu/java/io/Base64InputStream.java (decode): new class
       method.
       * gnu/java/security/der/DERReader.java don't make class
       final.
       (in): made protected.
       (encBuf): likewise.
       (readLength): likewise.
       * gnu/java/security/ber/BER.java,
       * gnu/java/security/ber/BEREncodingException.java,
       * gnu/java/security/ber/BERReader.java,
       * gnu/java/security/ber/BERValue.java,
       * gnu/java/security/pkcs/PKCS7SignedData.java,
       * gnu/java/security/pkcs/SignerInfo.java:
       new files.

From-SVN: r95124

2 files changed, 116 insertions, 8 deletions

diff --git a/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java b/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java
index 4eceb00..e82483c 100644
--- a/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java
+++ b/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java
@@ -1,5 +1,5 @@
 /* GnuDSAPrivateKey.java --- Gnu DSA Private Key
-   Copyright (C) 1999 Free Software Foundation, Inc.
+   Copyright (C) 1999,2003,2004  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,13 +38,25 @@ exception statement from your version. */
 
 package gnu.java.security.provider;
 
+import gnu.java.security.OID;
+import gnu.java.security.der.DER;
+import gnu.java.security.der.DERValue;
+import gnu.java.security.der.DERWriter;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
 import java.math.BigInteger;
+
 import java.security.interfaces.DSAPrivateKey;
 import java.security.interfaces.DSAParams;
 import java.security.spec.DSAParameterSpec;
 
+import java.util.ArrayList;
+
 public class GnuDSAPrivateKey implements DSAPrivateKey
 {
+  private byte[] encodedKey;
   BigInteger x;
   BigInteger p;
   BigInteger q;
@@ -65,13 +77,57 @@ public class GnuDSAPrivateKey implements DSAPrivateKey
 
   public String getFormat()
   {
-    return null;
+    return "PKCS#8";
   }
 
+  /**
+   * Encodes this key as a <code>PrivateKeyInfo</code>, as described in
+   * PKCS #8. The ASN.1 specification for this structure is:
+   *
+   * <blockquote><pre>
+   * PrivateKeyInfo ::= SEQUENCE {
+   *   version Version,
+   *   privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
+   *   privateKey PrivateKey,
+   *   attributes [0] IMPLICIT Attributes OPTIONAL }
+   *
+   * Version ::= INTEGER
+   *
+   * PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
+   *
+   * PrivateKey ::= OCTET STRING
+   *
+   * Attributes ::= SET OF Attribute
+   * </pre></blockquote>
+   *
+   * <p>DSA private keys (in Classpath at least) have no attributes.
+   */
   public byte[] getEncoded()
   {
+    if (encodedKey != null)
+      return (byte[]) encodedKey.clone();
+    try
+      {
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        ArrayList pki = new ArrayList(3);
+        pki.add(new DERValue(DER.INTEGER, BigInteger.ZERO));
+        ArrayList algId = new ArrayList(2);
+        algId.add(new DERValue(DER.OBJECT_IDENTIFIER,
+                  new OID("1.2.840.10040.4.1")));
+        ArrayList algParams = new ArrayList(3);
+        algParams.add(new DERValue(DER.INTEGER, p));
+        algParams.add(new DERValue(DER.INTEGER, q));
+        algParams.add(new DERValue(DER.INTEGER, g));
+        algId.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, algParams));
+        pki.add(new DERValue(DER.OCTET_STRING, x.toByteArray()));
+        DERWriter.write(out, new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, pki));
+        return (byte[]) (encodedKey = out.toByteArray()).clone();
+      }
+    catch (IOException ioe)
+      {
     return null;
   }
+  }
 
   public DSAParams getParams()
   {
@@ -85,7 +141,10 @@ public class GnuDSAPrivateKey implements DSAPrivateKey
 
   public String toString()
   {
-    return "GnuDSAPrivateKey: x=" + x.toString(16) + " p=" + p.toString(16)
-      + " q=" + q.toString(16) + " g=" + g.toString(16);
+    return "GnuDSAPrivateKey: x="
+      + (x != null ? x.toString(16) : "null") + " p="
+      + (p != null ? p.toString(16) : "null") + " q="
+      + (q != null ? q.toString(16) : "null") + " g="
+      + (g != null ? g.toString(16) : "null");
   }
 }
diff --git a/libjava/gnu/java/security/provider/GnuDSAPublicKey.java b/libjava/gnu/java/security/provider/GnuDSAPublicKey.java
index 91d6b56..24600d6 100644
--- a/libjava/gnu/java/security/provider/GnuDSAPublicKey.java
+++ b/libjava/gnu/java/security/provider/GnuDSAPublicKey.java
@@ -1,5 +1,5 @@
 /* GnuDSAPublicKey.java --- Gnu DSA Public Key
-   Copyright (C) 1999,2003 Free Software Foundation, Inc.
+   Copyright (C) 1999,2003,2004 Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -38,13 +38,26 @@ exception statement from your version. */
 
 package gnu.java.security.provider;
 
+import gnu.java.security.OID;
+import gnu.java.security.der.BitString;
+import gnu.java.security.der.DER;
+import gnu.java.security.der.DERValue;
+import gnu.java.security.der.DERWriter;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
 import java.math.BigInteger;
+
 import java.security.interfaces.DSAPublicKey;
 import java.security.interfaces.DSAParams;
 import java.security.spec.DSAParameterSpec;
 
+import java.util.ArrayList;
+
 public class GnuDSAPublicKey implements DSAPublicKey
 {
+  private byte[] encodedKey;
   BigInteger y;
   BigInteger p;
   BigInteger q;
@@ -65,16 +78,49 @@ public class GnuDSAPublicKey implements DSAPublicKey
 
   public String getFormat()
   {
-    return null;
+    return "X.509";
   }
 
+  /**
+   * The encoded form of DSA public keys is:
+   *
+   * <blockquote><pre>
+   * SubjectPublicKeyInfo ::= SEQUENCE {
+   *   algorithm AlgorithmIdentifier,
+   *   subjectPublicKey BIT STRING }
+   * </pre></blockquote>
+   */
   public byte[] getEncoded()
   {
+    if (encodedKey != null)
+      return (byte[]) encodedKey.clone();
+    try
+      {
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        ArrayList spki = new ArrayList(2);
+        ArrayList alg = new ArrayList(2);
+        alg.add(new DERValue(DER.OBJECT_IDENTIFIER,
+                new OID("1.2.840.113549.1.1.1")));
+        ArrayList params = new ArrayList(3);
+        params.add(new DERValue(DER.INTEGER, p));
+        params.add(new DERValue(DER.INTEGER, q));
+        params.add(new DERValue(DER.INTEGER, g));
+        alg.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, params));
+        spki.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, alg));
+        spki.add(new DERValue(DER.BIT_STRING, new BitString(y.toByteArray())));
+        DERWriter.write(out, new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, spki));
+        return (byte[]) (encodedKey = out.toByteArray()).clone();
+      }
+    catch (IOException ioe)
+      {
     return null;
   }
+  }
 
   public DSAParams getParams()
   {
+    if (p == null || q == null || g == null)
+      return null;
     return (DSAParams)(new DSAParameterSpec(p,q,g));
   }
 
@@ -85,7 +131,10 @@ public class GnuDSAPublicKey implements DSAPublicKey
 
   public String toString()
   {
-    return "GnuDSAPublicKey: y=" + y.toString(16) + " p=" + p.toString(16)
-      + " q=" + q.toString(16) + " g=" + g.toString(16);
+    return
+      "GnuDSAPublicKey: y=" + (y != null ? y.toString(16) : "(null)") +
+      " p=" + (p != null ? p.toString(16) : "(null)") +
+      " q=" + (q != null ? q.toString(16) : "(null)") +
+      " g=" + (g != null ? g.toString(16) : "(null)");
   }
 }