diff options
| author | Michael Koch <konqueror@gmx.de> | 2003-04-30 07:23:42 +0000 |
|---|---|---|
| committer | Michael Koch <mkoch@gcc.gnu.org> | 2003-04-30 07:23:42 +0000 |
| commit | 43905ff30b187d8d1d1dee50e722f47fd8a93144 (patch) | |
| tree | 89373f6e7f4c07ae0c9c6eeebf05fcb7bbcdfa36 /libjava/gnu/java/security/provider | |
| parent | 505b0fd661e21182856cfcf73ed6f39c707ac28b (diff) | |
| download | gcc-43905ff30b187d8d1d1dee50e722f47fd8a93144.zip gcc-43905ff30b187d8d1d1dee50e722f47fd8a93144.tar.gz gcc-43905ff30b187d8d1d1dee50e722f47fd8a93144.tar.bz2 | |
Engine.java, [...]: New files from classpath.
2003-04-30 Michael Koch <konqueror@gmx.de>
* gnu/java/security/Engine.java,
gnu/java/security/OID.java,
gnu/java/security/der/BitString.java,
gnu/java/security/der/DER.java,
gnu/java/security/der/DERReader.java,
gnu/java/security/der/DERValue.java,
gnu/java/security/der/DERWriter.java,
gnu/java/security/provider/DSAKeyFactory.java,
gnu/java/security/provider/X509CertificateFactory.java,
gnu/java/security/x509/X500DistinguishedName.java,
gnu/java/security/x509/X509CRL.java,
gnu/java/security/x509/X509CRLEntry.java,
gnu/java/security/x509/X509Certificate.java,
java/security/cert/CRLSelector.java,
java/security/cert/CertPathBuilder.java,
java/security/cert/CertPathBuilderResult.java,
java/security/cert/CertPathBuilderSpi.java,
java/security/cert/CertPathParameters.java,
java/security/cert/CertPathValidator.java,
java/security/cert/CertPathValidatorResult.java,
java/security/cert/CertPathValidatorSpi.java,
java/security/cert/CertSelector.java,
java/security/cert/CertStore.java,
java/security/cert/CertStoreParameters.java,
java/security/cert/CertStoreSpi.java,
java/security/cert/CollectionCertStoreParameters.java,
java/security/cert/LDAPCertStoreParameters.java,
java/security/cert/PKIXBuilderParameters.java,
java/security/cert/PKIXCertPathBuilderResult.java,
java/security/cert/PKIXCertPathChecker.java,
java/security/cert/PKIXCertPathValidatorResult.java,
java/security/cert/PKIXParameters.java,
java/security/cert/PolicyNode.java,
java/security/cert/PolicyQualifierInfo.java,
java/security/cert/TrustAnchor.java,
javax/security/auth/x500/X500Principal.java:
New files from classpath.
* gnu/java/io/ASN1ParsingException.java,
gnu/java/io/Base64InputStream.java,
gnu/java/security/der/DEREncodingException.java,
gnu/java/security/provider/DSAParameters.java,
gnu/java/security/provider/DSASignature.java,
gnu/java/security/provider/Gnu.java,
gnu/java/security/provider/GnuDSAPrivateKey.java,
gnu/java/security/provider/GnuDSAPublicKey.java,
java/security/AlgorithmParameterGenerator.java,
java/security/AlgorithmParameters.java,
java/security/KeyFactory.java,
java/security/KeyPairGenerator.java,
java/security/KeyStore.java,
java/security/MessageDigest.java,
java/security/SecureClassLoader.java,
java/security/SecureRandom.java,
java/security/Security.java,
java/security/Signature.java,
java/security/cert/Certificate.java,
java/security/cert/CertificateFactory.java,
java/security/cert/CertificateFactorySpi.java,
java/security/cert/X509CRL.java,
java/security/cert/X509Certificate.java,
java/security/spec/DSAPublicKeySpec.java:
New versions from classpath.
* gnu/java/security/provider/DERReader.java,
gnu/java/security/provider/DERWriter.java,
java/security/Engine.java: Removed.
* Makefile.am
(java_source_files, javax_source_files): Added new files.
* Makefile.in: Regenerated.
From-SVN: r66283
Diffstat (limited to 'libjava/gnu/java/security/provider')
| -rw-r--r-- | libjava/gnu/java/security/provider/DERReader.java | 152 | ||||
| -rw-r--r-- | libjava/gnu/java/security/provider/DERWriter.java | 142 | ||||
| -rw-r--r-- | libjava/gnu/java/security/provider/DSAKeyFactory.java | 134 | ||||
| -rw-r--r-- | libjava/gnu/java/security/provider/DSAParameters.java | 54 | ||||
| -rw-r--r-- | libjava/gnu/java/security/provider/DSASignature.java | 40 | ||||
| -rw-r--r-- | libjava/gnu/java/security/provider/Gnu.java | 27 | ||||
| -rw-r--r-- | libjava/gnu/java/security/provider/GnuDSAPrivateKey.java | 6 | ||||
| -rw-r--r-- | libjava/gnu/java/security/provider/GnuDSAPublicKey.java | 8 | ||||
| -rw-r--r-- | libjava/gnu/java/security/provider/X509CertificateFactory.java | 269 |
9 files changed, 504 insertions, 328 deletions
diff --git a/libjava/gnu/java/security/provider/DERReader.java b/libjava/gnu/java/security/provider/DERReader.java deleted file mode 100644 index 0f6e492..0000000 --- a/libjava/gnu/java/security/provider/DERReader.java +++ /dev/null @@ -1,152 +0,0 @@ -/* DERReader.java - Copyright (C) 1999 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -02111-1307 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.math.BigInteger; -import gnu.java.security.der.DEREncodingException; - -public class DERReader -{ - byte source[]; - int pos; - - static final int UNIVERSAL = 1; - static final int APPLICATION = 2; - static final int CONTEXT_SPECIFIC = 3; - static final int PRIVATE = 4; - - - public DERReader() - { - source = null; - pos = 0; - } - - public DERReader( byte source[] ) - { - init( source ); - } - - public void init( String source ) - { - init( source.getBytes() ); - } - - public void init( byte source[] ) - { - this.source = source; - pos = 0; - } - - public BigInteger getBigInteger() throws DEREncodingException - { - return new BigInteger( getPrimitive() ); - } - - //Reads Primitive, definite-length method - private byte[] getPrimitive() throws DEREncodingException - { - int tmp = pos; - - //Read Identifier - byte identifier = source[tmp++]; - if( (0x20 & identifier) != 0) - throw new DEREncodingException(); - int type = translateLeadIdentifierByte(identifier); - //System.out.println("Type: " + type); - - //get tag - int tag = (0x1f & identifier); - //if( tag == 0x1f) - // tag = getIdentifier(tmp); - //System.out.println("Tag: " + tag); - - //get length - byte len = source[tmp]; //may be length of length parameter - long length = 0x7f & len; - int i; - if( (0x80 & len) != 0 ) { - //System.out.println("Extra Long Length"); - len &= 0x7f; - //System.out.println("Length of Length: " + len); - //get length here - length = 0; - for( i = 0; i < len; i++ ) { - tmp++; - length <<= 8; - length += (source[tmp] < 0 ) ? - (256 + source[tmp]) : - source[tmp]; - //System.out.println("Length of Length: " + length); - } - tmp++; - } else - tmp++; - - /*System.out.println("Position: " + tmp); - System.out.println("Length: " + length); - for( i = 0; i < 10; i++) - System.out.print(source[tmp + i] + " "); - System.out.println();*/ - - byte tmpb[] = new byte[ (int)length ]; - System.arraycopy( source, tmp, tmpb, 0, (int)length); - pos = (int)(tmp + length); - return tmpb; - } - - private int translateLeadIdentifierByte(byte b) - { - if( (0x3f & b ) == b) - return UNIVERSAL; - else if( (0x7f & b ) == b) - return APPLICATION; - else if( (0xbf & b ) == b) - return CONTEXT_SPECIFIC; - else - return PRIVATE; - } - - private int getIdentifier(int tpos) - { - while( (0x80 & source[tpos]) != 0) - tpos++; - return tpos; - } -} diff --git a/libjava/gnu/java/security/provider/DERWriter.java b/libjava/gnu/java/security/provider/DERWriter.java deleted file mode 100644 index 4add119..0000000 --- a/libjava/gnu/java/security/provider/DERWriter.java +++ /dev/null @@ -1,142 +0,0 @@ -/* DERWriter.java - Copyright (C) 1999 Free Software Foundation, Inc. - -This file is part of GNU Classpath. - -GNU Classpath is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2, or (at your option) -any later version. - -GNU Classpath is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -General Public License for more details. - -You should have received a copy of the GNU General Public License -along with GNU Classpath; see the file COPYING. If not, write to the -Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA -02111-1307 USA. - -Linking this library statically or dynamically with other modules is -making a combined work based on this library. Thus, the terms and -conditions of the GNU General Public License cover the whole -combination. - -As a special exception, the copyright holders of this library give you -permission to link this library with independent modules to produce an -executable, regardless of the license terms of these independent -modules, and to copy and distribute the resulting executable under -terms of your choice, provided that you also meet, for each linked -independent module, the terms and conditions of the license of that -module. An independent module is a module which is not derived from -or based on this library. If you modify this library, you may extend -this exception to your version of the library, but you are not -obligated to do so. If you do not wish to do so, delete this -exception statement from your version. */ - - -package gnu.java.security.provider; - -import java.math.BigInteger; - -public class DERWriter -{ - static final int UNIVERSAL = 1; - static final int APPLICATION = 2; - static final int CONTEXT_SPECIFIC = 3; - static final int PRIVATE = 4; - - public DERWriter() - {} - - public byte[] writeBigInteger( BigInteger i) - { - return writePrimitive( 0x02, UNIVERSAL, (int)Math.ceil((double)i.bitLength() / 8), i.toByteArray() ); - } - - private byte[] writePrimitive( int identifier, int identifierencoding, - int length, byte contents[]) - { - return joinarrays( generateIdentifier( identifier, identifierencoding ), generateLength( length ), contents); - } - - public byte[] joinarrays( byte a[], byte b[]) - { - byte d[] = new byte[ a.length + b.length]; - System.arraycopy( a, 0, d, 0, a.length); - System.arraycopy( b, 0, d, a.length, b.length); - return d; - } - - public byte[] joinarrays( byte a[], byte b[], byte c[]) - { - byte d[] = new byte[ a.length + b.length + c.length]; - System.arraycopy( a, 0, d, 0, a.length); - System.arraycopy( b, 0, d, a.length, b.length); - System.arraycopy( c, 0, d, a.length + b.length, c.length); - return d; - } - - private byte[] generateIdentifier(int identifier, - int identifierencoding) - { - byte b[]; - if( identifier > 31 ) { - int count = (int)(Math.log( identifier ) / Math.log( 256 )); - b = new byte[ count + 1 ]; - b[0] = (byte)(translateLeadIdentifierByte(identifierencoding) - | 0x1f); - int i; - for( i = 1; i < (count + 1); i++) { - b[i] = (byte)(0x7f & ( identifier >> (7 * (count - i)) )); - b[i] |= 0x80; - } - b[i - 1] ^= 0x80; - //System.out.println("Identifier1: " + b[0]); - return b; - } else { - b = new byte[1]; - b[0] = (byte)((translateLeadIdentifierByte(identifierencoding) - | (byte)( identifier & 0x1f )) & 0xdf); - //System.out.println("Identifier2: " + b[0]); - return b; - } - } - - private byte translateLeadIdentifierByte(int b) - { - if( b == UNIVERSAL) - return (byte)0x3f; - else if( b == APPLICATION) - return (byte)0x7f; - else if( b == CONTEXT_SPECIFIC) - return (byte)0xbf; - else - return (byte)0xC0; - } - - private byte[] generateLength( int length ) - { - byte b[]; - if( length > 127 ) { - int count = (int)Math.ceil(Math.log( length ) / Math.log( 256 )); - //System.out.println("Length byte count: " + count); - b = new byte[ count + 1 ]; - b[0] = (byte)((count & 0x7f) | 0x80); - for( int i = 1; i < (count + 1); i++) { - b[i] = (byte)( length >>> (8 * ( count - i) )); - //System.out.println("Length1 byte1: " + (length >>> (8 * ( count - i) ))); - //System.out.println("Length1 byte2: " + b[i]); - } - - //System.out.println("Length1: " + length); - return b; - } else { - b = new byte[1]; - b[0] = (byte)( length & 0x7f ); - //System.out.println("Length2: " + length); - return b; - } - } -} diff --git a/libjava/gnu/java/security/provider/DSAKeyFactory.java b/libjava/gnu/java/security/provider/DSAKeyFactory.java new file mode 100644 index 0000000..3414f42 --- /dev/null +++ b/libjava/gnu/java/security/provider/DSAKeyFactory.java @@ -0,0 +1,134 @@ +/* DSAKeyFactory.java -- DSA key factory. + Copyright (C) 2003 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +02111-1307 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.provider; + +import java.security.InvalidKeyException; +import java.security.Key; +import java.security.KeyFactorySpi; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; +import java.security.spec.DSAPrivateKeySpec; +import java.security.spec.DSAPublicKeySpec; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; + +/** + * DSA key factory. + * + * @author Casey Marshall (rsdio@metastatic.org) + */ +public class DSAKeyFactory extends KeyFactorySpi +{ + + // Constructor. + // ------------------------------------------------------------------------ + + public DSAKeyFactory() + { + super(); + } + + // Instance methods. + // ------------------------------------------------------------------------ + + protected PrivateKey engineGeneratePrivate(KeySpec keySpec) + throws InvalidKeySpecException + { + if (!(keySpec instanceof DSAPrivateKeySpec)) + throw new InvalidKeySpecException(); + return new GnuDSAPrivateKey( + ((DSAPrivateKeySpec) keySpec).getX(), + ((DSAPrivateKeySpec) keySpec).getP(), + ((DSAPrivateKeySpec) keySpec).getQ(), + ((DSAPrivateKeySpec) keySpec).getG()); + } + + protected PublicKey engineGeneratePublic(KeySpec keySpec) + throws InvalidKeySpecException + { + if (!(keySpec instanceof DSAPublicKeySpec)) + throw new InvalidKeySpecException(); + return new GnuDSAPublicKey( + ((DSAPublicKeySpec) keySpec).getY(), + ((DSAPublicKeySpec) keySpec).getP(), + ((DSAPublicKeySpec) keySpec).getQ(), + ((DSAPublicKeySpec) keySpec).getG()); + } + + protected KeySpec engineGetKeySpec(Key key, Class keySpec) + throws InvalidKeySpecException + { + if ((key instanceof DSAPublicKey) && + keySpec.isAssignableFrom(DSAPublicKeySpec.class)) + { + return new DSAPublicKeySpec(((DSAPublicKey) key).getY(), + ((DSAPublicKey) key).getParams().getP(), + ((DSAPublicKey) key).getParams().getQ(), + ((DSAPublicKey) key).getParams().getG()); + } + if ((key instanceof DSAPrivateKey) && + keySpec.isAssignableFrom(DSAPrivateKeySpec.class)) + { + return new DSAPrivateKeySpec(((DSAPrivateKey) key).getX(), + ((DSAPrivateKey) key).getParams().getP(), + ((DSAPrivateKey) key).getParams().getQ(), + ((DSAPrivateKey) key).getParams().getG()); + } + throw new InvalidKeySpecException(); + } + + protected Key engineTranslateKey(Key key) throws InvalidKeyException + { + if ((key instanceof GnuDSAPublicKey) || (key instanceof GnuDSAPrivateKey)) + return key; + if (key instanceof DSAPublicKey) + return new GnuDSAPublicKey(((DSAPublicKey) key).getY(), + ((DSAPublicKey) key).getParams().getP(), + ((DSAPublicKey) key).getParams().getQ(), + ((DSAPublicKey) key).getParams().getG()); + if (key instanceof DSAPrivateKey) + return new GnuDSAPrivateKey(((DSAPrivateKey) key).getX(), + ((DSAPrivateKey) key).getParams().getP(), + ((DSAPrivateKey) key).getParams().getQ(), + ((DSAPrivateKey) key).getParams().getG()); + throw new InvalidKeyException(); + } +} diff --git a/libjava/gnu/java/security/provider/DSAParameters.java b/libjava/gnu/java/security/provider/DSAParameters.java index a8f998b..31c0d5e 100644 --- a/libjava/gnu/java/security/provider/DSAParameters.java +++ b/libjava/gnu/java/security/provider/DSAParameters.java @@ -1,5 +1,5 @@ /* DSAParameters.java --- DSA Parameters Implementation - Copyright (C) 1999 Free Software Foundation, Inc. + Copyright (C) 1999,2003 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -38,15 +38,28 @@ exception statement from your version. */ package gnu.java.security.provider; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; import java.io.IOException; + import java.math.BigInteger; + import java.security.AlgorithmParametersSpi; import java.security.InvalidAlgorithmParameterException; import java.security.spec.AlgorithmParameterSpec; import java.security.spec.DSAParameterSpec; import java.security.spec.InvalidParameterSpecException; + +import java.util.ArrayList; +import java.util.List; import java.util.Random; + +import gnu.java.io.ASN1ParsingException; +import gnu.java.security.der.DER; import gnu.java.security.der.DEREncodingException; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; import gnu.java.security.util.Prime; @@ -76,7 +89,7 @@ public void engineInit(AlgorithmParameterSpec paramSpec) DSAParameterSpec dsaParamSpec = (DSAParameterSpec)paramSpec; p = dsaParamSpec.getP(); q = dsaParamSpec.getQ(); - q = dsaParamSpec.getG(); + g = dsaParamSpec.getG(); } else throw new InvalidParameterSpecException("Only accepts DSAParameterSpec"); @@ -85,16 +98,20 @@ public void engineInit(AlgorithmParameterSpec paramSpec) public void engineInit(byte[] params) throws IOException { - DERReader reader = new DERReader( params ); - try { - - p = reader.getBigInteger(); - q = reader.getBigInteger(); - g = reader.getBigInteger(); - - } catch ( DEREncodingException DERee) { - throw new IOException("Invalid Format: Only accepts ASN.1"); - } + DERReader in = new DERReader(params); + DERValue val = in.read(); + if (val.getValue() != DER.CONSTRUCTED_VALUE) + throw new ASN1ParsingException("badly formed parameters"); + try + { + p = (BigInteger) in.read().getValue(); + q = (BigInteger) in.read().getValue(); + g = (BigInteger) in.read().getValue(); + } + catch (Exception x) + { + throw new ASN1ParsingException("badly formed parameters"); + } } public void engineInit(byte[] params, String format) @@ -117,10 +134,13 @@ public AlgorithmParameterSpec engineGetParameterSpec(Class paramSpec) public byte[] engineGetEncoded() throws IOException { - DERWriter writer = new DERWriter(); - return writer.joinarrays( writer.writeBigInteger(p), - writer.writeBigInteger(q), - writer.writeBigInteger(g) ); + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + ArrayList seq = new ArrayList(3); + seq.add(new DERValue(DER.INTEGER, p)); + seq.add(new DERValue(DER.INTEGER, q)); + seq.add(new DERValue(DER.INTEGER, g)); + DERWriter.write(bout, new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, seq)); + return bout.toByteArray(); } @@ -135,7 +155,7 @@ public byte[] engineGetEncoded(String format) public String engineToString() { String lineSeparator = System.getProperty("line.seperator"); - return ("q: " + q + lineSeparator + "p: " + p + lineSeparator + "g:" + g); + return ("q: " + q + " p: " + p + " g: " + g); } } diff --git a/libjava/gnu/java/security/provider/DSASignature.java b/libjava/gnu/java/security/provider/DSASignature.java index f33f048..7da1c7d 100644 --- a/libjava/gnu/java/security/provider/DSASignature.java +++ b/libjava/gnu/java/security/provider/DSASignature.java @@ -1,5 +1,5 @@ /* DSASignature.java - Copyright (C) 1999 Free Software Foundation, Inc. + Copyright (C) 1999,2003 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -37,7 +37,12 @@ exception statement from your version. */ package gnu.java.security.provider; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.IOException; + import java.math.BigInteger; + import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.InvalidParameterException; @@ -52,8 +57,17 @@ import java.security.SignatureSpi; import java.security.interfaces.DSAPrivateKey; import java.security.interfaces.DSAPublicKey; import java.security.spec.AlgorithmParameterSpec; + +import java.util.ArrayList; +import java.util.List; import java.util.Random; + +import gnu.java.io.ASN1ParsingException; +import gnu.java.security.der.DER; import gnu.java.security.der.DEREncodingException; +import gnu.java.security.der.DERReader; +import gnu.java.security.der.DERValue; +import gnu.java.security.der.DERWriter; public class DSASignature extends SignatureSpi { @@ -157,9 +171,14 @@ public class DSASignature extends SignatureSpi BigInteger s = sha.add( x.multiply( r ) ); s = s.multiply( k.modInverse(q) ).mod( q ); - DERWriter writer = new DERWriter(); - return writer.joinarrays( writer.writeBigInteger( r ), writer.writeBigInteger( s ) ); - + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + ArrayList seq = new ArrayList(2); + seq.set(0, new DERValue(DER.INTEGER, r)); + seq.set(1, new DERValue(DER.INTEGER, s)); + DERWriter.write(bout, new DERValue(DER.CONSTRUCTED | DER.SEQUENCE, seq)); + return bout.toByteArray(); + } catch (IOException ioe) { + throw new SignatureException(); } catch ( ArithmeticException ae ) { throw new SignatureException(); } @@ -180,9 +199,12 @@ public class DSASignature extends SignatureSpi { //Decode sigBytes from ASN.1 DER encoding try { - DERReader reader = new DERReader( sigBytes ); - BigInteger r = reader.getBigInteger(); - BigInteger s = reader.getBigInteger(); + DERReader in = new DERReader(sigBytes); + DERValue val = in.read(); + if (!val.isConstructed()) + throw new SignatureException("badly formed signature"); + BigInteger r = (BigInteger) in.read().getValue(); + BigInteger s = (BigInteger) in.read().getValue(); BigInteger g = publicKey.getParams().getG(); BigInteger p = publicKey.getParams().getP(); @@ -206,8 +228,8 @@ public class DSASignature extends SignatureSpi return true; else return false; - } catch ( DEREncodingException deree ) { - throw new SignatureException(); + } catch (IOException ioe) { + throw new SignatureException("badly formed signature"); } } diff --git a/libjava/gnu/java/security/provider/Gnu.java b/libjava/gnu/java/security/provider/Gnu.java index c556107..70a7d1d 100644 --- a/libjava/gnu/java/security/provider/Gnu.java +++ b/libjava/gnu/java/security/provider/Gnu.java @@ -1,5 +1,5 @@ /* Gnu.java --- Gnu provider main class - Copyright (C) 1999, 2002 Free Software Foundation, Inc. + Copyright (C) 1999, 2002, 2003 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -43,7 +43,7 @@ public final class Gnu extends Provider { public Gnu() { - super( "GNU", 1.0, "GNU provider v1.0 implementing SHA-1, MD5, DSA"); + super("GNU", 1.0, "GNU provider v1.0 implementing SHA-1, MD5, DSA, X.509 Certificates"); // Note that all implementation class names are referenced by using // Class.getName(). That way when we staticly link the Gnu provider @@ -51,7 +51,7 @@ public final class Gnu extends Provider // Signature put("Signature.SHA1withDSA", - gnu.java.security.provider.DSASignature.class.getName()); + gnu.java.security.provider.DSASignature.class.getName()); put("Alg.Alias.Signature.DSS", "SHA1withDSA"); put("Alg.Alias.Signature.DSA", "SHA1withDSA"); @@ -68,12 +68,20 @@ public final class Gnu extends Provider // Key Pair Generator put("KeyPairGenerator.DSA", - gnu.java.security.provider.DSAKeyPairGenerator.class.getName()); + gnu.java.security.provider.DSAKeyPairGenerator.class.getName()); put("Alg.Alias.KeyPairGenerator.OID.1.2.840.10040.4.1", "DSA"); put("Alg.Alias.KeyPairGenerator.1.2.840.10040.4.1", "DSA"); put("Alg.Alias.KeyPairGenerator.1.3.14.3.2.12", "DSA"); + // Key Factory + put("KeyFactory.DSA", + gnu.java.security.provider.DSAKeyFactory.class.getName()); + + put("Alg.Alias.KeyFactory.OID.1.2.840.10040.4.1", "DSA"); + put("Alg.Alias.KeyFactory.1.2.840.10040.4.1", "DSA"); + put("Alg.Alias.KeyFactory.1.3.14.3.2.12", "DSA"); + // Message Digests put("MessageDigest.SHA", gnu.java.security.provider.SHA.class.getName()); put("MessageDigest.MD5", gnu.java.security.provider.MD5.class.getName()); @@ -84,15 +92,20 @@ public final class Gnu extends Provider // Algorithm Parameters put("AlgorithmParameters.DSA", - gnu.java.security.provider.DSAParameters.class.getName()); + gnu.java.security.provider.DSAParameters.class.getName()); // Algorithm Parameter Generator put("AlgorithmParameterGenerator.DSA", - gnu.java.security.provider.DSAParameterGenerator.class.getName()); + gnu.java.security.provider.DSAParameterGenerator.class.getName()); // SecureRandom put("SecureRandom.SHA1PRNG", - gnu.java.security.provider.SHA1PRNG.class.getName()); + gnu.java.security.provider.SHA1PRNG.class.getName()); + + // CertificateFactory + put("CertificateFactory.X.509", + gnu.java.security.provider.X509CertificateFactory.class.getName()); + put("Alg.Alias.CertificateFactory.X509", "X.509"); } } diff --git a/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java b/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java index 45446c7..4eceb00 100644 --- a/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java +++ b/libjava/gnu/java/security/provider/GnuDSAPrivateKey.java @@ -82,4 +82,10 @@ public class GnuDSAPrivateKey implements DSAPrivateKey { return x; } + + public String toString() + { + return "GnuDSAPrivateKey: x=" + x.toString(16) + " p=" + p.toString(16) + + " q=" + q.toString(16) + " g=" + g.toString(16); + } } diff --git a/libjava/gnu/java/security/provider/GnuDSAPublicKey.java b/libjava/gnu/java/security/provider/GnuDSAPublicKey.java index 2f23abb..91d6b56 100644 --- a/libjava/gnu/java/security/provider/GnuDSAPublicKey.java +++ b/libjava/gnu/java/security/provider/GnuDSAPublicKey.java @@ -1,5 +1,5 @@ /* GnuDSAPublicKey.java --- Gnu DSA Public Key - Copyright (C) 1999 Free Software Foundation, Inc. + Copyright (C) 1999,2003 Free Software Foundation, Inc. This file is part of GNU Classpath. @@ -82,4 +82,10 @@ public class GnuDSAPublicKey implements DSAPublicKey { return y; } + + public String toString() + { + return "GnuDSAPublicKey: y=" + y.toString(16) + " p=" + p.toString(16) + + " q=" + q.toString(16) + " g=" + g.toString(16); + } } diff --git a/libjava/gnu/java/security/provider/X509CertificateFactory.java b/libjava/gnu/java/security/provider/X509CertificateFactory.java new file mode 100644 index 0000000..62d3d38 --- /dev/null +++ b/libjava/gnu/java/security/provider/X509CertificateFactory.java @@ -0,0 +1,269 @@ +/* X509CertificateFactory.java -- generates X.509 certificates. + Copyright (C) 2003 Free Software Foundation, Inc. + +This file is part of GNU Classpath. + +GNU Classpath is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +GNU Classpath is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with GNU Classpath; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA +02111-1307 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. */ + + +package gnu.java.security.provider; + +import java.io.BufferedInputStream; +import java.io.EOFException; +import java.io.InputStream; +import java.io.IOException; + +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactorySpi; +import java.security.cert.CRL; +import java.security.cert.CRLException; + +import java.util.Collection; +import java.util.LinkedList; + +import gnu.java.io.Base64InputStream; +import gnu.java.security.x509.X509Certificate; +import gnu.java.security.x509.X509CRL; + +public class X509CertificateFactory extends CertificateFactorySpi +{ + + // Constants. + // ------------------------------------------------------------------------ + + public static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----"; + public static final String END_CERTIFICATE = "-----END CERTIFICATE-----"; + public static final String BEGIN_X509_CRL = "-----BEGIN X509 CRL-----"; + public static final String END_X509_CRL = "-----END X509 CRL-----"; + + // Constructors. + // ------------------------------------------------------------------------ + + public X509CertificateFactory() + { + super(); + } + + // Instance methods. + // ------------------------------------------------------------------------ + + public Certificate engineGenerateCertificate(InputStream inStream) + throws CertificateException + { + try + { + return generateCert(inStream); + } + catch (IOException ioe) + { + throw new CertificateException(ioe.toString()); + } + } + + public Collection engineGenerateCertificates(InputStream inStream) + throws CertificateException + { + LinkedList certs = new LinkedList(); + while (true) + { + try + { + certs.add(generateCert(inStream)); + } + catch (EOFException eof) + { + break; + } + catch (IOException ioe) + { + throw new CertificateException(ioe.toString()); + } + } + return certs; + } + + public CRL engineGenerateCRL(InputStream inStream) throws CRLException + { + try + { + return generateCRL(inStream); + } + catch (IOException ioe) + { + throw new CRLException(ioe.toString()); + } + } + + public Collection engineGenerateCRLs(InputStream inStream) + throws CRLException + { + LinkedList crls = new LinkedList(); + while (true) + { + try + { + crls.add(generateCRL(inStream)); + } + catch (EOFException eof) + { + break; + } + catch (IOException ioe) + { + throw new CRLException(ioe.toString()); + } + } + return crls; + } + + // Own methods. + // ------------------------------------------------------------------------ + + private X509Certificate generateCert(InputStream inStream) + throws IOException, CertificateException + { + if (!inStream.markSupported()) + inStream = new BufferedInputStream(inStream, 8192); + inStream.mark(20); + int i = inStream.read(); + if (i == -1) + throw new EOFException(); + + // If the input is in binary DER format, the first byte MUST be + // 0x30, which stands for the ASN.1 [UNIVERSAL 16], which is the + // UNIVERSAL SEQUENCE, with the CONSTRUCTED bit (0x20) set. + // + // So if we do not see 0x30 here we will assume it is in Base-64. + if (i != 0x30) + { + inStream.reset(); + StringBuffer line = new StringBuffer(80); + do + { + line.setLength(0); + do + { + i = inStream.read(); + if (i == -1) + throw new EOFException(); + if (i != '\n' && i != '\r') + line.append((char) i); + } + while (i != '\n' && i != '\r'); + } + while (!line.toString().equals(BEGIN_CERTIFICATE)); + X509Certificate ret = new X509Certificate( + new BufferedInputStream(new Base64InputStream(inStream), 8192)); + line.setLength(0); + line.append('-'); // Base64InputStream will eat this. + do + { + i = inStream.read(); + if (i == -1) + throw new EOFException(); + if (i != '\n' && i != '\r') + line.append((char) i); + } + while (i != '\n' && i != '\r'); + // XXX ??? + if (!line.toString().equals(END_CERTIFICATE)) + throw new CertificateException("no end-of-certificate marker"); + return ret; + } + else + { + inStream.reset(); + return new X509Certificate(inStream); + } + } + + private X509CRL generateCRL(InputStream inStream) + throws IOException, CRLException + { + if (!inStream.markSupported()) + inStream = new BufferedInputStream(inStream, 8192); + inStream.mark(20); + int i = inStream.read(); + if (i == -1) + throw new EOFException(); + + // If the input is in binary DER format, the first byte MUST be + // 0x30, which stands for the ASN.1 [UNIVERSAL 16], which is the + // UNIVERSAL SEQUENCE, with the CONSTRUCTED bit (0x20) set. + // + // So if we do not see 0x30 here we will assume it is in Base-64. + if (i != 0x30) + { + inStream.reset(); + StringBuffer line = new StringBuffer(80); + do + { + line.setLength(0); + do + { + i = inStream.read(); + if (i == -1) + throw new EOFException(); + if (i != '\n' && i != '\r') + line.append((char) i); + } + while (i != '\n' && i != '\r'); + } + while (!line.toString().startsWith(BEGIN_X509_CRL)); + X509CRL ret = new X509CRL( + new BufferedInputStream(new Base64InputStream(inStream), 8192)); + line.setLength(0); + line.append('-'); // Base64InputStream will eat this. + do + { + i = inStream.read(); + if (i == -1) + throw new EOFException(); + if (i != '\n' && i != '\r') + line.append((char) i); + } + while (i != '\n' && i != '\r'); + // XXX ??? + if (!line.toString().startsWith(END_X509_CRL)) + throw new CRLException("no end-of-CRL marker"); + return ret; + } + else + { + inStream.reset(); + return new X509CRL(inStream); + } + } + +} |