[multiple changes]

2004-09-21  Andreas Tobler  <a.tobler@schweiz.ch>

	Import the big Crypto/Jessie/Security merge from Classpath.

	* Makefile.am: Add imported files.
	* Makefile.in: Regenerate.

	2004-08-14  Casey Marshall <csm@gnu.org>

	The Big Crypto Merge of 2004.

	* javax/security/auth/x500/X500Principal.java: Replaced with GNU
	Crypto's version.

	Files imported from GNU Crypto.
	* javax/crypto/BadPaddingException.java
	* javax/crypto/Cipher.java
	* javax/crypto/CipherInputStream.java
	* javax/crypto/CipherOutputStream.java
	* javax/crypto/CipherSpi.java
	* javax/crypto/EncryptedPrivateKeyInfo.java
	* javax/crypto/ExemptionMechanism.java
	* javax/crypto/ExemptionMechanismException.java
	* javax/crypto/ExemptionMechanismSpi.java
	* javax/crypto/IllegalBlockSizeException.java
	* javax/crypto/KeyAgreement.java
	* javax/crypto/KeyAgreementSpi.java
	* javax/crypto/KeyGenerator.java
	* javax/crypto/KeyGeneratorSpi.java
	* javax/crypto/Mac.java
	* javax/crypto/MacSpi.java
	* javax/crypto/Makefile.am
	* javax/crypto/NoSuchPaddingException.java
	* javax/crypto/NullCipher.java
	* javax/crypto/NullCipherImpl.java
	* javax/crypto/SealedObject.java
	* javax/crypto/SecretKey.java
	* javax/crypto/SecretKeyFactory.java
	* javax/crypto/SecretKeyFactorySpi.java
	* javax/crypto/ShortBufferException.java
	* javax/crypto/interfaces/DHKey.java
	* javax/crypto/interfaces/DHPrivateKey.java
	* javax/crypto/interfaces/DHPublicKey.java
	* javax/crypto/interfaces/PBEKey.java
	* javax/crypto/spec/DESKeySpec.java
	* javax/crypto/spec/DESedeKeySpec.java
	* javax/crypto/spec/DHGenParameterSpec.java
	* javax/crypto/spec/DHParameterSpec.java
	* javax/crypto/spec/DHPrivateKeySpec.java
	* javax/crypto/spec/DHPublicKeySpec.java
	* javax/crypto/spec/IvParameterSpec.java
	* javax/crypto/spec/PBEKeySpec.java
	* javax/crypto/spec/PBEParameterSpec.java
	* javax/crypto/spec/RC2ParameterSpec.java
	* javax/crypto/spec/RC5ParameterSpec.java
	* javax/crypto/spec/SecretKeySpec.java
	* javax/security/auth/AuthPermission.java
	* javax/security/auth/DestroyFailedException.java
	* javax/security/auth/Destroyable.java
	* javax/security/auth/Policy.java
	* javax/security/auth/PrivateCredentialPermission.java
	* javax/security/auth/RefreshFailedException.java
	* javax/security/auth/Refreshable.java
	* javax/security/auth/Subject.java
	* javax/security/auth/SubjectDomainCombiner.java
	* javax/security/auth/callback/Callback.java
	* javax/security/auth/callback/CallbackHandler.java
	* javax/security/auth/callback/ChoiceCallback.java
	* javax/security/auth/callback/ConfirmationCallback.java
	* javax/security/auth/callback/LanguageCallback.java
	* javax/security/auth/callback/NameCallback.java
	* javax/security/auth/callback/PasswordCallback.java
	* javax/security/auth/callback/TextInputCallback.java
	* javax/security/auth/callback/TextOutputCallback.java
	* javax/security/auth/callback/UnsupportedCallbackException.java
	* javax/security/auth/login/AccountExpiredException.java
	* javax/security/auth/login/AppConfigurationEntry.java
	* javax/security/auth/login/Configuration.java
	* javax/security/auth/login/CredentialExpiredException.java
	* javax/security/auth/login/FailedLoginException.java
	* javax/security/auth/login/LoginContext.java
	* javax/security/auth/login/LoginException.java
	* javax/security/auth/login/NullConfiguration.java
	* javax/security/auth/x500/X500PrivateCredential.java
	* javax/security/sasl/AuthenticationException.java
	* javax/security/sasl/AuthorizeCallback.java
	* javax/security/sasl/RealmCallback.java
	* javax/security/sasl/RealmChoiceCallback.java
	* javax/security/sasl/Sasl.java
	* javax/security/sasl/SaslClient.java
	* javax/security/sasl/SaslClientFactory.java
	* javax/security/sasl/SaslException.java
	* javax/security/sasl/SaslServer.java
	* javax/security/sasl/SaslServerFactory.java
	* org/ietf/jgss/ChannelBinding.java
	* org/ietf/jgss/GSSContext.java
	* org/ietf/jgss/GSSCredential.java
	* org/ietf/jgss/GSSException.java
	* org/ietf/jgss/GSSManager.java
	* org/ietf/jgss/GSSName.java
	* org/ietf/jgss/MessageProp.java
	* org/ietf/jgss/Oid.java
	* org/ietf/jgss/MessagesBundle.properties

	Files imported from Jessie <http://www.nongnu.org/jessie/>
	* javax/net/ServerSocketFactory.java
	* javax/net/SocketFactory.java
	* javax/net/VanillaServerSocketFactory.java
	* javax/net/VanillaSocketFactory.java
	* javax/net/ssl/HandshakeCompletedEvent.java
	* javax/net/ssl/HandshakeCompletedListener.java
	* javax/net/ssl/HostnameVerifier.java
	* javax/net/ssl/HttpsURLConnection.java
	* javax/net/ssl/KeyManager.java
	* javax/net/ssl/KeyManagerFactory.java
	* javax/net/ssl/KeyManagerFactorySpi.java
	* javax/net/ssl/ManagerFactoryParameters.java
	* javax/net/ssl/SSLContext.java
	* javax/net/ssl/SSLContextSpi.java
	* javax/net/ssl/SSLException.java
	* javax/net/ssl/SSLHandshakeException.java
	* javax/net/ssl/SSLKeyException.java
	* javax/net/ssl/SSLPeerUnverifiedException.java
	* javax/net/ssl/SSLPermission.java
	* javax/net/ssl/SSLProtocolException.java
	* javax/net/ssl/SSLServerSocket.java
	* javax/net/ssl/SSLServerSocketFactory.java
	* javax/net/ssl/SSLSession.java
	* javax/net/ssl/SSLSessionBindingEvent.java
	* javax/net/ssl/SSLSessionBindingListener.java
	* javax/net/ssl/SSLSessionContext.java
	* javax/net/ssl/SSLSocket.java
	* javax/net/ssl/SSLSocketFactory.java
	* javax/net/ssl/TrivialHostnameVerifier.java
	* javax/net/ssl/TrustManager.java
	* javax/net/ssl/TrustManagerFactory.java
	* javax/net/ssl/TrustManagerFactorySpi.java
	* javax/net/ssl/X509KeyManager.java
	* javax/net/ssl/X509TrustManager.java
	* javax/security/cert/Certificate.java
	* javax/security/cert/CertificateEncodingException.java
	* javax/security/cert/CertificateException.java
	* javax/security/cert/CertificateExpiredException.java
	* javax/security/cert/CertificateNotYetValidException.java
	* javax/security/cert/CertificateParsingException.java
	* javax/security/cert/X509CertBridge.java
	* javax/security/cert/X509Certificate.java

	2004-08-20  Casey Marshall  <csm@gnu.org>

	* java/security/cert/X509CRLSelector.java: New file.
	* java/security/cert/X509CertSelector.java: New file.

From-SVN: r87795

1 files changed, 414 insertions, 0 deletions

diff --git a/libjava/javax/crypto/Mac.java b/libjava/javax/crypto/Mac.java
new file mode 100644
index 0000000..55f5be6
--- /dev/null
+++ b/libjava/javax/crypto/Mac.java
@@ -0,0 +1,414 @@
+/* Mac.java -- The message authentication code interface.
+   Copyright (C) 2004  Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package javax.crypto;
+
+import java.lang.reflect.InvocationTargetException;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Provider;
+import java.security.Security;
+import java.security.spec.AlgorithmParameterSpec;
+
+import gnu.java.security.Engine;
+
+/**
+ * This class implements a "message authentication code" (MAC), a method
+ * to ensure the integrity of data transmitted between two parties who
+ * share a common secret key.
+ *
+ * <p>The best way to describe a MAC is as a <i>keyed one-way hash
+ * function</i>, which looks like:
+ *
+ * <blockquote><p><code>D = MAC(K, M)</code></blockquote>
+ *
+ * <p>where <code>K</code> is the key, <code>M</code> is the message,
+ * and <code>D</code> is the resulting digest. One party will usually
+ * send the concatenation <code>M || D</code> to the other party, who
+ * will then verify <code>D</code> by computing <code>D'</code> in a
+ * similar fashion. If <code>D == D'</code>, then the message is assumed
+ * to be authentic.
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class Mac implements Cloneable
+{
+
+  // Fields.
+  // ------------------------------------------------------------------------
+
+  private static final String SERVICE = "Mac";
+
+  /** The underlying MAC implementation. */
+  private MacSpi macSpi;
+
+  /** The provider we got our implementation from. */
+  private Provider provider;
+
+  /** The name of the algorithm. */
+  private String algorithm;
+
+  /** Whether or not we've been initialized. */
+  private boolean virgin;
+
+  // Constructor.
+  // ------------------------------------------------------------------------
+
+  /**
+   * Creates a new Mac instance.
+   *
+   * @param macSpi    The underlying MAC implementation.
+   * @param provider  The provider of this implementation.
+   * @param algorithm The name of this MAC algorithm.
+   */
+  protected Mac(MacSpi macSpi, Provider provider, String algorithm)
+  {
+    this.macSpi = macSpi;
+    this.provider = provider;
+    this.algorithm = algorithm;
+    virgin = true;
+  }
+
+  // Class methods.
+  // ------------------------------------------------------------------------
+
+  /**
+   * Get an instance of the named algorithm from the first provider with
+   * an appropriate implementation.
+   *
+   * @param algorithm The name of the algorithm.
+   * @return An appropriate Mac instance, if the specified algorithm
+   *         is implemented by a provider.
+   * @throws java.security.NoSuchAlgorithmException If no implementation
+   *         of the named algorithm is installed.
+   */
+  public static final Mac getInstance(String algorithm)
+    throws NoSuchAlgorithmException
+  {
+    Provider[] provs = Security.getProviders();
+    String msg = "";
+    for (int i = 0; i < provs.length; i++)
+      {
+        try
+          {
+            return getInstance(algorithm, provs[i]);
+          }
+        catch (NoSuchAlgorithmException nsae)
+          {
+            msg = nsae.getMessage();
+          }
+      }
+    throw new NoSuchAlgorithmException(msg);
+  }
+
+  /**
+   * Get an instance of the named algorithm from the named provider.
+   *
+   * @param algorithm The name of the algorithm.
+   * @param provider  The name of the provider.
+   * @return An appropriate Mac instance, if the specified algorithm is
+   *         implemented by the named provider.
+   * @throws java.security.NoSuchAlgorithmException If the named provider
+   *         has no implementation of the algorithm.
+   * @throws java.security.NoSuchProviderException If the named provider
+   *         does not exist.
+   */
+  public static final Mac getInstance(String algorithm, String provider)
+    throws NoSuchAlgorithmException, NoSuchProviderException
+  {
+    Provider p = Security.getProvider(provider);
+    if (p == null)
+      {
+        throw new NoSuchProviderException(provider);
+      }
+    return getInstance(algorithm, p);
+  }
+
+  /**
+   * Get an instance of the named algorithm from a provider.
+   *
+   * @param algorithm The name of the algorithm.
+   * @param provider  The provider.
+   * @return An appropriate Mac instance, if the specified algorithm is
+   *         implemented by the provider.
+   * @throws java.security.NoSuchAlgorithmException If the provider
+   *         has no implementation of the algorithm.
+   */
+  public static final Mac getInstance(String algorithm, Provider provider)
+    throws NoSuchAlgorithmException
+  {
+    try
+      {
+        return new Mac((MacSpi) Engine.getInstance(SERVICE, algorithm, provider),
+                       provider, algorithm);
+      }
+    catch (InvocationTargetException ite)
+      {
+        if (ite.getCause() == null)
+          throw new NoSuchAlgorithmException(algorithm);
+        if (ite.getCause() instanceof NoSuchAlgorithmException)
+          throw (NoSuchAlgorithmException) ite.getCause();
+        throw new NoSuchAlgorithmException(algorithm);
+      }
+    catch (ClassCastException cce)
+      {
+        throw new NoSuchAlgorithmException(algorithm);
+      }
+  }
+
+  // Instance methods.
+  // ------------------------------------------------------------------------
+
+  /**
+   * Finishes the computation of a MAC and returns the digest.
+   *
+   * <p>After this method succeeds, it may be used again as just after a
+   * call to <code>init</code>, and can compute another MAC using the
+   * same key and parameters.
+   *
+   * @return The message authentication code.
+   * @throws java.lang.IllegalStateException If this instnace has not
+   *         been initialized.
+   */
+  public final byte[] doFinal() throws IllegalStateException
+  {
+    if (virgin)
+      {
+        throw new IllegalStateException("not initialized");
+      }
+    byte[] digest = macSpi.engineDoFinal();
+    reset();
+    return digest;
+  }
+
+  /**
+   * Finishes the computation of a MAC with a final byte array (or
+   * computes a MAC over those bytes only) and returns the digest.
+   *
+   * <p>After this method succeeds, it may be used again as just after a
+   * call to <code>init</code>, and can compute another MAC using the
+   * same key and parameters.
+   *
+   * @param input The bytes to add.
+   * @return The message authentication code.
+   * @throws java.lang.IllegalStateException If this instnace has not
+   *         been initialized.
+   */
+  public final byte[] doFinal(byte[] input) throws IllegalStateException
+  {
+    update(input);
+    byte[] digest = macSpi.engineDoFinal();
+    reset();
+    return digest;
+  }
+
+  /**
+   * Finishes the computation of a MAC and places the result into the
+   * given array.
+   *
+   * <p>After this method succeeds, it may be used again as just after a
+   * call to <code>init</code>, and can compute another MAC using the
+   * same key and parameters.
+   *
+   * @param output    The destination for the result.
+   * @param outOffset The index in the output array to start.
+   * @return The message authentication code.
+   * @throws java.lang.IllegalStateException If this instnace has not
+   *         been initialized.
+   * @throws javax.crypto.ShortBufferException If <code>output</code> is
+   *         not large enough to hold the result.
+   */
+  public final void doFinal(byte[] output, int outOffset)
+  throws IllegalStateException, ShortBufferException
+  {
+    if (virgin)
+      {
+        throw new IllegalStateException("not initialized");
+      }
+    if (output.length - outOffset < getMacLength())
+      {
+        throw new ShortBufferException();
+      }
+    byte[] mac = macSpi.engineDoFinal();
+    System.arraycopy(mac, 0, output, outOffset, getMacLength());
+    reset();
+  }
+
+  /**
+   * Returns the name of this MAC algorithm.
+   *
+   * @return The MAC name.
+   */
+  public final String getAlgorithm()
+  {
+    return algorithm;
+  }
+
+  /**
+   * Get the size of the MAC. This is the size of the array returned by
+   * {@link #doFinal()} and {@link #doFinal(byte[])}, and the minimum
+   * number of bytes that must be available in the byte array passed to
+   * {@link #doFinal(byte[],int)}.
+   *
+   * @return The MAC length.
+   */
+  public int getMacLength()
+  {
+    return macSpi.engineGetMacLength();
+  }
+
+  /**
+   * Get the provider of the underlying implementation.
+   *
+   * @return The provider.
+   */
+  public final Provider getProvider()
+  {
+    return provider;
+  }
+
+  /**
+   * Initialize this MAC with a key and no parameters.
+   *
+   * @param key The key to initialize this instance with.
+   * @throws java.security.InvalidKeyException If the key is
+   *         unacceptable.
+   */
+  public final void init(Key key) throws InvalidKeyException
+  {
+    try
+      {
+        init(key, null);
+      }
+    catch (InvalidAlgorithmParameterException iape)
+      {
+        throw new IllegalArgumentException(algorithm + " needs parameters");
+      }
+  }
+
+  /**
+   * Initialize this MAC with a key and parameters.
+   *
+   * @param key    The key to initialize this instance with.
+   * @param params The algorithm-specific parameters.
+   * @throws java.security.InvalidAlgorithmParameterException If the
+   *         algorithm parameters are unacceptable.
+   * @throws java.security.InvalidKeyException If the key is
+   *         unacceptable.
+   */
+  public final void init(Key key, AlgorithmParameterSpec params)
+    throws InvalidAlgorithmParameterException, InvalidKeyException
+  {
+    macSpi.engineInit(key, params);
+    virgin = false;                      // w00t!
+  }
+
+  /**
+   * Reset this instance. A call to this method returns this instance
+   * back to the state it was in just after it was initialized.
+   */
+  public final void reset()
+  {
+    macSpi.engineReset();
+  }
+
+  /**
+   * Update the computation with a single byte.
+   *
+   * @param input The next byte.
+   * @throws java.lang.IllegalStateException If this instance has not
+   *         been initialized.
+   */
+  public final void update(byte input) throws IllegalStateException
+  {
+    if (virgin)
+      {
+        throw new IllegalStateException("not initialized");
+      }
+    macSpi.engineUpdate(input);
+  }
+
+  /**
+   * Update the computation with a byte array.
+   *
+   * @param input The next bytes.
+   * @throws java.lang.IllegalStateException If this instance has not
+   *         been initialized.
+   */
+  public final void update(byte[] input) throws IllegalStateException
+  {
+    update(input, 0, input.length);
+  }
+
+  /**
+   * Update the computation with a portion of a byte array.
+   *
+   * @param input  The next bytes.
+   * @param offset The index in <code>input</code> to start.
+   * @param length The number of bytes to update.
+   * @throws java.lang.IllegalStateException If this instance has not
+   *         been initialized.
+   */
+  public final void update(byte[] input, int offset, int length)
+    throws IllegalStateException
+  {
+    if (virgin)
+      {
+        throw new IllegalStateException("not initialized");
+      }
+    macSpi.engineUpdate(input, offset, length);
+  }
+
+  /**
+   * Clone this instance, if the underlying implementation supports it.
+   *
+   * @return A clone of this instance.
+   * @throws java.lang.CloneNotSupportedException If the underlying
+   *         implementation is not cloneable.
+   */
+  public Object clone() throws CloneNotSupportedException
+  {
+    Mac result = new Mac((MacSpi) macSpi.clone(), provider, algorithm);
+    result.virgin = virgin;
+    return result;
+  }
+}