[multiple changes]

2004-09-21  Andreas Tobler  <a.tobler@schweiz.ch>

	Import the big Crypto/Jessie/Security merge from Classpath.

	* Makefile.am: Add imported files.
	* Makefile.in: Regenerate.

	2004-08-14  Casey Marshall <csm@gnu.org>

	The Big Crypto Merge of 2004.

	* javax/security/auth/x500/X500Principal.java: Replaced with GNU
	Crypto's version.

	Files imported from GNU Crypto.
	* javax/crypto/BadPaddingException.java
	* javax/crypto/Cipher.java
	* javax/crypto/CipherInputStream.java
	* javax/crypto/CipherOutputStream.java
	* javax/crypto/CipherSpi.java
	* javax/crypto/EncryptedPrivateKeyInfo.java
	* javax/crypto/ExemptionMechanism.java
	* javax/crypto/ExemptionMechanismException.java
	* javax/crypto/ExemptionMechanismSpi.java
	* javax/crypto/IllegalBlockSizeException.java
	* javax/crypto/KeyAgreement.java
	* javax/crypto/KeyAgreementSpi.java
	* javax/crypto/KeyGenerator.java
	* javax/crypto/KeyGeneratorSpi.java
	* javax/crypto/Mac.java
	* javax/crypto/MacSpi.java
	* javax/crypto/Makefile.am
	* javax/crypto/NoSuchPaddingException.java
	* javax/crypto/NullCipher.java
	* javax/crypto/NullCipherImpl.java
	* javax/crypto/SealedObject.java
	* javax/crypto/SecretKey.java
	* javax/crypto/SecretKeyFactory.java
	* javax/crypto/SecretKeyFactorySpi.java
	* javax/crypto/ShortBufferException.java
	* javax/crypto/interfaces/DHKey.java
	* javax/crypto/interfaces/DHPrivateKey.java
	* javax/crypto/interfaces/DHPublicKey.java
	* javax/crypto/interfaces/PBEKey.java
	* javax/crypto/spec/DESKeySpec.java
	* javax/crypto/spec/DESedeKeySpec.java
	* javax/crypto/spec/DHGenParameterSpec.java
	* javax/crypto/spec/DHParameterSpec.java
	* javax/crypto/spec/DHPrivateKeySpec.java
	* javax/crypto/spec/DHPublicKeySpec.java
	* javax/crypto/spec/IvParameterSpec.java
	* javax/crypto/spec/PBEKeySpec.java
	* javax/crypto/spec/PBEParameterSpec.java
	* javax/crypto/spec/RC2ParameterSpec.java
	* javax/crypto/spec/RC5ParameterSpec.java
	* javax/crypto/spec/SecretKeySpec.java
	* javax/security/auth/AuthPermission.java
	* javax/security/auth/DestroyFailedException.java
	* javax/security/auth/Destroyable.java
	* javax/security/auth/Policy.java
	* javax/security/auth/PrivateCredentialPermission.java
	* javax/security/auth/RefreshFailedException.java
	* javax/security/auth/Refreshable.java
	* javax/security/auth/Subject.java
	* javax/security/auth/SubjectDomainCombiner.java
	* javax/security/auth/callback/Callback.java
	* javax/security/auth/callback/CallbackHandler.java
	* javax/security/auth/callback/ChoiceCallback.java
	* javax/security/auth/callback/ConfirmationCallback.java
	* javax/security/auth/callback/LanguageCallback.java
	* javax/security/auth/callback/NameCallback.java
	* javax/security/auth/callback/PasswordCallback.java
	* javax/security/auth/callback/TextInputCallback.java
	* javax/security/auth/callback/TextOutputCallback.java
	* javax/security/auth/callback/UnsupportedCallbackException.java
	* javax/security/auth/login/AccountExpiredException.java
	* javax/security/auth/login/AppConfigurationEntry.java
	* javax/security/auth/login/Configuration.java
	* javax/security/auth/login/CredentialExpiredException.java
	* javax/security/auth/login/FailedLoginException.java
	* javax/security/auth/login/LoginContext.java
	* javax/security/auth/login/LoginException.java
	* javax/security/auth/login/NullConfiguration.java
	* javax/security/auth/x500/X500PrivateCredential.java
	* javax/security/sasl/AuthenticationException.java
	* javax/security/sasl/AuthorizeCallback.java
	* javax/security/sasl/RealmCallback.java
	* javax/security/sasl/RealmChoiceCallback.java
	* javax/security/sasl/Sasl.java
	* javax/security/sasl/SaslClient.java
	* javax/security/sasl/SaslClientFactory.java
	* javax/security/sasl/SaslException.java
	* javax/security/sasl/SaslServer.java
	* javax/security/sasl/SaslServerFactory.java
	* org/ietf/jgss/ChannelBinding.java
	* org/ietf/jgss/GSSContext.java
	* org/ietf/jgss/GSSCredential.java
	* org/ietf/jgss/GSSException.java
	* org/ietf/jgss/GSSManager.java
	* org/ietf/jgss/GSSName.java
	* org/ietf/jgss/MessageProp.java
	* org/ietf/jgss/Oid.java
	* org/ietf/jgss/MessagesBundle.properties

	Files imported from Jessie <http://www.nongnu.org/jessie/>
	* javax/net/ServerSocketFactory.java
	* javax/net/SocketFactory.java
	* javax/net/VanillaServerSocketFactory.java
	* javax/net/VanillaSocketFactory.java
	* javax/net/ssl/HandshakeCompletedEvent.java
	* javax/net/ssl/HandshakeCompletedListener.java
	* javax/net/ssl/HostnameVerifier.java
	* javax/net/ssl/HttpsURLConnection.java
	* javax/net/ssl/KeyManager.java
	* javax/net/ssl/KeyManagerFactory.java
	* javax/net/ssl/KeyManagerFactorySpi.java
	* javax/net/ssl/ManagerFactoryParameters.java
	* javax/net/ssl/SSLContext.java
	* javax/net/ssl/SSLContextSpi.java
	* javax/net/ssl/SSLException.java
	* javax/net/ssl/SSLHandshakeException.java
	* javax/net/ssl/SSLKeyException.java
	* javax/net/ssl/SSLPeerUnverifiedException.java
	* javax/net/ssl/SSLPermission.java
	* javax/net/ssl/SSLProtocolException.java
	* javax/net/ssl/SSLServerSocket.java
	* javax/net/ssl/SSLServerSocketFactory.java
	* javax/net/ssl/SSLSession.java
	* javax/net/ssl/SSLSessionBindingEvent.java
	* javax/net/ssl/SSLSessionBindingListener.java
	* javax/net/ssl/SSLSessionContext.java
	* javax/net/ssl/SSLSocket.java
	* javax/net/ssl/SSLSocketFactory.java
	* javax/net/ssl/TrivialHostnameVerifier.java
	* javax/net/ssl/TrustManager.java
	* javax/net/ssl/TrustManagerFactory.java
	* javax/net/ssl/TrustManagerFactorySpi.java
	* javax/net/ssl/X509KeyManager.java
	* javax/net/ssl/X509TrustManager.java
	* javax/security/cert/Certificate.java
	* javax/security/cert/CertificateEncodingException.java
	* javax/security/cert/CertificateException.java
	* javax/security/cert/CertificateExpiredException.java
	* javax/security/cert/CertificateNotYetValidException.java
	* javax/security/cert/CertificateParsingException.java
	* javax/security/cert/X509CertBridge.java
	* javax/security/cert/X509Certificate.java

	2004-08-20  Casey Marshall  <csm@gnu.org>

	* java/security/cert/X509CRLSelector.java: New file.
	* java/security/cert/X509CertSelector.java: New file.

From-SVN: r87795

1 files changed, 398 insertions, 0 deletions

diff --git a/libjava/javax/crypto/CipherSpi.java b/libjava/javax/crypto/CipherSpi.java
new file mode 100644
index 0000000..06ea534
--- /dev/null
+++ b/libjava/javax/crypto/CipherSpi.java
@@ -0,0 +1,398 @@
+/* CipherSpi.java -- The cipher service provider interface.
+   Copyright (C) 2004  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.crypto;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+
+/**
+ * <p>This class represents the <i>Service Provider Interface</i>
+ * (<b>SPI</b>) for cryptographic ciphers.</p>
+ *
+ * <p>Providers of cryptographic ciphers must subclass this for every
+ * cipher they implement, implementing the abstract methods as
+ * appropriate, then provide an entry that points to the subclass in
+ * their implementation of {@link java.security.Provider}.</p>
+ *
+ * <p>CipherSpi objects are instantiated along with {@link Cipher}s when
+ * the {@link Cipher#getInstance(java.lang.String)} methods are invoked.
+ * Particular ciphers are referenced by a <i>transformation</i>, which
+ * is a String consisting of the cipher's name or the ciper's name
+ * followed by a mode and a padding. Transformations all follow the
+ * general form:</p>
+ *
+ * <ul>
+ * <li><i>algorithm</i>, or</li>
+ * <li><i>algorithm</i>/<i>mode</i>/<i>padding</i>
+ * </ul>
+ *
+ * <p>Cipher names in the master {@link java.security.Provider} class
+ * may be:</p>
+ *
+ * <ol>
+ * <li>The algorithm's name, which uses a pluggable mode and padding:
+ * <code>Cipher.<i>algorithm</i></code></li>
+ * <li>The algorithm's name and the mode, which uses pluggable padding:
+ * <code>Cipher.<i>algorithm</i>/<i>mode</i></code></li>
+ * <li>The algorithm's name and the padding, which uses a pluggable
+ * mode: <code>Cipher.<i>algorithm</i>//<i>padding</i></code></li>
+ * <li>The algorihtm's name, the mode, and the padding:
+ * <code>Cipher.<i>algorithm</i>/<i>mode</i>/<i>padding</i></code></li>
+ * </ol>
+ *
+ * <p>When any {@link Cipher#getInstance(java.lang.String)} method is
+ * invoked, the following happens if the transformation is simply
+ * <i>algorithm</i>:</p>
+ *
+ * <ol>
+ * <li>If the provider defines a <code>CipherSpi</code> implementation
+ * for "<i>algorithm</i>", return it. Otherwise throw a {@link
+ * java.security.NoSuchAlgorithmException}.</li>
+ * </ol>
+ *
+ * <p>If the transformation is of the form
+ * <i>algorithm</i>/<i>mode</i>/<i>padding</i>:</p>
+ *
+ * <ol>
+ * <li>If the provider defines a <code>CipherSpi</code> subclass for
+ * "<i>algorithm</i>/<i>mode</i>/<i>padding</i>", return it. Otherwise
+ * go to step 2.</li>
+ *
+ * <li>If the provider defines a <code>CipherSpi</code> subclass for
+ * "<i>algorithm</i>/<i>mode</i>", instatiate it, call {@link
+ * #engineSetPadding(java.lang.String)} for the padding name, and return
+ * it. Otherwise go to step 3.</li>
+ *
+ * <li>If the provider defines a <code>CipherSpi</code> subclass for
+ * "<i>algorithm</i>//<i>padding</i>", instatiate it, call {@link
+ * #engineSetMode(java.lang.String)} for the mode name, and return
+ * it. Otherwise go to step 4.</li>
+ *
+ * <li>If the provider defines a <code>CipherSpi</code> subclass for
+ * "<i>algorithm</i>", instatiate it, call {@link
+ * #engineSetMode(java.lang.String)} for the mode name, call {@link
+ * #engineSetPadding(java.lang.String)} for the padding name, and return
+ * it. Otherwise throw a {@link java.security.NoSuchAlgorithmException}.</li>
+ * </ol>
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ * @since 1.4
+ */
+public abstract class CipherSpi
+{
+
+  // Constructors.
+  // ------------------------------------------------------------------------
+
+  /**
+   * Create a new CipherSpi.
+   */
+  public CipherSpi()
+  {
+  }
+
+  // Abstract methods to be implemented by providers.
+  // ------------------------------------------------------------------------
+
+  /**
+   * Finishes a multi-part transformation or transforms a portion of a
+   * byte array, and returns the transformed bytes.
+   *
+   * @param input       The input bytes.
+   * @param inputOffset The index in the input at which to start.
+   * @param inputLength The number of bytes to transform.
+   * @return The transformed bytes in a new array.
+   * @throws javax.crypto.IllegalBlockSizeException If this instance has
+   *         no padding and the input size is not a multiple of the
+   *         block size.
+   * @throws javax.crypto.BadPaddingException If this instance is being
+   *         used for decryption and the padding is not appropriate for
+   *         this instance's padding scheme.
+   */
+  protected abstract byte[]
+  engineDoFinal(byte[] input, int inputOffset, int inputLength)
+  throws IllegalBlockSizeException, BadPaddingException;
+
+  /**
+   * Finishes a multi-part transformation or transforms a portion of a
+   * byte array, and stores the transformed bytes in the supplied array.
+   *
+   * @param input        The input bytes.
+   * @param inputOffset  The index in the input at which to start.
+   * @param inputLength  The number of bytes to transform.
+   * @param output       The output byte array.
+   * @param outputOffset The index in the output array at which to start.
+   * @return The number of transformed bytes stored in the output array.
+   * @throws javax.crypto.IllegalBlockSizeException If this instance has
+   *         no padding and the input size is not a multiple of the
+   *         block size.
+   * @throws javax.crypto.BadPaddingException If this instance is being
+   *         used for decryption and the padding is not appropriate for
+   *         this instance's padding scheme.
+   * @throws javax.crypto.ShortBufferException If there is not enough
+   *         space in the output array for the transformed bytes.
+   */
+  protected abstract int
+  engineDoFinal(byte[] input, int inputOffset, int inputLength,
+                byte[] output, int outputOffset)
+  throws IllegalBlockSizeException, BadPaddingException, ShortBufferException;
+
+  /**
+   * Returns the block size of the underlying cipher.
+   *
+   * @return The block size.
+   */
+  protected abstract int engineGetBlockSize();
+
+  /**
+   * Returns the initializaiton vector this cipher was initialized with,
+   * if any.
+   *
+   * @return The IV, or null if this cipher uses no IV or if this
+   *         instance has not been initialized yet.
+   */
+  protected abstract byte[] engineGetIV();
+
+  /**
+   * <p>Return the length of the given key in bits.</p>
+   *
+   * <p>For compatibility this method is not declared
+   * <code>abstract</code>, and the default implementation will throw an
+   * {@link java.lang.UnsupportedOperationException}. Concrete
+   * subclasses should override this method to return the correct
+   * value.</p>
+   *
+   * @param key The key to get the size for.
+   * @return The size of the key, in bits.
+   * @throws java.security.InvalidKeyException If the key's length
+   *         cannot be determined by this implementation.
+   */
+  protected int engineGetKeySize(Key key) throws InvalidKeyException
+  {
+    throw new UnsupportedOperationException();
+  }
+
+  /**
+   * <p>Returns the size, in bytes, an output buffer must be for a call
+   * to {@link #engineUpdate(byte[],int,int,byte[],int)} or {@link
+   * #engineDoFinal(byte[],int,int,byte[],int)} to succeed.</p>
+   *
+   * <p>The actual output length may be smaller than the value returned
+   * by this method, as it considers the padding length as well. The
+   * length considered is the argument plus the length of any buffered,
+   * unprocessed bytes.</p>
+   *
+   * @param inputLength The input length, in bytes.
+   * @return The size an output buffer must be.
+   */
+  protected abstract int engineGetOutputSize(int inputLength);
+
+  /**
+   * Returns the parameters that this cipher is using. This may be the
+   * parameters used to initialize this cipher, or it may be parameters
+   * that have been initialized with random values.
+   *
+   * @return This cipher's parameters, or <code>null</code> if this
+   *         cipher does not use parameters.
+   */
+  protected abstract AlgorithmParameters engineGetParameters();
+
+  /**
+   * Initializes this cipher with an operation mode, key, and source of
+   * randomness. If this cipher requires any other initializing data,
+   * for example an initialization vector, then it should generate it
+   * from the provided source of randomness.
+   *
+   * @param opmode The operation mode, one of {@link
+   *        Cipher#DECRYPT_MODE}, {@link Cipher#ENCRYPT_MODE}, {@link
+   *        Cipher#UNWRAP_MODE}, or {@link Cipher#WRAP_MODE}.
+   * @param key    The key to initialize this cipher with.
+   * @param random The source of random bytes to use.
+   * @throws java.security.InvalidKeyException If the given key is not
+   *         acceptable for this implementation.
+   */
+  protected abstract void engineInit(int opmode, Key key, SecureRandom random)
+  throws InvalidKeyException;
+
+  /**
+   * Initializes this cipher with an operation mode, key, parameters,
+   * and source of randomness. If this cipher requires any other
+   * initializing data, for example an initialization vector, then it should
+   * generate it from the provided source of randomness.
+   *
+   * @param opmode The operation mode, one of {@link
+   *        Cipher#DECRYPT_MODE}, {@link Cipher#ENCRYPT_MODE}, {@link
+   *        Cipher#UNWRAP_MODE}, or {@link Cipher#WRAP_MODE}.
+   * @param key    The key to initialize this cipher with.
+   * @param params The algorithm parameters to initialize with.
+   * @param random The source of random bytes to use.
+   * @throws java.security.InvalidAlgorithmParameterException If the
+   *         given parameters are not appropriate for this
+   *         implementation.
+   * @throws java.security.InvalidKeyException If the given key is not
+   *         acceptable for this implementation.
+   */
+  protected abstract void
+  engineInit(int opmode, Key key, AlgorithmParameters params,
+             SecureRandom random)
+  throws InvalidAlgorithmParameterException, InvalidKeyException;
+
+  /**
+   * Initializes this cipher with an operation mode, key, parameters,
+   * and source of randomness. If this cipher requires any other
+   * initializing data, for example an initialization vector, then it should
+   * generate it from the provided source of randomness.
+   *
+   * @param opmode The operation mode, one of {@link
+   *        Cipher#DECRYPT_MODE}, {@link Cipher#ENCRYPT_MODE}, {@link
+   *        Cipher#UNWRAP_MODE}, or {@link Cipher#WRAP_MODE}.
+   * @param key    The key to initialize this cipher with.
+   * @param params The algorithm parameters to initialize with.
+   * @param random The source of random bytes to use.
+   * @throws java.security.InvalidAlgorithmParameterException If the
+   *         given parameters are not appropriate for this
+   *         implementation.
+   * @throws java.security.InvalidKeyException If the given key is not
+   *         acceptable for this implementation.
+   */
+  protected abstract void
+  engineInit(int opmode, Key key, AlgorithmParameterSpec params,
+             SecureRandom random)
+  throws InvalidAlgorithmParameterException, InvalidKeyException;
+
+  /**
+   * Set the mode in which this cipher is to run.
+   *
+   * @param mode The name of the mode to use.
+   * @throws java.security.NoSuchAlgorithmException If the mode is
+   *         not supported by this cipher's provider.
+   */
+  protected abstract void engineSetMode(String mode)
+  throws NoSuchAlgorithmException;
+
+  /**
+   * Set the method with which the input is to be padded.
+   *
+   * @param padding The name of the padding to use.
+   * @throws javax.crypto.NoSuchPaddingException If the padding is not
+   *         supported by this cipher's provider.
+   */
+  protected abstract void engineSetPadding(String padding)
+  throws NoSuchPaddingException;
+
+  /**
+   * <p>Unwraps a previously-wrapped key.</p>
+   *
+   * <p>For compatibility this method is not declared
+   * <code>abstract</code>, and the default implementation will throw an
+   * {@link java.lang.UnsupportedOperationException}.</p>
+   *
+   * @param wrappedKey          The wrapped key.
+   * @param wrappedKeyAlgorithm The name of the algorithm used to wrap
+   *                            this key.
+   * @param wrappedKeyType      The type of wrapped key; one of
+   *                            {@link Cipher#PRIVATE_KEY},
+   *                            {@link Cipher#PUBLIC_KEY}, or
+   *                            {@link Cipher#SECRET_KEY}.
+   * @return The unwrapped key.
+   * @throws java.security.InvalidKeyException If the key cannot be
+   *         unwrapped, or if <code>wrappedKeyType</code> is an
+   *         inappropriate type for the unwrapped key.
+   * @throws java.security.NoSuchAlgorithmException If the
+   *         <code>wrappedKeyAlgorithm</code> is unknown.
+   */
+  protected Key engineUnwrap(byte[] wrappedKey, String wrappedKeyAlgorithm,
+                             int wrappedKeyType)
+  throws InvalidKeyException, NoSuchAlgorithmException
+  {
+    throw new UnsupportedOperationException();
+  }
+
+  /**
+   * Continue with a multi-part transformation, returning a new array of
+   * the transformed bytes.
+   *
+   * @param input       The next input bytes.
+   * @param inputOffset The index in the input array from which to start.
+   * @param inputLength The number of bytes to input.
+   * @return The transformed bytes.
+   */
+  protected abstract byte[]
+  engineUpdate(byte[] input, int inputOffset, int inputLength);
+
+  /**
+   * Continue with a multi-part transformation, storing the transformed
+   * bytes into the specified array.
+   *
+   * @param input        The next input bytes.
+   * @param inputOffset  The index in the input from which to start.
+   * @param inputLength  The number of bytes to input.
+   * @param output       The output buffer.
+   * @param outputOffset The index in the output array from which to start.
+   * @return The transformed bytes.
+   * @throws javax.crypto.ShortBufferException If there is not enough
+   *         space in the output array to store the transformed bytes.
+   */
+  protected abstract int
+  engineUpdate(byte[] input, int inputOffset, int inputLength,
+               byte[] output, int outputOffset)
+  throws ShortBufferException;
+
+  /**
+   * <p>Wrap a key.</p>
+   *
+   * <p>For compatibility this method is not declared
+   * <code>abstract</code>, and the default implementation will throw an
+   * {@link java.lang.UnsupportedOperationException}.</p>
+   *
+   * @param key The key to wrap.
+   * @return The wrapped key.
+   * @throws java.security.InvalidKeyException If the key cannot be
+   *         wrapped.
+   */
+  protected byte[] engineWrap(Key key) throws InvalidKeyException, IllegalBlockSizeException
+  {
+    throw new UnsupportedOperationException();
+  }
+}